About the security content of iCloud for Windows 7.5

About the security content of iCloud for Windows 7.5 This document describes the security content of iCloud for Windows 7.5. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or...

Opera asks for my keychain password on macOS – what do I do? Opera 53 has a new signing certificate

Security Opera asks for my keychain password on macOS – what do I do? Opera 53 has a new signing certificate Share May 30th, 2018 Hello, We would like to let you know that we have updated our software signing certificate from Opera Software ASA to Opera Software AS. This is why your macOS is aski...

Ionic Team Cordova plugin iOS Keychain Information Disclosure Vulnerability

Ionic Team Cordova plugin iOS Keychain is an open source Cordova mobile application development platform plugin for iOS password manager. Ionic Team Cordova plugin iOS Keychain commit 18233ca25dfa92cca018b9c0935f43f78fd77fbf An information disclosure vulnerability exists in the CDVKeychain.m file...

Information Disclosure Through Log Files

cordova-plugin-ios-keychain is vulnerable to information disclosure through log files. The vulnerability exists as the plugin logs sensitive information in plaintext, allowing attackers to obtain them...

Information disclosure

Ionic Team Cordova plugin iOS Keychain version before commit 18233ca25dfa92cca018b9c0935f43f78fd77fbf contains an Information Exposure Through Log Files CWE-532 vulnerability in CDVKeychain.m that can result in login, password and other sensitive data leakage. This attack appear to be exploitable...

CVE-2018-1000123

Ionic Team Cordova plugin iOS Keychain version before commit 18233ca25dfa92cca018b9c0935f43f78fd77fbf contains an Information Exposure Through Log Files CWE-532 vulnerability in CDVKeychain.m that can result in login, password and other sensitive data leakage. This attack appear to be exploitable...

CVE-2018-1000123

The vulnerability CVE-2018-1000123 affects the Ionic Cordova plugin for iOS Keychain, specifically the CDVKeychain.m file in versions before commit 18233ca25dfa92cca018b9c0935f43f78fd77fbf. It describes an Information Exposure Through Log Files (CWE-532) that can leak login credentials and other ...

CVE-2017-17300

Huawei S12700 V200R008C00, V200R009C00, S5700 V200R007C00, V200R008C00, V200R009C00, S6700 V200R008C00, V200R009C00, S7700 V200R008C00, V200R009C00, S9700 V200R008C00, V200R009C00 have a numeric errors vulnerability. An unauthenticated, remote attacker may send specific TCP messages with keychain...

CVE-2017-17300

Huawei S12700 V200R008C00, V200R009C00, S5700 V200R007C00, V200R008C00, V200R009C00, S6700 V200R008C00, V200R009C00, S7700 V200R008C00, V200R009C00, S9700 V200R008C00, V200R009C00 have a numeric errors vulnerability. An unauthenticated, remote attacker may send specific TCP messages with keychain...

CVE-2017-17300

The CVE-2017-17300 entry describes a numeric errors vulnerability affecting Huawei routing switches, including S12700, S5700, S6700, S7700, and S9700 series (V200R00xC00). An unauthenticated, remote attacker can send specially crafted TCP messages with the keychain authentication option; improper...

Numerical Calculation Error Vulnerability in Multiple Huawei Router Products

Huawei S12700 and others are intelligent routing switches from Huawei China. A numeric miscalculation vulnerability exists in several Huawei router products, which stems from the program failing to adequately validate messages. The vulnerability can be exploited to cause a reset of the affected...

Security Advisory - Numeric Errors Vulnerability in Some Huawei Routers

Some Huawei routers have a numeric errors vulnerability. An unauthenticated, remote attacker may send specific TCP messages with keychain authentication option to the affected products. Due to the improper validation of the messages, it will cause numeric errors when handling the messages...

Sera 1.2 - Local root Privilege Escalation / Password Disclosure Exploit

Exploit for macOS platform in category local exploits Sera is a free app for mac and iOS that lets you unlock your mac automatically when your iphone is within a configured proximity. Unfortunately to facilitate this it stores the users login password in their home directory at:...

Sera 1.2 - Local Privilege Escalation / Password Disclosure

Sera is a free app for mac and iOS that lets you unlock your mac automatically when your iphone is within a configured proximity. Unfortunately to facilitate this it stores the users login password in their home directory at: /Library/Preferences/no.ignitum.SeraOSX.plist This makes root privilege...

Sera 1.2 - Local Privilege Escalation Password Disclosure

Sera 1.2 - Local Privilege Escalation Password Disclosure Sera is a free app for mac and iOS that lets you unlock your mac automatically when your iphone is within a configured proximity. Unfortunately to facilitate this it stores the users login password in their home directory at:...

Sera 1.2 Local Root / Password Disclosure Exploit

Sera version 1.2 suffers from a password disclosure that can allow for root privilege escalation. Sera is a free app for mac and iOS that lets you unlock your mac automatically when your iphone is within a configured proximity. Unfortunately to facilitate this it stores the users login password i...

Sera Information Disclosure Vulnerability

Sera is an app for Mac and iOS that lets you automatically unlock your Mac when your own iPhone is within configured proximity. An information disclosure vulnerability exists in Sera 1.2. The vulnerability arises because Sera stores a user's login password in plain text in its home directory. A...

Sera 1.2 Local Root / Password Disclosure

Sera is a free app for mac and iOS that lets you unlock your mac automatically when your iphone is within a configured proximity. Unfortunately to facilitate this it stores the users login password in their home directory at: /Library/Preferences/no.ignitum.SeraOSX.plist This makes root privilege...

CVE-2017-15918

Sera 1.2 stores the user's login password in plain text in their home directory. This makes privilege escalation trivial and also exposes the user and system keychains to local attacks...

CVE-2017-7146

An issue was discovered in certain Apple products. iOS before 11 is affected. The issue involves the "Security" component. It allows attackers to track users across installs via a crafted app that leverages Keychain data mishandling...