5806 matches found
DEBIAN-CVE-2018-12020
mainproc.c in GnuPG before 2.2.8 mishandles the original filename during decryption and verification actions, which allows remote attackers to spoof the output that GnuPG sends on file descriptor 2 to other programs that use the "--status-fd 2" option. For example, the OpenPGP data might represen...
ALPINE-CVE-2018-12020
mainproc.c in GnuPG before 2.2.8 mishandles the original filename during decryption and verification actions, which allows remote attackers to spoof the output that GnuPG sends on file descriptor 2 to other programs that use the "--status-fd 2" option. For example, the OpenPGP data might represen...
CVE-2018-12020
mainproc.c in GnuPG before 2.2.8 mishandles the original filename during decryption and verification actions, which allows remote attackers to spoof the output that GnuPG sends on file descriptor 2 to other programs that use the "--status-fd 2" option. For example, the OpenPGP data might represen...
CVE-2018-12020
GnuPG is affected by CVE-2018-12020: before version 2.2.8, the program mishandles the original filename during decryption/verification, allowing a remote attacker to spoof status output sent to file descriptor 2 via --status-fd 2. This can cause applications that parse status messages to misinter...
CVE-2018-12020
mainproc.c in GnuPG before 2.2.8 mishandles the original filename during decryption and verification actions, which allows remote attackers to spoof the output that GnuPG sends on file descriptor 2 to other programs that use the "--status-fd 2" option. For example, the OpenPGP data might represen...
CVE-2018-12020
mainproc.c in GnuPG before 2.2.8 mishandles the original filename during decryption and verification actions, which allows remote attackers to spoof the output that GnuPG sends on file descriptor 2 to other programs that use the "--status-fd 2" option. For example, the OpenPGP data might represen...
Malware analysis: decoding Emotet, part 2
In part two of our series on decoding Emotet, you can catch up on part 1 here, we'll cover analysis of the PowerShell code. Before we do that, however, it is a good idea to list some of the functions and calls that are used in the code for the execution. System.Runtime.InteropServices.Marshal: us...
CVE-2016-1000345
In the Bouncy Castle JCE Provider version 1.55 and earlier the DHIES/ECIES CBC mode vulnerable to padding oracle attack. For BC 1.55 and older, in an environment where timings can be easily observed, it is possible with enough observations to identify when the decryption is failing due to padding...
Information Disclosure Vulnerability in Multiple IBM Products (CNVD-2018-111113)
IBM SAN Volume Controller SVC and others are storage systems from IBM in the U.S. IBM SVC is a virtualized storage system; Storwize is a disk storage system customized for small and medium-sized businesses; Spectrum Virtualize is a spectral storage system; FlashSystem is an all-flash storage...
CVE-2018-1466
IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products 6.1, 6.2, 6.3, 6.4, 7.1, 7.2, 7.3, 7.4, 7.5, 7.6, 7.6.1, 7.7, 7.7.1, 7.8, 7.8.1, 8.1, and 8.1.1 use weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive...
CVE-2018-1466
IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products 6.1, 6.2, 6.3, 6.4, 7.1, 7.2, 7.3, 7.4, 7.5, 7.6, 7.6.1, 7.7, 7.7.1, 7.8, 7.8.1, 8.1, and 8.1.1 use weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive...
CVE-2018-1466
CVE-2018-1466 affects IBM SAN Volume Controller, Storwize, Spectrum Virtualize and FlashSystem family. The connected IBM security bulletins/entries confirm the vulnerability arises from weaker than expected cryptographic algorithms used by these products, exposing the possibility to decrypt highl...
OpenPGP and S/MIME eFail Information Disclosure
An information disclosure vulnerability exists in OpenPGP and S/MIME. Successful exploitation would allow the attacker to decrypt the traffic and obtain or modify sensitive information...
Critical Flaws in PGP and S/MIME Tools Can Reveal Encrypted Emails in Plaintext
Note—the technical details of the vulnerabilities introduced in this article has now been released, so you should also read our latest article to learn how the eFail attack works and what users can do to prevent themselves. An important warning for people using widely used email encryption...
First-Ever Ransomware Found Using 'Process Doppelgänging' Attack to Evade Detection
Security researchers have spotted the first-ever ransomware exploiting Process Doppelgänging, a new fileless code injection technique that could help malware evade detection. The Process Doppelgänging attack takes advantage of a built-in Windows function, i.e., NTFS Transactions, and an outdated...
CVE-2017-1255
IBM Security Guardium 10.0, 10.0.1, and 10.1 through 10.1.4 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 124675...
CVE-2017-1255
IBM Security Guardium 10.0, 10.0.1, and 10.1 through 10.1.4 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 124675...
Auth tag forgery vulnerability with AES-GCM encrypted JWT
Ruby's OpenSSL bindings do not check the length of the supplied authentication tag when decrypting an authenticated encryption mode such as AES-GCM, leaving this up to the authors of a gem/app to implement for properly validating the message. json-jwt was not checking for the authentication tag...
Memory corruption
IBM Endpoint Manager for Remote Control 9.0.0 and 9.0.1 and Tivoli Remote Control 5.1.2 store multiple hashes of partial passwords, which makes it easier for remote attackers to decrypt passwords by leveraging access to the hashes. IBM X-Force ID: 88309...
CVE-2013-5461
IBM Endpoint Manager for Remote Control 9.0.0 and 9.0.1 and Tivoli Remote Control 5.1.2 store multiple hashes of partial passwords, which makes it easier for remote attackers to decrypt passwords by leveraging access to the hashes. IBM X-Force ID: 88309...