Huawei EulerOS: Security Advisory for golang (EulerOS-SA-2022-2731)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

PT-2022-5616 · Microsoft · Windows Cryptoapi +1

Name of the Vulnerable Software and Affected Versions: Windows CryptoAPI affected versions not specified Description: The issue is related to a spoofing vulnerability in the Windows CryptoAPI, which can be exploited to bypass authentication. This vulnerability allows an attacker to conduct spoofi...

Microsoft Windows CryptoAPI 安全漏洞

Microsoft Windows CryptoAPI is a cryptographic compiler added to the Windows operating system by Microsoft Corporation. As an important foundation for data encryption and decryption functions, CryptoAPI supports synchronous and asynchronous key encryption processing, as well as the management of...

PT-2021-1613 · Microsoft · Windows Cryptoapi +1

Name of the Vulnerable Software and Affected Versions: Windows CryptoAPI affected versions not specified Description: The issue is related to insufficient input validation in the Windows CryptoAPI interface of Windows operating systems. This can be exploited by a remote attacker to cause a denial...

Microsoft Windows CryptoAPI Security Vulnerability

Microsoft Windows CryptoAPI is a cryptographic compiler added to the Windows operating system by Microsoft. CryptoAPI supports synchronous and asynchronous key encryption, as well as the management of digital certificates in the operating system, as the basis for data encryption and decryption. A...

Exploit for Improper Certificate Validation in Microsoft

CVE-2020-0601 PoC for CVE-2020-0601 – Windows CryptoAPI Cry...

CVE-2020-0601: Windows CryptoAPI Spoofing Vulnerability | Cloud Foundry

Severity High Vendor Microsoft Corporation Description A spoofing vulnerability exists in the way Windows CryptoAPI Crypt32.dll validates Elliptic Curve Cryptography ECC certificates. An attacker could exploit the vulnerability by using a spoofed code-signing certificate to sign a malicious...

KLA11720 Multiple vulnerabilities in Opera

Multiple vulnerabilities were found in Opera. Malicious users can exploit these vulnerabilities to execute arbitrary code, cause denial of service, bypass security restrictions. Below is a complete list of vulnerabilities: 1. Use after free vulnerability in speech recognizer can be exploited to...

Microsoft Windows CryptoAPI Spoofing Vulnerability

Microsoft Windows is a Windows operating system released by Microsoft Corporation in the U.S. Microsoft CryptoAPI is a Windows Security Services API provided by Microsoft to developers for cryptographic applications to encrypt, decrypt, sign, and verify data. A spoofing vulnerability exists in...

KLA11647 Multiple vulnerabilities in Google Chrome

Multiple vulnerabilities were found in Google Chrome. Malicious users can exploit these vulnerabilities to execute arbitrary code, cause denial of service, bypass security restrictions. Below is a complete list of vulnerabilities: 1. Use-after-free vulnerability in speech recognizer can be...

Spoofing

A spoofing vulnerability exists in the way Windows CryptoAPI Crypt32.dll validates Elliptic Curve Cryptography ECC certificates.An attacker could exploit the vulnerability by using a spoofed code-signing certificate to sign a malicious executable, making it appear the file was from a trusted,...

CVE-2020-0601

A spoofing vulnerability exists in the way Windows CryptoAPI Crypt32.dll validates Elliptic Curve Cryptography ECC certificates.An attacker could exploit the vulnerability by using a spoofed code-signing certificate to sign a malicious executable, making it appear the file was from a trusted,...

CVE-2020-0601

The CVE-2020-0601 issue affects Windows CryptoAPI (Crypt32.dll) and its ECC certificate validation, enabling a spoofing attack where a forged code-signing certificate could make malware appear trusted. Affected platforms include Windows 10 and Windows Server 2016/2019, with the vulnerability tied...

CVE-2020-0601, aka NSACrypt

A spoofing vulnerability exists in the way Windows CryptoAPI Crypt32.dll validates Elliptic Curve Cryptography ECC certificates.An attacker could exploit the vulnerability by using a spoofed code-signing certificate to sign a malicious executable, making it appear the file was from a trusted,...

Microsoft Windows cryptoapi - SymCrypt Modular Inverse Algorithm Denial of Service

Microsoft Windows cryptoapi - SymCrypt Modular Inverse Algorithm Denial of Service There's a bug in the SymCrypt multi-precision arithmetic routines that can cause an infinite loop when calculating the modular inverse on specific bit patterns with bcryptprimitives!SymCryptFdefModInvGeneric. I've...

Microsoft CryptoAPI Object Identifiers Integer Overflow (MS09-056) - Ver2 (CVE-2009-2511)

The CryptoAPI provide services that enable application developers to add encryption/decryption of data, authentication using digital certificates, and encoding to and decoding from Abstract Syntax Notation One ASN.1 to their Windows-based applications. A spoofing vulnerability has been reported i...

Microsoft Cleans Up Bugs After Biggest Patch Release

After releasing its largest-ever group of security patches two weeks ago, Microsoft has done a little cleaning up. Over the past few days, the company has re-released two security updates and issued a workaround for a Windows CryptoAPI patch that caused Microsoft’s own instant-messaging server to...