25 matches found
EUVD-2020-5002
Malware in sbrugna...
EUVD-2006-2709
Malware in sbrugna...
EUVD-2017-12591
Malware in sbrugna...
EUVD-2001-0361
Malware in sbrugna...
CVE-2024-41262
mmudb v1.9.3 was discovered to use the HTTP protocol in the ShowMetricsRaw and ShowMetricsAsText functions, possibly allowing attackers to intercept communications via a man-in-the-middle attack...
CVE-2020-9491
In Apache NiFi 1.2.0 to 1.11.4, the NiFi UI and API were protected by mandating TLS v1.2, as well as listening connections established by processors like ListenHTTP, HandleHttpRequest, etc. However intracluster communication such as cluster request replication, Site-to-Site, and load balanced...
CVE-2011-1652
The default configuration of Microsoft Windows 7 immediately prefers a new IPv6 and DHCPv6 service over a currently used IPv4 and DHCPv4 service upon receipt of an IPv6 Router Advertisement RA, and does not provide an option to ignore an unexpected RA, which allows remote attackers to conduct...
The Signal Chat Leak and the NSA
US National Security Advisor Mike Waltz, who started the now-infamous group chat coordinating a US attack against the Yemen-based Houthis on March 15, is seemingly now suggesting that the secure messaging service Signal has security vulnerabilities. "I didn't see this loser in the group," Waltz...
CVE-2024-54848
CVE-2024-54848 affects CP Plus CP-VNR-3104 (model B3223P22C02424). The CP-VNR-3104 firmware is reported to mishandle and store certificates, enabling attackers to decrypt traffic or perform man-in-the-middle attacks. CVSSv3.1 base score is 7.4 (High) with Network attack vector, high attack comple...
TikTok ordered to close Canada offices following “national security review”
The Government of Canada ordered the TikTok Technology Canada Inc. to close its offices in the country following a national security review. This decision was made in accordance with the Investment Canada Act, which allows for the review of foreign investments that may be injurious to Canada’s...
Superusers Need Super Protection: How to Bridge Privileged Access Management and Identity Management
Traditional perimeter-based security has become costly and ineffective. As a result, communications security between people, systems, and networks is more important than blocking access with firewalls. On top of that, most cybersecurity risks are caused by just a few superusers – typically one ou...
Trend Micro InterScan Messaging Security Virtual Appliance (IMSVA) Resource Management Error Vulnerability (CNVD-2021-08549)
Trend Micro InterScan Messaging Security Virtual Appliance IMSVA is an appliance for securing communications from Trend Micro. Trend Micro InterScan Messaging Security Virtual Appliance IMSVA is vulnerable to a resource management error. No details of the vulnerability are available at this time...
Canada’s Spy Agency Releases its Cyber-Defense Tool for Public
By Uzair Amir The Communications Security Establishment CSE, Canada’s main signals intelligence agency, This is a post from HackRead.com Read the original post: Canada’s Spy Agency Releases its Cyber-Defense Tool for Public...
CVE-2017-3470
Vulnerability in the Oracle Communications Security Gateway component of Oracle Communications Applications subcomponent: Network. The supported version that is affected is 3.0.0. Easily "exploitable" vulnerability allows unauthenticated attacker with network access via ICMP Ping to compromise...
CVE-2017-3470
Vulnerability in the Oracle Communications Security Gateway component of Oracle Communications Applications subcomponent: Network. The supported version that is affected is 3.0.0. Easily "exploitable" vulnerability allows unauthenticated attacker with network access via ICMP Ping to compromise...
CVE-2017-3470
Vulnerability in the Oracle Communications Security Gateway component of Oracle Communications Applications subcomponent: Network. The supported version that is affected is 3.0.0. Easily "exploitable" vulnerability allows unauthenticated attacker with network access via ICMP Ping to compromise...
SSH Tectia Client and Server ssh-signer local privilege escalation
Overview The SSH Communications Security Tectia Client and Server products are vulnerable to privilege escalation, which may allow a local user to gain root access. Description The SSH Tectia Client and Server products contain an unspecified privilege escalation vulnerability in ssh-signer. A loc...
SSH Communications Security's Secure Shell Server: SFTP privilege escalation
Background The SSH Secure Shell Server from SSH Communications Security www.ssh.com is a commercial SSH implementation available free for non-commercial use. Description The SSH Secure Shell Server contains a format string vulnerability in the SFTP code that handles file transfers scp2 and sftp2...
intel-race.txt
Title: Intel 2200BG 802.11 Beacon frame Kernel Memory Corruption Description: The intel wireless mini-pci driver provided with Intel 2200BG cards is vulnerable to a remote race condition memory corruption flaw. Malformed beacons frame can be used to corrupt internal kernel structures,leading to...
Intel 2200BG 802.11 - Beacon frame Kernel Memory Corruption
Intel 2200BG 802.11 - Beacon frame Kernel Memory Corruption / Summary: The intel wireless mini-pci driver provided with Intel 2200BG cards is vulnerable to a remote race condition memory corruption flaw. Malformed beacons frame can be used to corrupt internal kernel structures,leading to arbitrar...