CVE-2021-43552 Philips Patient Information Center iX (PIC iX) and Efficia CM Series Use of Hard-coded Cryptographic Key

The use of a hard-coded cryptographic key significantly increases the possibility encrypted data may be recovered from the Patient Information Center iX PIC iX Versions B.02, C.02, and C.03...

DEBIAN-CVE-2021-44541

A vulnerability was found in Privoxy which was fixed in processencryptedrequestheaders by freeing header memory when failing to get the request destination...

CVE-2021-45100

An unexpected, non-encrypted communication flaw in the Linux kernel's ksmbd Samba 3 protocol implementation subsystem was found in the way when user set flag SMB2GLOBALCAPENCRYPTION using the SMB 3.1.1 protocol. If during connection flag SMB2GLOBALCAPENCRYPTION being used by remote user, then for...

Unspecified Vulnerability in Parallels Remote Application Server

Parallels Remote Application Server RAS is an application delivery and VDI Virtual Desktop Infrastructure solution from Parallels, Inc. A security vulnerability exists in Parallels Remote Application Server RAS that originated from a vulnerability that allows a local attacker to retrieve certain...

CVE-2021-42138

A user of a machine protected by SafeNet Agent for Windows Logon may leverage weak entropy to access the encrypted credentials of any or all the users on that machine...

CVE-2021-42138

A user of a machine protected by SafeNet Agent for Windows Logon may leverage weak entropy to access the encrypted credentials of any or all the users on that machine...

Code injection

A user of a machine protected by SafeNet Agent for Windows Logon may leverage weak entropy to access the encrypted credentials of any or all the users on that machine...

CVE-2021-42138

A user of a machine protected by SafeNet Agent for Windows Logon may leverage weak entropy to access the encrypted credentials of any or all the users on that machine...

CVE-2021-42138

CVE-2021-42138 : The vulnerability affects SafeNet Agent for Windows Logon and allows a user on a protected machine to leverage weak entropy to access the encrypted credentials of any or all other users on that machine. The available documents do not provide exploit code, specific affected versio...

SafeNet Agent for Windows 安全特征问题漏洞

SafeNet Agent for Windows is the SafeNet Authentication Service Agent for Windows Logon WLA 2.3.0. A security vulnerability exists in SafeNet Agent for Windows, which arises from a user of a machine protected by SafeNet Agent for Windows Logon who can leverage weak entropy to access the encrypted...

Parallels Remote Application Server 安全漏洞

Parallels Remote Application Server RAS is an application delivery and VDI Virtual Desktop Infrastructure solution from Parallels, Inc. A security vulnerability exists in Parallels Remote Application Server RAS that originated from a vulnerability that allows a local attacker to retrieve certain...

TLB Poisoning Attacks on AMD Secure Encrypted Virtualization (SEV) - Lenovo Support US

No description provided...

UBUNTU-CVE-2021-4093

A flaw was found in the KVM's AMD code for supporting the Secure Encrypted Virtualization-Encrypted State SEV-ES. A KVM guest using SEV-ES can trigger out-of-bounds reads and writes in the host kernel via a malicious VMGEXIT for a string I/O instruction for example, outs or ins using the exit...

CVE-2021-4093

A flaw was found in the KVM's AMD code for supporting the Secure Encrypted Virtualization-Encrypted State SEV-ES. A KVM guest using SEV-ES can trigger out-of-bounds reads and writes in the host kernel via a malicious VMGEXIT for a string I/O instruction for example, outs or ins using the exit...

Privoxy 输入验证错误漏洞

Privoxy is a proxy server from the Privoxy team in the USA that does not cache web pages and comes with its own filtering features. It has advanced filtering features to enhance privacy, modify web data and HTTP headers, control access and remove advertisements and other annoying Internet...

Privoxy -- Multiple vulnerabilities (memory leak, XSS)

Privoxy reports: cgierrornotemplate: Encode the template name to prevent XSS cross-site scripting when Privoxy is configured to servce the user-manual itself. Commit 0e668e9409c. OVE-20211102-0001. CVE-2021-44543. Reported by: Artem Ivanov geturlspecparam: Free memory of compiled pattern spec...

Vulnerability fixed in Fortinet products

A vulnerability has been fixed in FortiSandbox, FortiWeb, FortiADC and FortiMail. A malicious party in possession of the password store could potentially gain access to encrypted data. Fortinet has released updates to address the vulnerability. fix. For more information, see:...

Fortinet FortiMail 安全漏洞

Fortinet FortiMail is a set of e-mail security gateway products of the U.S. Fita Fortinet. The product provides email security and data protection features. A security vulnerability exists in Fortinet FortiWeb that stems from a missing encryption step vulnerability in FortiSandbox prior to 4.0.1,...

CVE-2021-22170

Assuming a database breach, nonce reuse issues in GitLab 11.6+ allows an attacker to decrypt some of the database's encrypted content...

UBUNTU-CVE-2021-22170

Assuming a database breach, nonce reuse issues in GitLab 11.6+ allows an attacker to decrypt some of the database's encrypted content...