44 matches found
CVE-2023-23493
A logic issue was addressed with improved state management. This issue is fixed in macOS Ventura 13.2, macOS Monterey 12.6.3. An encrypted volume may be unmounted and remounted by a different user without prompting for the password...
CVE-2023-23493
CVE-2023-23493 is a logic issue in macOS DiskArbitration where an encrypted volume could be unmounted and remounted by a different user without prompting for the password. Apple attributes the fix to macOS Monterey 12.6.3 and macOS Ventura 13.2. Affected component: DiskArbitration (macOS). Impact...
USN-5866-1: Nova vulnerabilities
It was discovered that Nova did not properly manage data logged into the log file. An attacker with read access to the service's logs could exploit this issue and may obtain sensitive information. This issue only affected Ubuntu 16.04 ESM and Ubuntu 18.04 LTS. CVE-2015-9543 It was discovered that...
Apple macOS Monterey 授权问题漏洞
Apple macOS is a specialized operating system developed by Apple Inc. for Mac computers. A security vulnerability exists in Apple macOS Monterey prior to version 12.6.3 and macOS Ventura prior to version 13.2, which stems from a logical issue where an encrypted volume may be uninstalled and...
macOS 12.x < 12.6.3 Multiple Vulnerabilities (HT213604)
The remote host is running a version of macOS / Mac OS X that is 12.x prior to 12.6.3. It is, therefore, affected by multiple vulnerabilities: - This issue was addressed by enabling hardened runtime. This issue is fixed in macOS Monterey 12.6.3, macOS Ventura 13.2, watchOS 9.3, macOS Big Sur...
PT-2023-18985 · Apple · Apple Macos
Name of the Vulnerable Software and Affected Versions: macOS versions prior to 13.2 macOS Monterey versions prior to 12.6.3 Description: A logic issue was addressed with improved state management. This issue allows an encrypted volume to be unmounted and remounted by a different user without...
OpenStack Nova Denial of service attack on the compute host
An issue was discovered in OpenStack Nova 15.x through 15.1.0 and 16.x through 16.1.1. By detaching and reattaching an encrypted volume, an attacker may access the underlying raw volume and corrupt the LUKS header, resulting in a denial of service attack on the compute host. The same code error...
GHSA-FFMH-R67W-M88F OpenStack Nova Denial of service attack on the compute host
An issue was discovered in OpenStack Nova 15.x through 15.1.0 and 16.x through 16.1.1. By detaching and reattaching an encrypted volume, an attacker may access the underlying raw volume and corrupt the LUKS header, resulting in a denial of service attack on the compute host. The same code error...
CVE-2019-8522
A logic issue was addressed with improved state management. This issue is fixed in macOS Mojave 10.14.4. An encrypted volume may be unmounted and remounted by a different user without prompting for the password...
CVE-2019-8522
A logic issue was addressed with improved state management. This issue is fixed in macOS Mojave 10.14.4. An encrypted volume may be unmounted and remounted by a different user without prompting for the password...
Design/Logic Flaw
A logic issue was addressed with improved state management. This issue is fixed in macOS Mojave 10.14.4. An encrypted volume may be unmounted and remounted by a different user without prompting for the password...
CVE-2019-8522
CVE-2019-8522 affects macOS DiskArbitration. The issue is a logic flaw in state management that could allow an encrypted volume to be unmounted and remounted by a different user without prompting for a password. Apple lists this vulnerability under macOS Mojave 10.14.3/10.14.4 context and explici...
Apple macOS Mojave DiskArbitration Logic Flaw Vulnerability
Apple macOS Mojave is a dedicated operating system developed by Apple for Mac computers.DiskArbitration is one of the components used to handle disk mounts. A security vulnerability exists in the DiskArbitration component in Apple macOS Mojave versions prior to 10.14.4. An attacker could use this...
Design/Logic Flaw
An issue was discovered in OpenStack Nova 15.x through 15.1.0 and 16.x through 16.1.1. By detaching and reattaching an encrypted volume, an attacker may access the underlying raw volume and corrupt the LUKS header, resulting in a denial of service attack on the compute host. The same code error...
CVE-2017-18191
An issue was discovered in OpenStack Nova 15.x through 15.1.0 and 16.x through 16.1.1. By detaching and reattaching an encrypted volume, an attacker may access the underlying raw volume and corrupt the LUKS header, resulting in a denial of service attack on the compute host. The same code error...
CVE-2017-18191
An issue was discovered in OpenStack Nova 15.x through 15.1.0 and 16.x through 16.1.1. By detaching and reattaching an encrypted volume, an attacker may access the underlying raw volume and corrupt the LUKS header, resulting in a denial of service attack on the compute host. The same code error...
Apple macOS High Sierra StorageKit Information Disclosure Vulnerability
Apple macOS High Sierra is a set of specialized operating systems developed for Mac computers by Apple, Inc.The StorageKit component is one of the storage components. An information disclosure vulnerability exists in the StorageKit component of Apple macOS High Sierra versions prior to 10.13, whi...
CVE-2015-7358
The IsDriveLetterAvailable method in Driver/Ntdriver.c in TrueCrypt 7.0, VeraCrypt before 1.15, and CipherShed, when running on Windows, does not properly validate drive letter symbolic links, which allows local users to mount an encrypted volume over an existing drive letter and gain privileges...
Directory traversal
The IsDriveLetterAvailable method in Driver/Ntdriver.c in TrueCrypt 7.0, VeraCrypt before 1.15, and CipherShed, when running on Windows, does not properly validate drive letter symbolic links, which allows local users to mount an encrypted volume over an existing drive letter and gain privileges...
CVE-2015-7358
The IsDriveLetterAvailable method in Driver/Ntdriver.c in TrueCrypt 7.0, VeraCrypt before 1.15, and CipherShed, when running on Windows, does not properly validate drive letter symbolic links, which allows local users to mount an encrypted volume over an existing drive letter and gain privileges...