985 matches found
CVE-2015-0837
The mpipowm function in Libgcrypt before 1.6.3 and GnuPG before 1.4.19 allows attackers to obtain sensitive information by leveraging timing differences when accessing a pre-computed table during modular exponentiation, related to a "Last-Level Cache Side-Channel Attack."...
POC-T
This is a Python-based penetration testing framework called POC-T. It is a concurrent framework that allows users to perform various types of attacks, including vulnerability verification, file upload, weak password cracking, and more. The framework has a modular design, with each module...
Ubuntu 16.04 LTS : Linux kernel vulnerability (USN-4186-3)
The remote Ubuntu 16.04 LTS host has a package installed that is affected by a vulnerability as referenced in the USN-4186-3 advisory. USN-4186-1 fixed vulnerabilities in the Linux kernel. It was discovered that the kernel fix for CVE-2019-0155 i915 missing Blitter Command Streamer check was...
yum security, bug fix, and enhancement update
createrepoc 0.11.0-3 - Backport patch to switch off timestamps on documentation in order to remove file conflicts RhBug:1738788 0.11.0-2 - Consistently produce valid URLs by prepending protocol. RhBug:1632121 - modifyrepoc: Prevent doubling of compression test.gz.gz RhBug:1639287 - Correct pkg...
USN-4185-2: Linux kernel (Azure) vulnerabilities
Stephan van Schaik, Alyssa Milburn, Sebastian Österlund, Pietro Frigo, Kaveh Razavi, Herbert Bos, Cristiano Giuffrida, Giorgi Maisuradze, Moritz Lipp, Michael Schwarz, Daniel Gruss, and Jo Van Bulck discovered that Intel processors using Transactional Synchronization Extensions TSX could expose...
Ubuntu 16.04 LTS : Linux kernel vulnerabilities (USN-4186-1)
The remote Ubuntu 16.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-4186-1 advisory. Stephan van Schaik, Alyssa Milburn, Sebastian sterlund, Pietro Frigo, Kaveh Razavi, Herbert Bos, Cristiano Giuffrida, Giorgi Maisuradze, Moritz Lipp,...
[SECURITY] Fedora 31 Update: unbound-1.9.4-1.fc31
Unbound is a validating, recursive, and caching DNSSEC resolver. The C implementation of Unbound is developed and maintained by NLnet Labs. It is based on ideas and algorithms taken from a java prototype developed by Verisign labs, Nominet, Kirei and ep.net. Unbound is designed as a set of modula...
HomePwn - Swiss Army Knife for Pentesting of IoT Devices
HomePwn is a framework that provides features to audit and pentesting devices that company employees can use in their day-to-day work and inside the same working environment. It is designed to find devices in the home or office, take advantage of certain vulnerabilities to read or send data to...
Security Bulletin: A vulnerability in Open Source Botan affects IBM Netezza Platform Software clients (CVE-2016-2849).
Summary Open Source Botan is used by IBM Netezza Platform Software . IBM Netezza Platform Software has addressed the applicable CVE. Vulnerability Details CVEID: CVE-2016-2849 DESCRIPTION: Botan could allow a remote attacker to obtain sensitive information, caused by the failure to use a...
Sophisticated Spy Kit Targets Russians with Rare GSM Plugin
A sophisticated cyberespionage platform called Attor has come to light, sporting an unusual capability for fingerprinting mobile devices as part of its attacks on government and diplomatic victims. According to researchers at ESET, Attor, which has flown under the radar since at least 2013, also...
Maryam - Open-source intelligence (OSINT) Framework
Maryam is a full-featured open-source intelligenceOSINT framework written in Python. Complete with independent modules, built in functions, interactive help, and command completion, provides a command-line environment for used forensic and open-source intelligenceOSINT. Maryam is a completely...
Microsoft Windows cryptoapi - SymCrypt Modular Inverse Algorithm Denial of Service
Microsoft Windows cryptoapi - SymCrypt Modular Inverse Algorithm Denial of Service There's a bug in the SymCrypt multi-precision arithmetic routines that can cause an infinite loop when calculating the modular inverse on specific bit patterns with bcryptprimitives!SymCryptFdefModInvGeneric. I've...
Microsoft Windows cryptoapi - SymCrypt Modular Inverse Algorithm Denial of Service
There's a bug in the SymCrypt multi-precision arithmetic routines that can cause an infinite loop when calculating the modular inverse on specific bit patterns with bcryptprimitives!SymCryptFdefModInvGeneric. I've been able to construct an X.509 certificate that triggers the bug. I've found that...
ArmourBird CSF - Container Security Framework
ArmourBird CSF - Container Security Framework is an extensible, modular, API-first framework build for regular security monitoring of docker installations and containers against CIS and other custom security checks. ArmourBird CSF has a client-server architecture and is thus divided into two...
Siemens SCALANCE XM408-4C Managed Modular IE Switch
Binary data 765086.prm...
Siemens SCALANCE XM408-4C Managed Modular IE Switch
Binary data 765085.prm...
Siemens SCALANCE XM416-4C Managed Modular IE Switch
Binary data 765089.prm...
Siemens SCALANCE XM416-4C Managed Modular IE Switch
Binary data 765088.prm...
Siemens SCALANCE XM408-8C Managed Modular IE Switch
Binary data 765087.prm...
Siemens SCALANCE XM408-8C Managed Modular IE Switch
Binary data 765084.prm...