1204 matches found
Information disclosure
Cloud Foundry Bits Service, versions prior to 2.18.0, includes an information disclosure vulnerability. A remote malicious user may execute a timing attack to brute-force the signing key, allowing them complete read and write access to the the Bits Service storage...
CVE-2018-15800
CVE-2018-15800 affects Cloud Foundry Bits Service prior to version 2.18.0. The vulnerability is an information disclosure where a remote attacker can perform a timing attack to brute-force the signing key, yielding complete read and write access to the Bits Service storage. The root cause is a ti...
CVE-2018-15800 Timing attack allows extraction of signing key in Bits Service
Cloud Foundry Bits Service, versions prior to 2.18.0, includes an information disclosure vulnerability. A remote malicious user may execute a timing attack to brute-force the signing key, allowing them complete read and write access to the the Bits Service storage...
CVE-2018-15800: Timing attack allows extraction of signing key in Bits Service | Cloud Foundry
Severity High Vendor Cloud Foundry Foundation Affected Cloud Foundry Products and Versions Bits Service release versions prior to 2.18.0 Description Cloud Foundry Bits Service, versions prior to 2.18.0, includes an information disclosure vulnerability. A remote malicious user may execute a timing...
PT-2018-2597 · Libcaca +2 · Libcaca +2
Name of the Vulnerable Software and Affected Versions: libcaca version 0.99.beta19 Description: The issue is related to an integer overflow in the load image function, located in common-image.c, which can lead to an illegal WRITE memory access, particularly for 4bpp data. This can potentially all...
CVE-2018-15796
Cloud Foundry Bits Service Release, versions prior to 2.14.0, uses an insecure hashing algorithm to sign URLs. A remote malicious user may obtain a signed URL and extract the signing key, allowing them complete read and write access to the the Bits Service storage...
CVE-2018-15796
Cloud Foundry Bits Service Release, versions prior to 2.14.0, uses an insecure hashing algorithm to sign URLs. A remote malicious user may obtain a signed URL and extract the signing key, allowing them complete read and write access to the the Bits Service storage...
Code injection
Cloud Foundry Bits Service Release, versions prior to 2.14.0, uses an insecure hashing algorithm to sign URLs. A remote malicious user may obtain a signed URL and extract the signing key, allowing them complete read and write access to the the Bits Service storage...
CVE-2018-15796
The CVE-2018-15796 vulnerability affects Cloud Foundry Bits Service releases prior to 2.14.0, where an insecure hashing algorithm signs URLs. A remote attacker could obtain a signed URL and extract the signing key, gaining complete read/write access to the Bits Service storage. Mitigation: upgrad...
CVE-2018-15796 Signing Key Extraction in Bits Service Release
Cloud Foundry Bits Service Release, versions prior to 2.14.0, uses an insecure hashing algorithm to sign URLs. A remote malicious user may obtain a signed URL and extract the signing key, allowing them complete read and write access to the the Bits Service storage...
CVE-2018-15796: Signing Key Extraction in Bits Service | Cloud Foundry
Severity High Vendor Cloud Foundry Foundation Affected Cloud Foundry Products and Versions You are using bits-service-release versions prior to 2.14.0 Description Cloud Foundry Bits Service, versions prior to 2.14.0, uses an insecure hashing algorithm to sign URLs. A remote malicious user may...
openSUSE: Security Advisory for libvirt (openSUSE-SU-2018:1621-1)
The remote host is missing an update for the Copyright C 2018 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
VLC Media Player - MKV Use-After-Free Exploit
Exploit for windows platform in category local exploits This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'VLC Media Player MKV Use After Free', 'Description' = %q This module exploits a use after...
VLC Media Player 2.2.8 MKV Use-After-Free
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'VLC Media Player MKV Use After Free', 'Description' = %q This module exploits a use after free vulnerability in VideoLAN VLC = MSFLICENSE, 'Autho...
VLC Media Player 2.2.8 MKV Use-After-Free Exploit
This Metasploit module exploits a use-after-free vulnerability in VideoLAN VLC versions 2.2.8 and below. The vulnerability exists in the parsing of MKV files and affects both 32 bits and 64 bits. In order to exploit this, this module will generate two files: The first .mkv file contains the main...
CVE-2017-15423
Inappropriate implementation in BoringSSL SPAKE2 in Google Chrome prior to 63.0.3239.84 allowed a remote attacker to leak the low-order bits of SHA512password by inspecting protocol traffic...
openSUSE Security Update : libvirt (openSUSE-2018-860) (Spectre)
This update for libvirt fixes the following issues : Security issue fixed : - CVE-2018-3639: Add support for 'ssbd' and 'virt-ssbd' CPUID feature bits to address V4 Speculative Store Bypass aka 'Memory Disambiguation' bsc1092885. Bug fixes : - bsc1094325: Enable virsh blockresize for XEN guests...
VLC Media Player MKV Use After Free
This module exploits a use after free vulnerability in VideoLAN VLC = 'VLC Media Player MKV Use After Free', 'Description' = %q This module exploits a use after free vulnerability in VideoLAN VLC = 2.2.8. The vulnerability exists in the parsing of MKV files and affects both 32 bits and 64 bits. I...
openssl: Carry propagating bug in Montgomery multiplication
There is a carry propagating bug in the Broadwell-specific Montgomery multiplication procedure in OpenSSL 1.0.2 and 1.1.0 before 1.1.0c that handles input lengths divisible by, but longer than 256 bits. Analysis suggests that attacks against RSA, DSA and DH private keys are impossible. This is...
DEBIAN-CVE-2018-13303
In FFmpeg 4.0.1, a missing check for failure of a call to initgetbits8 in the avprivac3parseheader function in libavcodec/ac3parser.c may trigger a NULL pointer dereference while converting a crafted AVI file to MPEG4, leading to a denial of service...