CVE-2019-6481

CVE-2019-6481 affects Abine Blur 7.8.2431 via the Affected Chrome Plugin component, enabling a remote attacker to bypass second‑factor authentication by using a right‑click sequence to access a forgotten dev menu to insert user passwords that would normally require MFA approval. This mirrors the ...

[SECURITY] [DLA 1696-1] ceph security update

Package : ceph Version : 0.80.7-2+deb8u3 CVE ID : CVE-2018-14662 CVE-2018-16846 Debian Bug : 921948 921947 Several vulnerabilities were discovered in Ceph, a distributed storage and file system. CVE-2018-14662 It was found that authenticated ceph users with read only permissions could steal...

Red Hat Ceph Unauthorized Access Vulnerability

Red Hat Ceph is a Linux petabyte-level distributed file system from Red Hat. The main goal of the system is to be designed as a distributed file system based on POSIX Portable Operating System Interface without a single point of failure, so that data can be fault-tolerant and seamless replication...

DEBIAN-CVE-2018-14662

It was found Ceph versions before 13.2.4 that authenticated ceph users with read only permissions could steal dm-crypt encryption keys used in ceph disk encryption...

Code injection

It was found Ceph versions before 13.2.4 that authenticated ceph users with read only permissions could steal dm-crypt encryption keys used in ceph disk encryption...

CVE-2018-14662

It was found Ceph versions before 13.2.4 that authenticated ceph users with read only permissions could steal dm-crypt encryption keys used in ceph disk encryption...

UBUNTU-CVE-2018-14662

It was found Ceph versions before 13.2.4 that authenticated ceph users with read only permissions could steal dm-crypt encryption keys used in ceph disk encryption...

CVE-2018-14662

It was found that authenticated ceph user with read only permissions could steal dm-crypt encryption keys used in ceph disk encryption...

PT-2019-4929 · Ceph +3 · Ceph +3

Name of the Vulnerable Software and Affected Versions: Ceph versions prior to 13.2.4 Description: The issue is related to an authorization procedure error in the Ceph storage system. This error can be exploited by a remote attacker to gain unauthorized access to dm-crypt encryption keys used in...

CVE-2018-12038

An issue was discovered on Samsung 840 EVO devices. Vendor-specific commands may allow access to the disk-encryption key...

Command injection

An issue was discovered on Samsung 840 EVO devices. Vendor-specific commands may allow access to the disk-encryption key...

CVE-2018-12037

An issue was discovered on Samsung 840 EVO and 850 EVO devices only in "ATA high" mode, not vulnerable in "TCG" or "ATA max" mode, Samsung T3 and T5 portable drives, and Crucial MX100, MX200 and MX300 devices. Absence of a cryptographic link between the password and the Disk Encryption Key allows...

CVE-2018-12038

An issue was discovered on Samsung 840 EVO devices. Vendor-specific commands may allow access to the disk-encryption key...

CVE-2018-12038

CVE-2018-12038 is a hardware-encryption vulnerability affecting self-encrypting drives (e.g., Samsung 840 EVO, MX100/MX200/MX300, Samsung T3/T5) where wear-leveling and weak binding between the user password and the disk-encryption key can allow an attacker with physical access to recover data. T...

PT-2018-10958 · Samsung +1 · Samsung T5 +6

Name of the Vulnerable Software and Affected Versions: Samsung 840 EVO versions affected versions not specified Samsung 850 EVO versions affected versions not specified Samsung T3 versions affected versions not specified Samsung T5 versions affected versions not specified Crucial MX100 versions...

New Cold Boot Attack Unlocks Disk Encryption On Nearly All Modern PCs

Security researchers have revealed a new attack to steal passwords, encryption keys and other sensitive information stored on most modern computers, even those with full disk encryption. The attack is a new variation of a traditional Cold Boot Attack, which is around since 2008 and lets attackers...

New Cold Boot Attack Unlocks Disk Encryption On Nearly All Modern PCs

Security researchers have revealed a new attack to steal passwords, encryption keys and other sensitive information stored on most modern computers, even those with full disk encryption. The attack is a new variation of a traditionalCold Boot Attack , which is around since 2008 and lets attackers...

Intel Optane memory module information disclosure vulnerability

Intel Optane memory module with Whole Disk Encryption is a memory module with Whole Disk Encryption from Intel USA. An information disclosure vulnerability exists in storage media with Intel Optane memory module with Whole Disk Encryption. An attacker could exploit this vulnerability to obtain da...

CVE-2018-3619

Information disclosure vulnerability in storage media in systems with Intel Optane memory module with Whole Disk Encryption may allow an attacker to recover data via physical access...

Information disclosure

Information disclosure vulnerability in storage media in systems with Intel Optane memory module with Whole Disk Encryption may allow an attacker to recover data via physical access...