freerdp: out-of-bounds read in ntlm_read_AuthenticateMessage

In FreeRDP less than or equal to 2.0.0, there is an out-of-bound read in ntlmreadAuthenticateMessage. This has been fixed in 2.1.0...

CVE-2020-12789

The Secure Monitor in Microchip Atmel ATSAMA5 products use a hardcoded key to encrypt and authenticate secure applets...

Microsoft Windows/Windows Server Denial of Service Vulnerability (CNVD-2021-66068)

Microsoft Windows and Microsoft Windows Server are both products of Microsoft Corporation.Microsoft Windows is an operating system for personal devices.Microsoft Windows Server is a server operating system. A denial of service vulnerability exists in Microsoft Windows/Windows Server, which...

Exploit for Path Traversal in Bludit

CVE-2019-16113 CVE-2019-16113 - bludit = 3...

FreeRDP Buffer Overflow Vulnerability (CNVD-2020-31438)

FreeRDP is an open source implementation of the Remote Desktop Protocol RDP from the FreeRDP team. A buffer overflow vulnerability exists in ntlmreadAuthenticateMessage in FreeRDP 2.0.0 and prior versions. The vulnerability stems from a networked system or product performing operations in memory...

DEBIAN-CVE-2020-11087

In FreeRDP less than or equal to 2.0.0, there is an out-of-bound read in ntlmreadAuthenticateMessage. This has been fixed in 2.1.0...

IBM WebSphere Application Server 9.0.0.0 < 9.0.0.9 Information Disclosure (CVE-2018-1957)

The IBM WebSphere Application Server running on the remote host is version 9.0.0.0 through 9.0.0.9 prior to 9.0.0.10. It is, therefore, affected by a information disclosure vulnerability. The vulnerability exists in IBM WebSphere Application Server due to mishandling of data by the application...

PT-2020-12544 · Freerdp +6 · Freerdp +6

Name of the Vulnerable Software and Affected Versions: FreeRDP versions 2.0.0 and earlier Description: The issue is related to an out-of-bound read in the ntlm read AuthenticateMessage function. This has been fixed in version 2.1.0. Recommendations: For FreeRDP versions 2.0.0 and earlier, update ...

CVE-2020-11723

Cellebrite UFED 5.0 through 7.29 uses four hardcoded RSA private keys to authenticate to the ADB daemon on target devices. Extracted keys can be used to place evidence onto target devices when performing a forensic extraction...

Intel Authenticate Elevation of Privilege Vulnerability

Intel Authenticate is a set of multi-factor authentication software from the U.S. company Intel Intel. An elevation of privilege vulnerability exists in the software installer in versions prior to Intel Authenticate 3.8. A local attacker could exploit this vulnerability to gain elevation of...

The vulnerability of the Intel(R) Authenticate software installation mechanism allows a perpetrator to gain increased privileges.

The vulnerability of the IntelR Authenticate software installation mechanism is related to permission processing errors. Exploiting this vulnerability can allow attackers to enhance their privileges...

CVE-2019-11143

Improper permissions in the software installer for IntelR Authenticate before 3.8 may allow an authenticated user to potentially enable escalation of privilege via local access...

CVE-2019-11143

Improper permissions in the software installer for IntelR Authenticate before 3.8 may allow an authenticated user to potentially enable escalation of privilege via local access...

Input validation

Improper permissions in the software installer for IntelR Authenticate before 3.8 may allow an authenticated user to potentially enable escalation of privilege via local access...

CVE-2019-11143

Improper permissions in the software installer for IntelR Authenticate before 3.8 may allow an authenticated user to potentially enable escalation of privilege via local access...

CVE-2019-11143

Summary : CVE-2019-11143 affects Intel® Authenticate prior to 3.8 due to improper permissions in the software installer, which could allow an authenticated local user to escalate privileges. Intel specifies updates to 3.8 or later as remediation. Other sources (Red Hat, CNVD, CNVD-derived listing...

RHEL 7 : libssh2 (RHSA-2019:2399)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2019:2399 advisory. The libssh2 packages provide a library that implements the SSH2 protocol. Security Fixes: libssh2: Integer overflow in transport read...

Scientific Linux Security Update : libssh2 on SL6.x i386/x86_64 (20190702)

Security Fixes : - libssh2: Integer overflow in transport read resulting in out of bounds write CVE-2019-3855 - libssh2: Integer overflow in keyboard interactive handling resulting in out of bounds write CVE-2019-3856 - libssh2: Integer overflow in SSH packet processing channel resulting in out o...

CVE-2019-11367

An issue was discovered in AUO Solar Data Recorder before 1.3.0. The web portal uses HTTP Basic Authentication and provides the account and password in the WWW-Authenticate attribute. By using this account and password, anyone can login successfully...

UBUNTU-CVE-2019-12300

Buildbot before 1.8.2 and 2.x before 2.3.1 accepts a user-submitted authorization token from OAuth and uses it to authenticate a user. If an attacker has a token allowing them to read the user details of a victim, they can login as the victim...