The vulnerability of the access control tool, Policy Manager, in the software for remote IT support and monitoring provided by Dell Secure Connect Gateway (SCG), allows a perpetrator to increase their privileges.

The vulnerability of the access control mechanism in the Policy Manager software for remote IT support and monitoring in Dell Secure Connect Gateway SCG is related to the use of a strictly encrypted cryptographic key. Exploiting this vulnerability could allow an attacker to increase their...

The vulnerability of the AMD Secure Encrypted Virtualization (SEV) technology in microprogramming software for AMD processors allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of AMD Secure Encrypted Virtualization SEV microprogramming software for processors is related to insufficient validation of input data. Exploiting this vulnerability can allow an intruder to gain unauthorized access to protected information...

The vulnerability of the AMD Secure Encrypted Virtualization (SEV) technology in microprogramming software for AMD processors allows attackers to disclose protected information.

The vulnerability of AMD Secure Encrypted Virtualization SEV microprogramming software for processors is related to the execution of operations outside of the buffer in memory. Exploiting this vulnerability could allow an attacker to disclose protected information...

The vulnerabilities of AMD Secure Processor (ASP), System Management Unit (SMU), and Secure Encrypted Virtualization (SEV) related to initialization errors allow attackers to disclose protected information.

The vulnerabilities of AMD Secure Processor ASP, System Management Unit SMU, and Secure Encrypted Virtualization SEV related to initialization errors allow attackers to expose protected information...

Bitdefender Releases Free MortalKombat Ransomware Decryptor

By Waqas The free Mortal Kombat ransomware decryptor is now available for victims to recover their encrypted files without having to pay the ransom. This is a post from HackRead.com Read the original post: Bitdefender Releases Free MortalKombat Ransomware Decryptor...

LastPass Reveals Second Attack Resulting in Breach of Encrypted Password Vaults

LastPass, which in December 2022 disclosed a severe data breach that allowed threat actors to access encrypted password vaults, said it happened as a result of the same adversary launching a second attack on its systems. The company said one of its DevOps engineers had their personal home compute...

LastPass Reveals Second Attack Resulting in Breach of Encrypted Password Vaults

LastPass, which in December 2022 disclosed a severe data breach that allowed threat actors to access encrypted password vaults, said it happened as a result of the same adversary launching a second attack on its systems. The company said one of its DevOps engineers had their personal home compute...

CVE-2023-23493

A logic issue was addressed with improved state management. This issue is fixed in macOS Ventura 13.2, macOS Monterey 12.6.3. An encrypted volume may be unmounted and remounted by a different user without prompting for the password...

CVE-2023-23493

A logic issue was addressed with improved state management. This issue is fixed in macOS Ventura 13.2, macOS Monterey 12.6.3. An encrypted volume may be unmounted and remounted by a different user without prompting for the password...

Design/Logic Flaw

A logic issue was addressed with improved state management. This issue is fixed in macOS Ventura 13.2, macOS Monterey 12.6.3. An encrypted volume may be unmounted and remounted by a different user without prompting for the password...

Information Disclosure

accountsservice is vulnerable to Information Disclosure. The vulnerability exists in the userchangepasswordauthorizedcb function of user.c, which could let local users obtain encrypted passwords...

CVE-2023-23493

A logic issue was addressed with improved state management. This issue is fixed in macOS Ventura 13.2, macOS Monterey 12.6.3. An encrypted volume may be unmounted and remounted by a different user without prompting for the password...

CVE-2023-23493

A logic issue was addressed with improved state management. This issue is fixed in macOS Ventura 13.2, macOS Monterey 12.6.3. An encrypted volume may be unmounted and remounted by a different user without prompting for the password...

CVE-2023-23493

CVE-2023-23493 is a logic issue in macOS DiskArbitration where an encrypted volume could be unmounted and remounted by a different user without prompting for the password. Apple attributes the fix to macOS Monterey 12.6.3 and macOS Ventura 13.2. Affected component: DiskArbitration (macOS). Impact...

The vulnerability of the software for programming Mitsubishi Electric GX Works3 lies in the ability to use strictly encrypted user data, which allows a intruder to obtain information about the project files for security modules on the CPU.

The vulnerability of the software for programming Mitsubishi Electric GX Works3 relates to the possibility of using strictly encrypted user data. Exploiting this vulnerability can allow a malicious actor to obtain information about project files for security modules via the MELSEC protocol...

K10281096: TLS in Mozilla NSS vulnerability CVE-2018-12404

Security Advisory Description A cached side channel attack during handshakes using RSA encryption could allow for the decryption of encrypted content. This is a variant of the Adaptive Chosen Ciphertext attack AKA Bleichenbacher attack and affects all NSS versions prior to NSS 3.41. CVE-2018-1240...

K23284054: The BIG-IP SMTPS virtual server may fail to properly restrict I/O buffering, allowing attackers to insert commands into encrypted SMTP sessions

Security Advisory Description This issue occurs the following condition is met: A virtual server is configured with a Client SSL profile and an SMTPS profile that has the STARTTLS Activation Mode setting enabled Allow or Require for processing SMTPS traffic. Impact When system receives these SMTP...

K30315990: OpenVPN vulnerability CVE-2016-6329

Security Advisory Description OpenVPN, when using a 64-bit block cipher, makes it easier for remote attackers to obtain cleartext data via a birthday attack against a long-duration encrypted session, as demonstrated by an HTTP-over-OpenVPN session using Blowfish in CBC mode, aka a "Sweet32" attac...

K92616530: Samba vulnerability CVE-2015-5296

Security Advisory Description Samba 3.x and 4.x before 4.1.22, 4.2.x before 4.2.7, and 4.3.x before 4.3.3 supports connections that are encrypted but unsigned, which allows man-in-the-middle attackers to conduct encrypted-to-unencrypted downgrade attacks by modifying the client-server data stream...

K72752002: BIG-IP SSL/TLS CRL vulnerability CVE-2020-5913

Security Advisory Description The BIG-IP Client or Server SSL profile ignores revoked certificates, even when a valid CRL is present. This impacts SSL/TLS connections and may result in a man-in-the-middle attack on the connections. CVE-2020-5913 Impact The BIG-IP system does not enforce Transport...