956 matches found
CVE-2018-9234
GnuPG 2.2.4 and 2.2.5 does not enforce a configuration in which key certification requires an offline master Certify key, which results in apparently valid certifications that occurred only with access to a signing subkey...
CVE-2018-9234
GnuPG 2.2.4 and 2.2.5 does not enforce a configuration in which key certification requires an offline master Certify key, which results in apparently valid certifications that occurred only with access to a signing subkey...
DEBIAN-CVE-2018-9234
GnuPG 2.2.4 and 2.2.5 does not enforce a configuration in which key certification requires an offline master Certify key, which results in apparently valid certifications that occurred only with access to a signing subkey...
CVE-2018-9234
GnuPG 2.2.4 and 2.2.5 does not enforce a configuration in which key certification requires an offline master Certify key, which results in apparently valid certifications that occurred only with access to a signing subkey...
CVE-2018-9234
GnuPG 2.2.4 and 2.2.5 does not enforce a configuration in which key certification requires an offline master Certify key, which results in apparently valid certifications that occurred only with access to a signing subkey...
CVE-2018-9234
CVE-2018-9234 : GnuPG 2.2.4 and 2.2.5 are affected. The issue is a failure to enforce a config where key certification requires an offline master Certify key, allowing certifications that only used a signing subkey to appear valid. This description comes from the provided documents which state th...
CVE-2018-9234
GnuPG 2.2.4 and 2.2.5 does not enforce a configuration in which key certification requires an offline master Certify key, which results in apparently valid certifications that occurred only with access to a signing subkey...
UBUNTU-CVE-2018-9234
GnuPG 2.2.4 and 2.2.5 does not enforce a configuration in which key certification requires an offline master Certify key, which results in apparently valid certifications that occurred only with access to a signing subkey...
CVE-2017-4130
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none...
CVE-2017-4108
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none...
CVE-2017-4066
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none...
CVE-2017-4035
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none...
monsterindia.com XSS vulnerability
Open Bug Bounty ID: OBB-568252 Description| Value ---|--- Affected Website:| monsterindia.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...
Cybersecurity Certification Courses – CISA, CISM, CISSP
The year 2017 saw some of the biggest cybersecurity incidents—from high profile data breaches in Equifax and Uber impacting millions of users to thousands of businesses and millions of customers being affected by the global ransomware threats like WannaCry and NotPetya. The year ended, but it did...
Design/Logic Flaw
Untrusted search path vulnerability in The Public Certification Service for Individuals "The JPKI user's software" Ver3.1 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory...
CVE-2017-10893
Untrusted search path vulnerability in The Public Certification Service for Individuals "The JPKI user's software" Ver3.1 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory...
CVE-2017-10893
Untrusted search path vulnerability in The Public Certification Service for Individuals "The JPKI user's software" Ver3.1 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory...
Good News from Singapore
The IETF had its 100th meeting the week of November 13. It was held in Singapore. I want to report on two pieces of good news. The first is that it seems like TLS 1.3 is ready to advance through the IETF process. As I wrote last month, the problem was that outdated or buggy network devices betwee...
J-LIS The Public Certification Service for Individuals "The JPKI user's software" Untrusted Search Path Vulnerability
J-LIS The Public Certification Service for Individuals "The JPKI user's software" is a set of public certification service software for individuals based on the PKI Public Key Infrastructure platform from Japan Agency for Local Authority Information Systems J-LIS. The JPKI user's software" is a...
The installer of The Public Certification Service for Individuals "The JPKI user's software" may insecurely load Dynamic Link Libraries
Overview The installer of The Public Certification Service for Individuals "The JPKI user's software" provided by Japan Agency for Local Authority Information Systems J-LIS contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries CWE-427. Note that...