EUVD-2018-11832

Malware in sbrugna...

CVE-2020-0601: Windows CryptoAPI Spoofing Vulnerability | Cloud Foundry

Severity High Vendor Microsoft Corporation Description A spoofing vulnerability exists in the way Windows CryptoAPI Crypt32.dll validates Elliptic Curve Cryptography ECC certificates. An attacker could exploit the vulnerability by using a spoofed code-signing certificate to sign a malicious...

CVE-2018-1276

Windows 2012R2 stemcells, versions prior to 1200.17, contain an information exposure vulnerability on vSphere. A remote user with the ability to push apps can execute crafted commands to read the IaaS metadata from the VM, which may contain BOSH credentials...

Cloud Foundry Windows Stemcells Information Disclosure Vulnerability

Cloud Foundry Windows Stemcells are a set of specially crafted operating system images that contain the file systems of BOSH-managed virtual machines. A security vulnerability exists in Cloud Foundry Windows Stemcells versions prior to 1200.14. An attacker could exploit the vulnerability to obtai...

CVE-2018-1197

In Windows Stemcells versions prior to 1200.14, apps running inside containers in Windows on Google Cloud Platform are able to access the metadata endpoint. A malicious developer could use this access to gain privileged credentials...

CVE-2018-1197

The CVE affects Cloud Foundry Windows Stemcells prior to 1200.14. In these versions, apps running inside containers on Windows in Google Cloud Platform could access the GCP metadata endpoint, enabling a malicious developer to obtain privileged credentials. Root cause: exposure of the metadata end...

CVE-2018-1197

In Windows Stemcells versions prior to 1200.14, apps running inside containers in Windows on Google Cloud Platform are able to access the metadata endpoint. A malicious developer could use this access to gain privileged credentials...