Siemens RUGGEDCOM ROS has an unspecified vulnerability (CNVD-2022-17784)

Siemens RuggedCom ROS is an operating system used in the RuggedCom family of switches from Siemens, Germany. Siemens RUGGEDCOM ROS has a security vulnerability that could be exploited by attackers to act as a man-in-the-middle and eavesdrop on encrypted communications...

CVE-2021-3981

A flaw in grub2 was found where its configuration file, known as grub.cfg, is being created with the wrong permission set allowing non privileged users to read its content. This represents a low severity confidentiality issue, as those users can eventually read any encrypted passwords present in...

CVE-2021-3981

CVE-2021-3981 — GRUB2 grub.cfg permission issue . Affected: grub2 (2.06 and earlier). Root cause: configuration file grub.cfg created with insecure permissions, enabling non-privileged users to read contents (confidentiality impact). Impact: low severity per description; reads of encrypted passwo...

Siemens RUGGEDCOM 安全特征问题漏洞

Siemens RuggedCom ROS is an operating system used in the RuggedCom family of switches from Siemens, Germany. Siemens RUGGEDCOM ROS has a security vulnerability that could be exploited by attackers to act as a man-in-the-middle and eavesdrop on encrypted communications...

CVE-2022-21170

Improper check for certificate revocation in i-FILTER Ver.10.45R01 and earlier, i-FILTER Ver.9.50R10 and earlier, i-FILTER Browser & Cloud MultiAgent for Windows Ver.4.93R04 and earlier, and D-SPA Ver.3 / Ver.4 using i-FILTER allows a remote unauthenticated attacker to conduct a man-in-the-middle...

Qualcomm 芯片缓冲区错误漏洞

A Qualcomm chip is a chip from Qualcomm Incorporated USA. A way of miniaturizing circuits mainly semiconductor devices, but also passive components, etc., and from time to time manufactured on the surface of semiconductor wafers. A security vulnerability exists in a number of Qualcomm products th...

Digital Arts i-FILTER 信任管理问题漏洞

Digital Arts i-FILTER is a web filtering software from Digital Arts Japan. It is used to counter targeted attacks. A security vulnerability exists in Digital Arts i-FILTER that originates from improper certificate revocation checks. A remote attacker could exploit the vulnerability to conduct a...

The vulnerability of the server application for managing food manufacturing enterprises AK-EM 800, related to the use of rigidly encrypted accounting data, allows a perpetrator to increase their privileges.

The vulnerability of the server application for managing food manufacturing enterprises AK-EM 800 is related to the use of rigidly encrypted accounting data. Exploiting this vulnerability can allow attackers to enhance their privileges...

CVE-2021-43774

A risky-algorithm issue was discovered on Fujifilm DocuCentre-VI C4471 1.8 devices. An attacker that obtained access to the administrative web interface of a printer e.g., by using the default credentials can download the address book file, which contains the list of users domain users, FTP users...

Default credentials

A risky-algorithm issue was discovered on Fujifilm DocuCentre-VI C4471 1.8 devices. An attacker that obtained access to the administrative web interface of a printer e.g., by using the default credentials can download the address book file, which contains the list of users domain users, FTP users...

CVE-2021-43774

A risky-algorithm issue was discovered on Fujifilm DocuCentre-VI C4471 1.8 devices. An attacker that obtained access to the administrative web interface of a printer e.g., by using the default credentials can download the address book file, which contains the list of users domain users, FTP users...

A flaw was found in the KVM's AMD code for supporting the Secure Encrypted Virtualization-Encrypted State (SEV-ES). A KVM guest using SEV-ES can trigger out-of-bounds reads and writes in the host kernel via a malicious VMGEXIT for a string I/O instruction (for example outs or ins) using the exit reason SVM_EXIT_IOIO. This issue results in a crash of the entire system or a potential guest-to-host escape scenario.

...

Hive ransomware: Researchers figure out a method to decrypt files

Files encrypted by ransomware cant be recovered without obtaining the decryption key, if the encryption has been done properly. But that doesnt seem to be the case for Hive ransomware. Researchers from the Kookmin University in Korea have published a method for decrypting the data scrambled by...

ASUS CMAX6000 Information Disclosure Vulnerability

The ASUS Cmax6000 is a 4x4 dual-band Wifi cable modem router from Asus China. A security vulnerability exists in ASUS CMAX6000 v1.02.00, which can be exploited by an attacker to recover encrypted data via a hard-coded key...

OESA-2022-1528 ceph security update

User space components of the Ceph file system. Security Fixes: The key length for encrypted devices created using ceph-volume is incorrect. This is due to a bug in cephvolume/util/encryption.py, where upon writing a key using osddmcryptkeysize it does not pass the key size to the format and open...

CVE-2021-4093

A flaw was found in the KVM's AMD code for supporting the Secure Encrypted Virtualization-Encrypted State SEV-ES. A KVM guest using SEV-ES can trigger out-of-bounds reads and writes in the host kernel via a malicious VMGEXIT for a string I/O instruction for example, outs or ins using the exit...

CVE-2021-4093

A flaw was found in the KVM's AMD code for supporting the Secure Encrypted Virtualization-Encrypted State SEV-ES. A KVM guest using SEV-ES can trigger out-of-bounds reads and writes in the host kernel via a malicious VMGEXIT for a string I/O instruction for example, outs or ins using the exit...

DEBIAN-CVE-2021-4093

A flaw was found in the KVM's AMD code for supporting the Secure Encrypted Virtualization-Encrypted State SEV-ES. A KVM guest using SEV-ES can trigger out-of-bounds reads and writes in the host kernel via a malicious VMGEXIT for a string I/O instruction for example, outs or ins using the exit...

CVE-2021-4093

A flaw was found in the KVM's AMD code for supporting the Secure Encrypted Virtualization-Encrypted State SEV-ES. A KVM guest using SEV-ES can trigger out-of-bounds reads and writes in the host kernel via a malicious VMGEXIT for a string I/O instruction for example, outs or ins using the exit...

CVE-2021-4093

CVE-2021-4093 : A flaw in the KVM AMD SEV-ES code allows a malicious VM using SEV-ES to trigger out-of-bounds reads/writes in the host kernel via a VMGEXIT with a string I/O instruction (e.g., outs/ins) using exit reason SVM_EXIT_IOIO. This can crash the host or enable a guest-to-host escape. Aff...