789 matches found
Confide Updates App After Critical Security Issues Are Raised
The makers of the popular messaging app Confide said Wednesday that it has patched multiple security vulnerabilities that could have allowed hackers to intercept messages sent using its secure end-to-end messaging platform. The flaws were identified in two separate reports, both released Wednesda...
CVE-2016-3127
An information disclosure vulnerability in the logging implementation of BlackBerry Good Control Server versions earlier than 2.3.53.62 allows remote attackers to gain and use logged encryption keys to access certain resources within a customer's Good deployment by gaining access to certain...
Information disclosure
An information disclosure vulnerability in the logging implementation of BlackBerry Good Control Server versions earlier than 2.3.53.62 allows remote attackers to gain and use logged encryption keys to access certain resources within a customer's Good deployment by gaining access to certain...
CVE-2016-3127
An information disclosure vulnerability in the logging implementation of BlackBerry Good Control Server versions earlier than 2.3.53.62 allows remote attackers to gain and use logged encryption keys to access certain resources within a customer's Good deployment by gaining access to certain...
CVE-2016-3127
An information disclosure vulnerability in the logging implementation of BlackBerry Good Control Server versions earlier than 2.3.53.62 allows remote attackers to gain and use logged encryption keys to access certain resources within a customer's Good deployment by gaining access to certain...
CVE-2016-3127
The CVE-2016-3127 issue affects BlackBerry Good Control Server prior to version 2.3.53.62. A information-disclosure vulnerability exists in the logging implementation, where remote attackers could gain and reuse logged encryption keys by accessing certain diagnostic log files, either through a va...
Cloudbleed Bug Leaks Sensitive Cloudflare Customer Data
The Cloudflare content delivery network for months has been leaking customer data, everything from private messages to encryption keys and credentials belonging to users of some of the Internet’s biggest properties. The vulnerability has been addressed, Cloudflare CTO John Graham-Cumming said, bu...
Zeroshell 3.6.03.7.0 Net Services - Remote Code Execution
Zeroshell 3.6.03.7.0 Net Services - Remote Code Execution Exploit Title: Zeroshell - Net Services Unauthenticated Remote Code Execution | RCE Date: 13.01.2017 Exploit Author: Ozer Goker Vendor Homepage: http://www.zeroshell.org Software Link: www.zeroshell.org/download/ Version: 3.6.0 & 3.7.0...
Zeroshell 3.6.0 / 3.7.0 Remote Code Execution
Exploit Title: Zeroshell - Net Services Unauthenticated Remote Code Execution | RCE Date: 13.01.2017 Exploit Author: Ozer Goker Vendor Homepage: http://www.zeroshell.org Software Link: www.zeroshell.org/download/ Version: 3.6.0 & 3.7.0 Introduction Zeroshell is a small Linux distribution for...
Zeroshell 3.6.0/3.7.0 Net Services - Remote Code Execution
Exploit Title: Zeroshell - Net Services Unauthenticated Remote Code Execution | RCE Date: 13.01.2017 Exploit Author: Ozer Goker Vendor Homepage: http://www.zeroshell.org Software Link: www.zeroshell.org/download/ Version: 3.6.0 & 3.7.0 Introduction Zeroshell is a small Linux distribution for...
CVE-2016-4443
Red Hat Enterprise Virtualization RHEV Manager 3.6 allows local users to obtain encryption keys, certificates, and other sensitive information by reading the engine-setup log file...
Code injection
Red Hat Enterprise Virtualization RHEV Manager 3.6 allows local users to obtain encryption keys, certificates, and other sensitive information by reading the engine-setup log file...
CVE-2016-4443
The CVE-2016-4443 issue affects Red Hat Virtualization Manager (RHEV/RHV) 3.6. A local attacker could read the engine-setup log file and obtain sensitive data, including encryption keys and certificates, due to improper logging of setup results. The root cause is leakage of confidential informati...
PT-2016-5960 · Red Hat · Red Hat Enterprise Virtualization Manager
Name of the Vulnerable Software and Affected Versions: Red Hat Enterprise Virtualization RHEV Manager version 3.6 Description: The issue allows local users to access sensitive information, including encryption keys and certificates, by reading the engine-setup log file. Recommendations: For Red H...
MGASA-2016-0387 Updated dracut packages fix security vulnerability
A local information disclosure issue was found in dracut when generating initramfs images with world-readable permissions when "early cpio" is used, such as when including microcode updates. Local attacker can use this to obtain sensitive information from these files, such as encryption keys or...
Updated dracut packages fix security vulnerability
A local information disclosure issue was found in dracut when generating initramfs images with world-readable permissions when "early cpio" is used, such as when including microcode updates. Local attacker can use this to obtain sensitive information from these files, such as encryption keys or...
CVE-2016-8637
A local information disclosure issue was found in dracut before 045 when generating initramfs images with world-readable permissions when 'early cpio' is used, such as when including microcode updates. Local attacker can use this to obtain sensitive information from these files, such as encryptio...
Magento Community Edition 2.x < 2.0.4 Multiple Vulnerabilities
Binary data 9693.prm...
CVE-2015-8086
Huawei AR routers with software before V200R007C00SPC100; Quidway S9300 routers with software before V200R009C00; S12700 routers with software before V200R008C00SPC500; S9300, Quidway S5300, and S5300 routers with software before V200R007C00; and S5700 routers with software before V200R007C00SPC5...
Design/Logic Flaw
Huawei AR routers with software before V200R007C00SPC100; Quidway S9300 routers with software before V200R009C00; S12700 routers with software before V200R008C00SPC500; S9300, Quidway S5300, and S5300 routers with software before V200R007C00; and S5700 routers with software before V200R007C00SPC5...