5459 matches found
CVE-2023-4155
A flaw was found in KVM AMD Secure Encrypted Virtualization SEV in the Linux kernel. A KVM guest using SEV-ES or SEV-SNP with multiple vCPUs can trigger a double fetch race condition vulnerability and invoke the VMGEXIT handler recursively. If an attacker manages to call the handler multiple time...
CVE-2023-0525
Weak Encoding for Password vulnerability in Mitsubishi Electric Corporation GOT2000 Series GT27 model versions 01.49.000 and prior, GT25 model versions 01.49.000 and prior, GT23 model versions 01.49.000 and prior, GT21 model versions 01.49.000 and prior, GOT SIMPLE Series GS25 model versions...
Design/Logic Flaw
Weak Encoding for Password vulnerability in Mitsubishi Electric Corporation GOT2000 Series GT27 model versions 01.49.000 and prior, GT25 model versions 01.49.000 and prior, GT23 model versions 01.49.000 and prior, GT21 model versions 01.49.000 and prior, GOT SIMPLE Series GS25 model versions...
CVE-2023-0525
Weak Encoding for Password vulnerability in Mitsubishi Electric Corporation GOT2000 Series GT27 model versions 01.49.000 and prior, GT25 model versions 01.49.000 and prior, GT23 model versions 01.49.000 and prior, GT21 model versions 01.49.000 and prior, GOT SIMPLE Series GS25 model versions...
CVE-2023-0525
Summary (CVE-2023-0525) : The vulnerability affects Mitsubishi Electric GOT2000/GOT SIMPLE GT2000-era products and related tools, where the Data Transfer Security function can leak plaintext passwords. Affected: GT2000 series GT21/GT23/GT25/GT27 (versions 01.49.000 and earlier); GOT SIMPLE GS21/G...
GHSA-GPCV-P28P-FV2P odoh-rs's Invalid Slice Split Results in Server Panic
A vulnerability was discovered in the odoh-rs rust crate that stems from faulty logic during the parsing of encrypted queries. This issue specifically occurs when processing encrypted query data received from remote clients. Impact An attacker with knowledge of this vulnerability could craft and...
odoh-rs's Invalid Slice Split Results in Server Panic
A vulnerability was discovered in the odoh-rs rust crate that stems from faulty logic during the parsing of encrypted queries. This issue specifically occurs when processing encrypted query data received from remote clients. Impact An attacker with knowledge of this vulnerability could craft and...
CVE-2023-3766
A vulnerability was discovered in the odoh-rs rust crate that stems from faulty logic during the parsing of encrypted queries. This issue specifically occurs when processing encrypted query data received from remote clients and enables an attacker with knowledge of this vulnerability to craft and...
CVE-2023-3766
A vulnerability was discovered in the odoh-rs rust crate that stems from faulty logic during the parsing of encrypted queries. This issue specifically occurs when processing encrypted query data received from remote clients and enables an attacker with knowledge of this vulnerability to craft and...
Code injection
A vulnerability was discovered in the odoh-rs rust crate that stems from faulty logic during the parsing of encrypted queries. This issue specifically occurs when processing encrypted query data received from remote clients and enables an attacker with knowledge of this vulnerability to craft and...
CVE-2023-3766 Invalid Slice Split Results in Server Panic
A vulnerability was discovered in the odoh-rs rust crate that stems from faulty logic during the parsing of encrypted queries. This issue specifically occurs when processing encrypted query data received from remote clients and enables an attacker with knowledge of this vulnerability to craft and...
CVE-2023-3766
The CVE-2023-3766 issue affects the odoh-rs Rust crate, caused by faulty logic in parsing encrypted queries. When processing data from remote clients, an attacker can craft specially designed encrypted queries that trigger a server panic/crash, temporarily disrupting ODOH service availability. Pa...
RUSTSEC-2023-0095 Invalid Slice Split Results in Server Panic
A vulnerability was discovered in the odoh-rs rust crate that stems from faulty logic during the parsing of encrypted queries. This issue specifically occurs when processing encrypted query data received from remote clients. Impact An attacker with knowledge of this vulnerability could craft and...
Invalid Slice Split Results in Server Panic
A vulnerability was discovered in the odoh-rs rust crate that stems from faulty logic during the parsing of encrypted queries. This issue specifically occurs when processing encrypted query data received from remote clients. Impact An attacker with knowledge of this vulnerability could craft and...
odoh-rs security vulnerability
odoh-rs is a Cloudflare open source library that implements the RFC 9230 Oblivious DNS over HTTPS protocol in Rust. A security vulnerability exists in versions prior to odoh-rs rust crate 1.0.2, which stems from faulty logic during the parsing of encrypted queries, and which can be exploited by a...
The vulnerability of the SonicWall Analytics analytical service and the SonicWall Global Management System (GMS), a global network gatekeeper system, allows attackers to compromise data integrity.
The vulnerability of the SonicWall Analytics analytical service and the SonicWall Global Management System’s global network gateways is related to the use of a strictly encrypted cryptographic key. Exploiting this vulnerability could allow an attacker operating remotely to compromise the integrit...
Debian dla-3511 : amd64-microcode - security update
The remote Debian 10 host has a package installed that is affected by multiple vulnerabilities as referenced in the dla-3511 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-3511-1 [email protected]...
Fedora: Security Advisory for openssh (FEDORA-2023-878e04f4ae)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
PT-2023-12752 · Tetra · Tetra
Name of the Vulnerable Software and Affected Versions: TETRA affected versions not specified Description: The issue is related to a lack of cryptographic integrity check on TETRA air-interface encrypted traffic. This allows an active adversary to manipulate cleartext data in a bit-by-bit fashion...
PT-2023-35500 · Git-Annex · Git-Annex
Name of the Vulnerable Software and Affected Versions: git-annex versions prior to 6.20160419 Description: A bug in git-annex exposed the checksum of annexed files to encrypted special remotes, which should not have access to this information. This issue occurred when resuming uploads to the...