Lucene search
+L

44 matches found

cvelist
cvelist
added 2023/02/27 12:0 a.m.22 views

CVE-2023-23493

A logic issue was addressed with improved state management. This issue is fixed in macOS Ventura 13.2, macOS Monterey 12.6.3. An encrypted volume may be unmounted and remounted by a different user without prompting for the password...

5.6AI score0.00208EPSS
Exploits0References2
cve
cve
added 2023/02/27 12:0 a.m.82 views

CVE-2023-23493

CVE-2023-23493 is a logic issue in macOS DiskArbitration where an encrypted volume could be unmounted and remounted by a different user without prompting for the password. Apple attributes the fix to macOS Monterey 12.6.3 and macOS Ventura 13.2. Affected component: DiskArbitration (macOS). Impact...

3.3CVSS3.1AI score0.00208EPSS
Exploits0References2Affected Software1
ubuntu
ubuntu
added 2023/02/13 10:41 a.m.67 views

USN-5866-1: Nova vulnerabilities

It was discovered that Nova did not properly manage data logged into the log file. An attacker with read access to the service's logs could exploit this issue and may obtain sensitive information. This issue only affected Ubuntu 16.04 ESM and Ubuntu 18.04 LTS. CVE-2015-9543 It was discovered that...

8.3CVSS7AI score0.26792EPSS
Exploits4
cnnvd
cnnvd
added 2023/01/23 12:0 a.m.4 views

Apple macOS Monterey 授权问题漏洞

Apple macOS is a specialized operating system developed by Apple Inc. for Mac computers. A security vulnerability exists in Apple macOS Monterey prior to version 12.6.3 and macOS Ventura prior to version 13.2, which stems from a logical issue where an encrypted volume may be uninstalled and...

3.3CVSS4.8AI score0.00208EPSS
Exploits0References5
nessus
nessus
added 2023/01/23 12:0 a.m.76 views

macOS 12.x < 12.6.3 Multiple Vulnerabilities (HT213604)

The remote host is running a version of macOS / Mac OS X that is 12.x prior to 12.6.3. It is, therefore, affected by multiple vulnerabilities: - This issue was addressed by enabling hardened runtime. This issue is fixed in macOS Monterey 12.6.3, macOS Ventura 13.2, watchOS 9.3, macOS Big Sur...

9.8CVSS8AI score0.04325EPSS
Exploits3References22
ptsecurity
ptsecurity
added 2023/01/23 12:0 a.m.4 views

PT-2023-18985 · Apple · Apple Macos

Name of the Vulnerable Software and Affected Versions: macOS versions prior to 13.2 macOS Monterey versions prior to 12.6.3 Description: A logic issue was addressed with improved state management. This issue allows an encrypted volume to be unmounted and remounted by a different user without...

3.3CVSS3.2AI score0.00208EPSS
Exploits0References7
github
github
added 2022/05/13 1:44 a.m.22 views

OpenStack Nova Denial of service attack on the compute host

An issue was discovered in OpenStack Nova 15.x through 15.1.0 and 16.x through 16.1.1. By detaching and reattaching an encrypted volume, an attacker may access the underlying raw volume and corrupt the LUKS header, resulting in a denial of service attack on the compute host. The same code error...

7.8CVSS6.8AI score0.03755EPSS
Exploits1References13Affected Software1
osv
osv
added 2022/05/13 1:44 a.m.18 views

GHSA-FFMH-R67W-M88F OpenStack Nova Denial of service attack on the compute host

An issue was discovered in OpenStack Nova 15.x through 15.1.0 and 16.x through 16.1.1. By detaching and reattaching an encrypted volume, an attacker may access the underlying raw volume and corrupt the LUKS header, resulting in a denial of service attack on the compute host. The same code error...

7.5CVSS7.4AI score0.03755EPSS
Exploits1References13
nvd
nvd
added 2019/12/18 6:15 p.m.13 views

CVE-2019-8522

A logic issue was addressed with improved state management. This issue is fixed in macOS Mojave 10.14.4. An encrypted volume may be unmounted and remounted by a different user without prompting for the password...

5.5CVSS5.5AI score0.00253EPSS
Exploits0References1
osv
osv
added 2019/12/18 6:15 p.m.5 views

CVE-2019-8522

A logic issue was addressed with improved state management. This issue is fixed in macOS Mojave 10.14.4. An encrypted volume may be unmounted and remounted by a different user without prompting for the password...

5.5CVSS6.7AI score0.00253EPSS
Exploits0References1
prion
prion
added 2019/12/18 6:15 p.m.14 views

Design/Logic Flaw

A logic issue was addressed with improved state management. This issue is fixed in macOS Mojave 10.14.4. An encrypted volume may be unmounted and remounted by a different user without prompting for the password...

2.1CVSS4.7AI score0.00253EPSS
Exploits0References1Affected Software1
cve
cve
added 2019/12/18 5:33 p.m.78 views

CVE-2019-8522

CVE-2019-8522 affects macOS DiskArbitration. The issue is a logic flaw in state management that could allow an encrypted volume to be unmounted and remounted by a different user without prompting for a password. Apple lists this vulnerability under macOS Mojave 10.14.3/10.14.4 context and explici...

5.5CVSS5.9AI score0.00253EPSS
Exploits0References1Affected Software1
cnvd
cnvd
added 2019/03/28 12:0 a.m.10 views

Apple macOS Mojave DiskArbitration Logic Flaw Vulnerability

Apple macOS Mojave is a dedicated operating system developed by Apple for Mac computers.DiskArbitration is one of the components used to handle disk mounts. A security vulnerability exists in the DiskArbitration component in Apple macOS Mojave versions prior to 10.14.4. An attacker could use this...

5.5CVSS6.6AI score0.00253EPSS
Exploits0References1
prion
prion
added 2018/02/19 5:29 p.m.23 views

Design/Logic Flaw

An issue was discovered in OpenStack Nova 15.x through 15.1.0 and 16.x through 16.1.1. By detaching and reattaching an encrypted volume, an attacker may access the underlying raw volume and corrupt the LUKS header, resulting in a denial of service attack on the compute host. The same code error...

7.8CVSS7.5AI score0.03755EPSS
Exploits1References8Affected Software2
ubuntucve
ubuntucve
added 2018/02/19 5:29 p.m.26 views

CVE-2017-18191

An issue was discovered in OpenStack Nova 15.x through 15.1.0 and 16.x through 16.1.1. By detaching and reattaching an encrypted volume, an attacker may access the underlying raw volume and corrupt the LUKS header, resulting in a denial of service attack on the compute host. The same code error...

7.8CVSS6.9AI score0.03755EPSS
Exploits1References3
cvelist
cvelist
added 2018/02/19 5:0 p.m.45 views

CVE-2017-18191

An issue was discovered in OpenStack Nova 15.x through 15.1.0 and 16.x through 16.1.1. By detaching and reattaching an encrypted volume, an attacker may access the underlying raw volume and corrupt the LUKS header, resulting in a denial of service attack on the compute host. The same code error...

7.4AI score0.03755EPSS
Exploits1References8
cnvd
cnvd
added 2017/10/09 12:0 a.m.5 views

Apple macOS High Sierra StorageKit Information Disclosure Vulnerability

Apple macOS High Sierra is a set of specialized operating systems developed for Mac computers by Apple, Inc.The StorageKit component is one of the storage components. An information disclosure vulnerability exists in the StorageKit component of Apple macOS High Sierra versions prior to 10.13, whi...

7.8CVSS7.2AI score0.00498EPSS
Exploits1References1
nvd
nvd
added 2017/10/03 1:29 a.m.26 views

CVE-2015-7358

The IsDriveLetterAvailable method in Driver/Ntdriver.c in TrueCrypt 7.0, VeraCrypt before 1.15, and CipherShed, when running on Windows, does not properly validate drive letter symbolic links, which allows local users to mount an encrypted volume over an existing drive letter and gain privileges...

7.8CVSS7.7AI score0.01195EPSS
Exploits1References6
prion
prion
added 2017/10/03 1:29 a.m.25 views

Directory traversal

The IsDriveLetterAvailable method in Driver/Ntdriver.c in TrueCrypt 7.0, VeraCrypt before 1.15, and CipherShed, when running on Windows, does not properly validate drive letter symbolic links, which allows local users to mount an encrypted volume over an existing drive letter and gain privileges...

7.2CVSS7.1AI score0.01195EPSS
Exploits1References6Affected Software3
cvelist
cvelist
added 2017/10/02 7:0 p.m.23 views

CVE-2015-7358

The IsDriveLetterAvailable method in Driver/Ntdriver.c in TrueCrypt 7.0, VeraCrypt before 1.15, and CipherShed, when running on Windows, does not properly validate drive letter symbolic links, which allows local users to mount an encrypted volume over an existing drive letter and gain privileges...

7.7AI score0.01195EPSS
Exploits1References6
Rows per page
Query Builder