EUVD-2020-27039

Malware in sbrugna...

PT-2024-33696 · Ibm · Ibm Security Guardium Key Lifecycle Manager

Name of the Vulnerable Software and Affected Versions: IBM Security Guardium Key Lifecycle Manager versions 4.1, 4.1.1, 4.2.0, and 4.2.1 Description: The issue allows a remote attacker to obtain sensitive information in cleartext in a communication channel that can be detected by unauthorized...

GSD-2022-1000070 Reliance on improperly secured communications channel (Discord) in Grape Network version unknown

In Grape Network Grape Network version unknown a Reliance on improperly secured communications channel Discord exists in the Discord community "announcement" channels for multiple NFTs that can be attacked via unknown resulting in access Grape Network tokens was used to send Discord server messag...

CVE-2019-1424

A security feature bypass vulnerability exists when Windows Netlogon improperly handles a secure communications channel, aka 'NetLogon Security Feature Bypass Vulnerability'...

HPSBHF03595 rev. 6 - LoJax UEFI Rootkit

Potential Security Impact Elevation of Privilege, Information Disclosure, Loss of Confidentiality, Loss of Integrity. Source: HP, HP Product Security Response Team PSRT Reported by: ESET Research VULNERABILITY SUMMARY HP has identified a potential security vulnerability with a UEFI rootkit LoJax...

(Pwn2Own) VMware Workstation Uninitialized Memory Information Disclosure Vulnerability

This vulnerability allows local attackers to disclose sensitive information on vulnerable installations of VMware Workstation. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the...

IRC Daemon STARTTLS Command Support

The remote IRC daemon supports the use of the 'STARTTLS' command to switch from a cleartext to an encrypted communications channel. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid87817; scriptversion"1.4"; scriptsetattributeattribute:"pluginmodificationdate",...

MS15-027: Vulnerability in NETLOGON Could Allow Spoofing (3002657)

The remote Windows host is affected by a spoofing vulnerability due to the Netlogon service improperly establishing a secure communications channel to a different machine with a spoofed computer name. A remote attacker, on a domain-joined system with the ability to observe network traffic, can...

NNTP Service STARTTLS Plaintext Command Injection

The remote news server contains a software flaw in its STARTTLS implementation that could allow a remote, unauthenticated attacker to inject commands during the plaintext protocol phase that will be executed during the ciphertext protocol phase. Successful exploitation could allow an attacker...