CVE-2019-11755

A crafted S/MIME message consisting of an inner encryption layer and an outer SignedData layer was shown as having a valid digital signature, although the signer might have had no access to the contents of the encrypted message, and might have stripped a different signature from the encrypted...

Cisco IOS and IOS XE HTTP Client Resource Management Error Vulnerability

Cisco IOS and IOS XE are a set of operating systems developed by Cisco for its network devices. A resource management error vulnerability exists in the HTTP client functionality in Cisco IOS and IOS XE, which arises from a program that does not take into account TCP port information when matching...

CVE-2019-12665

A vulnerability in the HTTP client feature of Cisco IOS and IOS XE Software could allow an unauthenticated, remote attacker to read and modify data that should normally have been sent via an encrypted channel. The vulnerability is due to TCP port information not being considered when matching new...

Design/Logic Flaw

A vulnerability in the HTTP client feature of Cisco IOS and IOS XE Software could allow an unauthenticated, remote attacker to read and modify data that should normally have been sent via an encrypted channel. The vulnerability is due to TCP port information not being considered when matching new...

CVE-2019-12665 Cisco IOS and IOS XE Software HTTP Client Information Disclosure Vulnerability

A vulnerability in the HTTP client feature of Cisco IOS and IOS XE Software could allow an unauthenticated, remote attacker to read and modify data that should normally have been sent via an encrypted channel. The vulnerability is due to TCP port information not being considered when matching new...

CVE-2019-12665 Cisco IOS and IOS XE Software HTTP Client Information Disclosure Vulnerability

A vulnerability in the HTTP client feature of Cisco IOS and IOS XE Software could allow an unauthenticated, remote attacker to read and modify data that should normally have been sent via an encrypted channel. The vulnerability is due to TCP port information not being considered when matching new...

PT-2019-11810 · Jenkins · Jenkins Violation Comments To Gitlab Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins Violation Comments to GitLab Plugin version 2.28 and earlier Description: The issue concerns the storage of credentials in an unencrypted manner. Specifically, the Violation Comments to GitLab Plugin stored API tokens unencrypted in j...

PT-2019-11809 · Jenkins · Jenkins Violation Comments To Gitlab Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins Violation Comments to GitLab Plugin version 2.28 and earlier Description: The issue concerns the storage of credentials in an unencrypted manner. Specifically, the plugin stored API tokens unencrypted in job config.xml files and its...

The vulnerability of the microprogramming software for Moxa EDS-G516E and Moxa EDS-510E switches lies in the use of a rigidly encrypted cryptographic key in the configuration file. This allows an intruder to gain unauthorized access to the protected information.

The vulnerability of the microprogramming software for Moxa EDS-G516E and Moxa EDS-510E switches lies in the use of a rigidly encrypted cryptographic key in the configuration file. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected...

CVE-2019-10990

Red Lion Controls Crimson, version 3.0 and prior and version 3.1 prior to release 3112.00, uses a hard-coded password to encrypt protected files in transit and at rest, which may allow an attacker to access configuration files...

Hello! My name is Dtrack

Our investigation into the Dtrack RAT actually began with a different activity. In the late summer of 2018, we discovered ATMDtrack, a piece of banking malware targeting Indian banks. Further analysis showed that the malware was designed to be planted on the victim's ATMs, where it could read and...

CVE-2019-11739

Encrypted S/MIME parts in a crafted multipart/alternative message can leak plaintext when included in a a HTML reply/forward. This vulnerability affects Thunderbird 68.1 and Thunderbird 60.9...

Astaroth Spy Trojan Uses Facebook, YouTube Profiles to Cover Tracks

Facebook and YouTube profiles are at the heart of an ongoing phishing campaign spreading the Astaroth trojan, bent on the eventual exfiltration of sensitive information. The attack is sophisticated in that it uses normally trusted sources as cover for malicious activities – thus evading usually...

The vulnerability of the FortiOS operating system, related to security configuration errors, allows attackers to circumvent existing security restrictions.

The vulnerability of the FortiOS operating system is related to security configuration errors. Exploiting this vulnerability allows a malicious actor to bypass existing security restrictions by using specially crafted SSL/TLS or HTTP traffic...

Google to Experiment 'DNS over HTTPS' (DoH) Feature in Chrome 78

Immediately after Mozilla announced its plan to soon enable 'DNS over HTTPS ' DoH by default for Firefox users in the United States, Google today says it is planning an experiment with the privacy-focused technology in its upcoming Chrome 78. Under development since 2017, 'DNS over HTTPS' perform...

Security Bulletin: Security Vulnerabilties exist in IBM Cognos Controller

Summary Security Vulnerabilities exist in IBM Cognos Controller. When performing security testing, you might encounter a "Missing Secure Attribute in Encrypted Session SSL Cookie" error message. IBM Cognos Controller versions 10.4.1, 10.4.0, 10.3.1 and 10.3.0, by default, do not have this setting...

The vulnerabilities of the microprogramming software of Cisco Small Business RV160, Cisco Small Business RV260, and Cisco Small Business RV340 allow attackers to enhance their privileges.

The vulnerability of the microprogramming software of Cisco Small Business RV160, Cisco Small Business RV260, and Cisco Small Business RV340 is related to the use of strictly encrypted passwords for user roles such as root, debug-admin, cisco, admin, and guest. Exploiting this vulnerability allow...

McAfee DLPe Agent 11.x < 11.1.210.32 / 11.2.x / 11.3.x < 11.3.2.8 Multiple Vulnerabilities (SB10295)

The version of the McAfee Data Loss Prevention Endpoint DLPe Agent installed on the remote Windows host is 11.x prior to 11.1.210.32, 11.2.x, or 11.3.x prior to 11.3.2.8. It is, therefore, affected by multiple vulnerabilities: - Buffer overflow in McAfee Data Loss Prevention DLPe for Windows 11.x...

Covenant - A .NET Command And Control Framework For Red Teamers

Covenant is a .NET command and control framework that aims to highlight the attack surface of .NET, make the use of offensive .NET tradecraft easier, and serve as a collaborative command and control platform for red teamers. Covenant is an ASP.NET Core, cross-platform application that includes a...

CVE-2019-3634

Buffer overflow in McAfee Data Loss Prevention DLPe for Windows 11.x prior to 11.3.2.8 allows local user to cause the Windows operating system to "blue screen" via an encrypted message sent to DLPe which when decrypted results in DLPe reading unallocated memory...