38 matches found
PT-2021-24353 · Amazon Web Services · Aws Encryption Sdk For Java
Name of the Vulnerable Software and Affected Versions: AWS Encryption SDK for Java versions 2.0.0 through 2.2.0 AWS Encryption SDK for Java versions less than 1.9.0 Description: The issue concerns the incorrect validation of some invalid ECDSA signatures. This affects the integrity of the...
PYSA, the ransomware attacking schools
The education sector’s cybersecurity problem has compounded in the last few months. A recent warning from the FBI, in mid-March, put schools in the US and UK on notice of increased attacks from the threat actors behind the PYSA ransomware. If this is the first time you’ve heard of this family, re...
CVE-2020-26551
An issue was discovered in Aviatrix Controller before R5.3.1151. Encrypted key values are stored in a readable file...
Denial Of Service (DoS)
kernel-rt is vulnerable to denial of service DoS attacks. The vulnerability exists as the KEYS subsystem in the Linux kernel before 4.4 allows local users to gain privileges or cause a denial of service BUG via crafted keyctl commands that negatively instantiate a key, related to...
SUSE-SU-2018:1855-2 Security update for the Linux Kernel
The SUSE Linux Enterprise 12 SP2 LTSS kernel was updated receive various security and bugfixes. The following security bugs were fixed: - CVE-2018-5848: In the function wmisetie, the length validation code did not handle unsigned integer overflow properly. As a result, a large value of the 'ielen...
SUSE SLES12 Security Update : kernel (SUSE-SU-2018:1761-1)
The SUSE Linux Enterprise 12 SP1 LTSS kernel was updated to receive various security and bugfixes. The following security bugs were fixed : - CVE-2018-3665: Prevent disclosure of FPU registers including XMM and AVX registers between processes. These registers might contain encryption keys when...
Google Android encrypted-keys information disclosure vulnerability
Android on Google Pixel and Nexus is a Linux-based open source operating system for the Google Pixel and Nexus smartphones developed by Google and the Open Handset Alliance OHA. encrypted-keys is one of the encrypted-keys is one of the encryption programs. An information disclosure vulnerability...
CVE-2017-13305
A information disclosure vulnerability in the Upstream kernel encrypted-keys. Product: Android. Versions: Android kernel. Android ID: A-70526974...
CVE-2017-13305
A information disclosure vulnerability in the Upstream kernel encrypted-keys. Product: Android. Versions: Android kernel. Android ID: A-70526974...
DEBIAN-CVE-2017-13305
A information disclosure vulnerability in the Upstream kernel encrypted-keys. Product: Android. Versions: Android kernel. Android ID: A-70526974...
Information disclosure
A information disclosure vulnerability in the Upstream kernel encrypted-keys. Product: Android. Versions: Android kernel. Android ID: A-70526974...
CVE-2017-13305
A information disclosure vulnerability in the Upstream kernel encrypted-keys. Product: Android. Versions: Android kernel. Android ID: A-70526974...
CVE-2017-13305
A information disclosure vulnerability in the Upstream kernel encrypted-keys. Product: Android. Versions: Android kernel. Android ID: A-70526974...
CVE-2017-13305
A information disclosure vulnerability in the Upstream kernel encrypted-keys. Product: Android. Versions: Android kernel. Android ID: A-70526974...
UBUNTU-CVE-2017-13305
A information disclosure vulnerability in the Upstream kernel encrypted-keys. Product: Android. Versions: Android kernel. Android ID: A-70526974...
Design/Logic Flaw
The SSH Plugin stores credentials which allow jobs to access remote servers via the SSH protocol. User passwords and passphrases for encrypted SSH keys are stored in plaintext in a configuration file...
PHPCMS v9.5.10 suffers from a design vulnerability
PHPCMS is a website management software. The software adopts modular development and supports a variety of classification methods, using it can easily realize the design, development and maintenance of personalized websites. A design vulnerability exists in PHPCMS v9.5.10, which allows an attacke...
OracleVM 3.3 : nss (OVMSA-2014-0014)
The remote OracleVM system is missing necessary patches to address critical security updates : - Added nss-vendor.patch to change vendor - Update some patches on account of the rebase - Resolves: Bug 1099619 - Backport nss-3.12.6 upstream fix required by Firefox 31 - Resolves: Bug 1099619 - Remov...