CVE-2018-4849

A vulnerability has been identified in Siveillance VMS Video for Android All versions V12.1a 2018 R1, Siveillance VMS Video for iOS All versions V12.1a 2018 R1. Improper certificate validation could allow an attacker in a privileged network position to read data from and write data to the encrypt...

LC4: Another Pen-and-Paper Cipher

Interesting symmetric cipher: LC4: Abstract: ElsieFour LC4 is a low-tech cipher that can be computed by hand; but unlike many historical ciphers, LC4 is designed to be hard to break. LC4 is intended for encrypted communication between humans only, and therefore it encrypts and decrypts plaintexts...

Gaining Control over Your Digital Certificates

Digital certificate management is in an inadequate state at most organizations, a serious problem, considering that SSL/TLS certificates are critical for a host of e-business functions. “If you’re doing something on the Internet, you’re using SSL,” Asif Karel, a Qualys Director of Product...

TP-Link Technologies TL-WA850RE Wi-Fi Range Extender Unauthorized Remote Reboot

Exploit Title: TP-Link Technologies TL-WA850RE Wi-Fi Range Extender | Unauthorized Remote Reboot Date: 25/04/2018 Exploit Author: Wadeek Vendor Homepage: https://www.tp-link.com/ Firmware Link: https://www.tp-link.com/en/download/TL-WA850RE.html Category: dos 1. www.shodan.io with title...

RHEL 7 : python-paramiko (RHSA-2018:1213)

The remote Redhat Enterprise Linux 7 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2018:1213 advisory. The python-paramiko package provides a Python module that implements the SSH2 protocol for encrypted and authenticated connections to remote machines...

TP-Link Technologies TL-WA850RE Wi-Fi Range Extender - Remote Reboot

TP-Link Technologies TL-WA850RE Wi-Fi Range Extender - Remote Reboot Exploit Title: TP-Link Technologies TL-WA850RE Wi-Fi Range Extender | Unauthorized Remote Reboot Date: 25/04/2018 Exploit Author: Wadeek Vendor Homepage: https://www.tp-link.com/ Firmware Link:...

TP-Link Technologies TL-WA850RE Wi-Fi Range Extender - Remote Reboot

Exploit Title: TP-Link Technologies TL-WA850RE Wi-Fi Range Extender | Unauthorized Remote Reboot Date: 25/04/2018 Exploit Author: Wadeek Vendor Homepage: https://www.tp-link.com/ Firmware Link: https://www.tp-link.com/en/download/TL-WA850RE.html Category: dos 1. www.shodan.io with title...

Low: Red Hat Security Advisory: python-paramiko security update

An update for python-paramiko is now available for Red Hat Ansible Engine 2.4 for RHEL 7. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

Apple macOS High Sierra Mail Man-in-the-Middle Attack Vulnerability

Apple macOS High Sierra is a specialized operating system developed by Apple Inc. for Mac computers.Mail is one of the email components. A security vulnerability exists in the handling of S/MIME HTML email messages in the Mail component in Apple macOS High Sierra versions prior to 10.13.4. An...

Exploit for CVE-2012-4929

CRIME-poc CRIME attack : a compression oracle attacks CVE-20...

Design/Logic Flaw

IBM Tivoli Identity Manager 5.1.x before 5.1.0.15-ISS-TIM-IF0057 and Security Identity Manager 6.0.x before 6.0.0.4-ISS-SIM-IF0001 and 7.0.x before 7.0.0.0-ISS-SIM-IF0003 store encrypted user credentials and the keystore password in cleartext in configuration files, which allows local users to...

CVE-2014-6111

IBM Tivoli Identity Manager 5.1.x before 5.1.0.15-ISS-TIM-IF0057 and Security Identity Manager 6.0.x before 6.0.0.4-ISS-SIM-IF0001 and 7.0.x before 7.0.0.0-ISS-SIM-IF0003 store encrypted user credentials and the keystore password in cleartext in configuration files, which allows local users to...

RHEL 6 : python-paramiko (RHSA-2018:1124)

An update for python-paramiko is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...

Critical: Red Hat Security Advisory: python-paramiko security update

An update for python-paramiko is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...

Critical: Red Hat Security Advisory: python-paramiko security update

An update for python-paramiko is now available for Red Hat Enterprise Linux 6.4 Advanced Update Support, Red Hat Enterprise Linux 6.5 Advanced Update Support, Red Hat Enterprise Linux 6.6 Advanced Update Support, Red Hat Enterprise Linux 6.6 Telco Extended Update Support, and Red Hat Enterprise...

Google Android encrypted-keys information disclosure vulnerability

Android on Google Pixel and Nexus is a Linux-based open source operating system for the Google Pixel and Nexus smartphones developed by Google and the Open Handset Alliance OHA. encrypted-keys is one of the encrypted-keys is one of the encryption programs. An information disclosure vulnerability...

Thycotic Secret Server Credentials Disclosure Vulnerability

The Remote Desktop Launcher in Thycotic Secret Server does not properly cleanup a temporary file that contains an encrypted password once a session has ended. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the...

McAfee Network Security Management Information Disclosure Vulnerability

McAfee Network Security Management NSM is a suite of network security solutions from McAfee that enables real-time monitoring of deployed McAfee intrusion prevention systems across the network. A security vulnerability exists in McAfee NSM that stems from the program's support for using RC4...

CVE-2018-7506

The private key of the web server in Moxa MXview versions 2.8 and prior is able to be read and accessed via an HTTP GET request, which may allow a remote attacker to decrypt encrypted information...

CVE-2018-7506

The private key of the web server in Moxa MXview versions 2.8 and prior is able to be read and accessed via an HTTP GET request, which may allow a remote attacker to decrypt encrypted information...