956 matches found
CVE-2022-35321
DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2022. Notes: none...
The vulnerability of the display functions for hash functions of the application, as well as the export of audit logs and software for marking ballots with the ImageCast X device, allows a perpetrator to gain unauthorized access to protected information.
The vulnerability of the hashing functions in software for ImageCast X labeling devices relates to changes in certification data or measurement reports. Exploiting this vulnerability can allow attackers to gain unauthorized access to protected information...
Learn Cybersecurity with Palo Alto Networks Through this PCCSA Course @ 93% OFF
In the world of cybersecurity, reputation is everything. Most business owners have little understanding of the technical side, so they have to rely on credibility. Founded back in 2005, Palo Alto Networks is a cybersecurity giant that has earned the trust of the business community thanks to its...
Powertek PDU Certification Bypass Vulnerability
Powertek, a company that manufactures data center-grade intelligent PDUs power distribution units, or heavy-duty power cords for server racks, has an authentication bypass vulnerability that can be exploited by an attacker to bypass active session authorization checks. It can then be used to gain...
CVE-2013-10001
A vulnerability was found in HTC One/Sense 4.x. It has been rated as problematic. Affected by this issue is the certification validation of the mail client. An exploit has been disclosed to the public and may be used...
Design/Logic Flaw
A vulnerability was found in HTC One/Sense 4.x. It has been rated as problematic. Affected by this issue is the certification validation of the mail client. An exploit has been disclosed to the public and may be used...
CVE-2013-10001 HTC One/Sense Mail Client certificate validation
A vulnerability was found in HTC One/Sense 4.x. It has been rated as problematic. Affected by this issue is the certification validation of the mail client. An exploit has been disclosed to the public and may be used...
CVE-2013-10001 HTC One/Sense Mail Client certificate validation
A vulnerability was found in HTC One/Sense 4.x. It has been rated as problematic. Affected by this issue is the certification validation of the mail client. An exploit has been disclosed to the public and may be used...
CVE-2013-10001
CVE-2013-10001 affects HTC One/Sense 4.x: the mail client’s certificate validation is flawed. An exploit has been disclosed publicly and may be used, indicating a vulnerability in how the mail client handles server credentials. No further technical details are provided in the supplied documents.
GHSA-P9WQ-MJH8-Q72M OpenStack keystonemiddleware and python-keystoneclient vulnerable to man-in-the-middle attacks
The s3token middleware in OpenStack keystonemiddleware before 1.6.0 and python-keystoneclient before 1.4.0 disables certification verification when the "insecure" option is set in a paste configuration paste.ini file regardless of the value, which allows remote attackers to conduct...
OpenStack keystonemiddleware and python-keystoneclient vulnerable to man-in-the-middle attacks
The s3token middleware in OpenStack keystonemiddleware before 1.6.0 and python-keystoneclient before 1.4.0 disables certification verification when the "insecure" option is set in a paste configuration paste.ini file regardless of the value, which allows remote attackers to conduct...
GHSA-8823-XPHR-QW9V Gentoo Portage does not verify X.509 certificates from SSL servers
The urlopen function in pym/portage/util/urlopen.py in Gentoo Portage 2.1.12, when using HTTPS, does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and modify binary package lists via a crafted certificate...
Why MRG-Effitas matters to SMBs
When selecting the right cybersecurity vendor to protect their operations, small- and medium-sized businesses SMBs can lean on several third-party research organizations that analyze which cybersecurity products can best prevent, detect, and clean up various types of cyberattacks today. But these...
Get Lifetime Access to 2022 Cybersecurity Certification Prep Courses @ 95% Off
Ever thought about working full-time in cybersecurity? With millions of unfilled jobs around, now is a great time to get into the industry. Of course, there are many different roles in this field. But all of them require the same handful of professional certifications. The 2022 Ultimate Advanced...
How Much Can CCIE Enterprise Certified Professional Make?
By Owais Sultan Cisco CCIE Enterprise Infrastructure certificate, which is the successor of the old CCIE Routing and Switching certification, is… This is a post from HackRead.com Read the original post: How Much Can CCIE Enterprise Certified Professional Make?...
CMMC – The smoke is clearing
The smoke is finally starting to clear on "CMMC 2.0." Hundreds of companies are already lining up for Cybersecurity Maturity Model Certification assessments. Everything is taking place faster and with far more urgency than most organizations have planned around or prepared for...
[SECURITY] Fedora 36 Update: openvpn-2.5.6-1.fc36
OpenVPN is a robust and highly flexible tunneling application that uses all of the encryption, authentication, and certification features of the OpenSSL library to securely tunnel IP networks over a single UDP or TCP port. It can use the Marcus Franz Xaver Johannes Oberhumers LZO library for...
[SECURITY] Fedora 34 Update: openvpn-2.5.6-1.fc34
OpenVPN is a robust and highly flexible tunneling application that uses all of the encryption, authentication, and certification features of the OpenSSL library to securely tunnel IP networks over a single UDP or TCP port. It can use the Marcus Franz Xaver Johannes Oberhumers LZO library for...
RUSTSEC-2022-0014 Infinite loop in `BN_mod_sqrt()` reachable when parsing certificates
The BNmodsqrt function, which computes a modular square root, contains a bug that can cause it to loop forever for non-prime moduli. Internally this function is used when parsing certificates that contain elliptic curve public keys in compressed form or explicit elliptic curve parameters with a...
Ubuntu 16.04 ESM : OpenSSL vulnerability (USN-5328-2)
The remote Ubuntu 16.04 ESM host has packages installed that are affected by a vulnerability as referenced in the USN-5328-2 advisory. USN-5328-1 fixed a vulnerability in OpenSSL. This update provides the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. Tenable has extracted the...