985 matches found
The vulnerability of the BN_mod_exp function (crypto/bn/asm/x86_64-mont5.pl) in the OpenSSL library, which allows a perpetrator to gain unauthorized access to confidential data
The vulnerability of the BNmodexp function crypto/bn/asm/x8664-mont5.pl in the OpenSSL library is related to the lack of protection for service data. Exploiting this vulnerability could allow a remote attacker to gain unauthorized access to confidential data...
DEBIAN-CVE-2020-11735
The private-key operations in ecc.c in wolfSSL before 4.4.0 do not use a constant-time modular inverse when mapping to affine coordinates, aka a "projective coordinates leak."...
UBUNTU-CVE-2020-11735
The private-key operations in ecc.c in wolfSSL before 4.4.0 do not use a constant-time modular inverse when mapping to affine coordinates, aka a "projective coordinates leak."...
InvisiMole Hackers Target High-Profile Military and Diplomatic Entities
Cybersecurity researchers today uncovered the modus operandi of an elusive threat group that hacks into the high-profile military and diplomatic entities in Eastern Europe for espionage. The findings are part of a collaborative analysis by cybersecurity firm ESET and the impacted firms, resulting...
EulerOS 2.0 SP2 : libgcrypt (EulerOS-SA-2020-1672)
According to the versions of the libgcrypt packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Libgcrypt before 1.6.3 and GnuPG before 1.4.19 does not implement ciphertext blinding for Elgamal decryption, which allows physically proxima...
Fsociety - A Modular Penetration Testing Framework
Install pip install fsociety Update pip install --upgrade fsociety Usage usage: fsociety -h -i -s A Penetration Testing Framework optional arguments: -h, --help show this help message and exit -i, --info gets fsociety info -s, --suggest suggest a tool Develop git clone...
Fedora: Security Advisory for unbound (FEDORA-2020-8e9b62948e)
The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
FinalRecon - The Last Web Recon Tool You'll Need
FinalRecon is a fast and simple python script for web reconnaissance. It follows a modular structure so in future new modules can be added with ease. Featured NullByte https://null-byte.wonderhowto.com/how-to/conduct-recon-web-target-with-python-tools-0198114/...
Low: irssi security update
Irssi is a modular IRC client with Perl scripting. Security Fixes: irssi: use after free when sending SASL login to server CVE-2019-13045 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE pages listed i...
Nullscan - A Modular Framework Designed To Chain And Automate Security Tests
A modular framework designed to chain and automate security tests. It parses target definitions from the command line and runs corresponding modules and their nullscan-tools afterwards. It can also take hosts and start nmap first in order to perform a basic portscan and run the modules afterwards...
Intel Modular Server MFS2600KISPP Compute Module Buffer Overflow Vulnerability
Intel Modular Server MFS2600KISPP Compute Module is a computing module from Intel Corporation USA. A buffer error vulnerability exists in the Intel Modular Server MFS2600KISPP Compute Module. A remote attacker could exploit this vulnerability to cause a denial of service via a specially crafted...
Intel Modular Server MFS2600KISPP Compute Module elevation of privilege vulnerability (CNVD-2020-28230)
Intel Modular Server MFS2600KISPP Compute Module is a computing module from Intel Corporation USA. A security vulnerability exists in Intel Modular Server MFS2600KISPP Compute Module, which stems from a failure of proper access control. The vulnerability can be exploited by an attacker to elevate...
Intel Modular Server MFS2600KISPP Compute Module Elevation of Privilege Vulnerability
Intel Modular Server MFS2600KISPP Compute Module is a computing module from Intel Corporation USA. A security vulnerability exists in Intel Modular Server MFS2600KISPP Compute Module. An attacker in close physical proximity could exploit the vulnerability to elevate privileges...
CVE-2020-0578
Improper conditions check for IntelR Modular Server MFS2600KISPP Compute Module may allow an unauthenticated user to potentially enable escalation of privilege via adjacent access...
CVE-2020-0577
Insufficient control flow for IntelR Modular Server MFS2600KISPP Compute Module may allow an unauthenticated user to potentially enable escalation of privilege via adjacent access...
CVE-2020-0576
Buffer overflow in IntelR Modular Server MFS2600KISPP Compute Module may allow an unauthenticated user to potentially enable denial of service via adjacent access...
Buffer overflow
Buffer overflow in IntelR Modular Server MFS2600KISPP Compute Module may allow an unauthenticated user to potentially enable denial of service via adjacent access...
Input validation
Improper conditions check for IntelR Modular Server MFS2600KISPP Compute Module may allow an unauthenticated user to potentially enable escalation of privilege via adjacent access...
Buffer overflow
Insufficient control flow for IntelR Modular Server MFS2600KISPP Compute Module may allow an unauthenticated user to potentially enable escalation of privilege via adjacent access...
CVE-2020-0577
Intel Modular Server MFS2600KI Compute Module is affected by CVE-2020-0577 due to insufficient control flow, allowing an unauthenticated user to potentially escalate privileges via adjacent access. The Intel advisory also covers CVE-2020-0576 and CVE-2020-0578 on the same module. The advisory sta...