5461 matches found
[SECURITY] Fedora 34 Update: golang-github-xordataexchange-crypt-0.0.2-11.20190412gitb2862e3.fc34
Store and retrieve encrypted configs from etcd or consul...
[SECURITY] Fedora 35 Update: golang-github-xordataexchange-crypt-0.0.2-11.20190412gitb2862e3.fc35
Store and retrieve encrypted configs from etcd or consul...
Low: grub2
Issue Overview: A flaw in grub2 was found where its configuration file, known as grub.cfg, is being created with the wrong permission set allowing non privileged users to read its content. This represents a low severity confidentiality issue, as those users can eventually read any encrypted...
PT-2022-6408 · Linux +4 · Linux Kernel +4
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A flaw was found in the Linux kernel, specifically in the KVM SEV API, which allows a non-root user-level application to crash the host kernel by creating a confidential guest VM...
Windows/x86 - XOR/DEC/NOT/ROR encrypted / encoded + null free reverse tcp Shellcode (840 bytes)
Windows/x86 - XOR/DEC/NOT/ROR XDNR encrypted / encoded + null free reverse tcp 192.168.201.11:4444 Shellcode 840 bytes / \ / /\ \ \ \ \ \ / | | \ / | | / / \ | / | \ | \ //\ / /| /| / / / / / X0R Cryptor with DEC/N0T/R0R encoder plus random byte insertion Author: @xen0vas / include...
CVE-2022-1257
Insecure storage of sensitive information vulnerability in MA for Linux, macOS, and Windows prior to 5.7.6 allows a local user to gain access to sensitive information through storage in ma.db. The sensitive information has been moved to encrypted database files...
CVE-2022-1257
Insecure storage of sensitive information vulnerability in MA for Linux, macOS, and Windows prior to 5.7.6 allows a local user to gain access to sensitive information through storage in ma.db. The sensitive information has been moved to encrypted database files...
McAfee Agent 安全漏洞
The Mcafee McAfee Agent MA is a set of client-side components from Mcafee, Inc. that provides secure communication between ePolicy Orchestrator antivirus management platform and managed products. A security vulnerability previously existed in McAfee Agent for Linux, macOS, and Windows 5.7.6 that...
Fortinet FortiEDR 信任管理问题漏洞
Fortinet FortiEDR is a scratch-built endpoint security solution from Fortinet U.S.A. Fortinet FortiEDR is vulnerable to a trust management issue that stems from the use of hard-coded encrypted RSA keys, which can be exploited by local attackers to disable and offload collectors from endpoints in...
PT-2022-9996 · Qualcomm · Qualcomm Snapdragon
Name of the Vulnerable Software and Affected Versions: Qualcomm Snapdragon affected versions not specified Description: The issue is related to improper validation of buffer size input to the EFS file, which can lead to memory corruption in various Qualcomm Snapdragon products, including Snapdrag...
Mitsubishi Electric MELSEC iQ-F series 加密问题漏洞
Mitsubishi Electric Automation China Co., Ltd. is a wholly-owned enterprise in China invested by Mitsubishi Electric Corporation. It mainly produces mechanical appliances for power distribution including low-voltage circuit breakers, electromagnetic openers and closers, electrical processing...
CVE-2022-24693
Baicells Nova436Q and Neutrino 430 devices with firmware through QRTB 2.7.8 have hardcoded credentials that are easily discovered, and can be used by remote attackers to authenticate via ssh. The credentials are stored in the firmware, encrypted by the crypt function...
Hardcoded credentials
Baicells Nova436Q and Neutrino 430 devices with firmware through QRTB 2.7.8 have hardcoded credentials that are easily discovered, and can be used by remote attackers to authenticate via ssh. The credentials are stored in the firmware, encrypted by the crypt function...
CVE-2022-24778
A flaw was found in the imgcrypt library when checking the keys of an authorized user to access an encrypted image on systems where layers are not available and cannot run on the host architecture. This flaw allows an attacker to run an image without providing the previously decrypted keys...
[SECURITY] Fedora 34 Update: python-paramiko-2.10.3-1.fc34
Paramiko a combination of the Esperanto words for "paranoid" and "friend" is a module for python 2.3 or greater that implements the SSH2 protocol for secu re encrypted and authenticated connections to remote machines. Unlike SSL aka TLS, the SSH2 protocol does not require hierarchical certificate...
[SECURITY] Fedora 36 Update: python-paramiko-2.10.3-1.fc36
Paramiko a combination of the Esperanto words for "paranoid" and "friend" is a module for python 2.3 or greater that implements the SSH2 protocol for secu re encrypted and authenticated connections to remote machines. Unlike SSL aka TLS, the SSH2 protocol does not require hierarchical certificate...
CVE-2022-24778
The imgcrypt library provides API exensions for containerd to support encrypted container images and implements the ctd-decoder command line tool for use by containerd to decrypt encrypted container images. The imgcrypt function CheckAuthorization is supposed to check whether the current used is...
CVE-2022-24778
The imgcrypt library provides API exensions for containerd to support encrypted container images and implements the ctd-decoder command line tool for use by containerd to decrypt encrypted container images. The imgcrypt function CheckAuthorization is supposed to check whether the current used is...
Design/Logic Flaw
The imgcrypt library provides API exensions for containerd to support encrypted container images and implements the ctd-decoder command line tool for use by containerd to decrypt encrypted container images. The imgcrypt function CheckAuthorization is supposed to check whether the current used is...
CVE-2022-24778 Incorrect Authorization in imgcrypt
The imgcrypt library provides API exensions for containerd to support encrypted container images and implements the ctd-decoder command line tool for use by containerd to decrypt encrypted container images. The imgcrypt function CheckAuthorization is supposed to check whether the current used is...