49 matches found
CVE-2019-1630
A vulnerability in the firmware signature checking program of Cisco Integrated Management Controller IMC could allow an authenticated, local attacker to cause a buffer overflow, resulting in a denial of service DoS condition. The vulnerability is due to insufficient checking of an input buffer. A...
CVE-2019-1630
Cisco CVE-2019-1630 is a denial-of-service vulnerability in the firmware signature checking program of Cisco Integrated Management Controller (IMC). A local, authenticated attacker can trigger a buffer overflow by supplying a crafted file, potentially inhibiting an administrator’s access to the s...
CVE-2019-1630 Cisco Integrated Management Controller Denial of Service Vulnerability
A vulnerability in the firmware signature checking program of Cisco Integrated Management Controller IMC could allow an authenticated, local attacker to cause a buffer overflow, resulting in a denial of service DoS condition. The vulnerability is due to insufficient checking of an input buffer. A...
Cisco Integrated Management Controller Denial of Service Vulnerability
A vulnerability in the firmware signature checking program of Cisco Integrated Management Controller IMC could allow an authenticated, local attacker to cause a buffer overflow, resulting in a denial of service DoS condition. The vulnerability is due to insufficient checking of an input buffer. A...
Code injection
In HP LaserJet Enterprise, HP PageWide Enterprise, HP LaserJet Managed, and HP OfficeJet Enterprise Printers, solution application signature checking may allow potential execution of arbitrary code...
CVE-2018-5923
In HP LaserJet Enterprise, HP PageWide Enterprise, HP LaserJet Managed, and HP OfficeJet Enterprise Printers, solution application signature checking may allow potential execution of arbitrary code...
CVE-2018-5923
In HP LaserJet Enterprise, HP PageWide Enterprise, HP LaserJet Managed, and HP OfficeJet Enterprise Printers, solution application signature checking may allow potential execution of arbitrary code...
System x Secure Boot Vulnerability - US
Lenovo Security Advisory: LEN-20241 Potential Impact: Booting unauthenticated code Severity: High Scope of Impact: Lenovo-only CVE Identifier: CVE-2017-3775 Summary Description: Lenovo internal testing discovered some System x server BIOS/UEFI versions that, when Secure Boot mode is enabled by a...
Microsoft Windows PPL Process Injection Privilege Escalation Exploit
Exploit for windows platform in category dos / poc Windows: PPL Process Injection EoP Platform: Windows 10 1703 x64 Class: Elevation of Privilege Summary: It’s possible to inject code into a PPL protected process by hijacking COM objects leading to accessing PPL processes such as Lsa and...
VirtualBox 5.0.32 r112930 x64 - Windows Process COM Injection Privilege Escalation Exploit
Exploit for windows platform in category local exploits Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1103 VirtualBox: Windows Process COM Injection EoP Platform: VirtualBox v5.0.32 r112930 x64 Tested on Windows 10 Class: Elevation of Privilege Summary: The process hardening...
Oracle VM VirtualBox 5.0.32 r112930 (x64) - Windows Process COM Injection Privilege Escalation
Oracle VM VirtualBox 5.0.32 r112930 x64 - Windows Process COM Injection Privilege Escalation Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1103 VirtualBox: Windows Process COM Injection EoP Platform: VirtualBox v5.0.32 r112930 x64 Tested on Windows 10 Class: Elevation of...
SUSE-SU-2017:0346-1 Security update for java-1_8_0-openjdk
This update for java-180-openjdk fixes the following issues: Oracle Critical Patch Update of January 2017 bsc1020905 Upgrade to version jdk8u121 icedtea 3.3.0: - S8138725: Add options for Javadoc generation - S8140353: Improve signature checking - S8151934, CVE-2017-3231: Resolve class resolution...
MGASA-2016-0366 This update of rpm fixes several security issues
All of those fixes were already backported in Mageia but for : - Fix out-of-bounds read on signature checking of malformed package RhBug:1373107...
This update of rpm fixes several security issues
All of those fixes were already backported in Mageia but for : - Fix out-of-bounds read on signature checking of malformed package RhBug:1373107...
By hungry cryptography misuse of the actuator to bypass the defense talking about the android cryptographic vulnerability-the vulnerability warning-the black bar safety net
Cryptography is misused in the app is a big problem, almost all apk's checksum algorithm can be simulated Hungry the algorithm robustness and concealment was good, the proposed terms is in order to prove that the signature checking mechanism of the vulnerable Although presented to the hungry, but...
OracleVM 3.3 : rpm (OVMSA-2014-0083)
The remote OracleVM system is missing necessary patches to address critical security updates : - Fix race condidition where unchecked data is exposed in the file system CVE-2013-64351163059 - Fix thinko in the non-root python byte-compilation fix - Byte-compile versioned python libdirs in non-roo...
openSUSE Security Update : perl-Module-Signature (openSUSE-SU-2013:1178-1)
perl-Module-Signature was updated to 0.73, fixing bugs and security issues : Security fix for code execution in signature checking : - fix for bnc828010 CVE-2013-2145 - Properly redo the previous fix using File::Spec-filenameisabsolute. - Changes for 0.72 - Wed Jun 5 23:19:02 CST 2013 - Only allo...
Design/Logic Flaw
The SSLVerifySignedServerKeyExchange function in libsecurityssl/lib/sslKeyExchange.c in the Secure Transport feature in the Data Security component in Apple iOS 6.x before 6.1.6 and 7.x before 7.0.6, Apple TV 6.x before 6.0.2, and Apple OS X 10.9.x before 10.9.2 does not check the signature in a...
Important: Red Hat Security Advisory: python-keystoneclient security, bug fix, and enhancement update
Updated python-keystoneclient packages that fix two security issues, one bug, and add one enhancement are now available for Red Hat OpenStack 3.0 Grizzly Preview. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System CV...
Candlepin: Re-enable manifest signature checking
Candlepin before 0.7.24, as used in Red Hat Subscription Asset Manager before 1.2.1, does not properly check manifest signatures, which allows local users to modify manifests...