5468 matches found
CVE-2019-8522
A logic issue was addressed with improved state management. This issue is fixed in macOS Mojave 10.14.4. An encrypted volume may be unmounted and remounted by a different user without prompting for the password...
CVE-2019-8522
A logic issue was addressed with improved state management. This issue is fixed in macOS Mojave 10.14.4. An encrypted volume may be unmounted and remounted by a different user without prompting for the password...
Design/Logic Flaw
A logic issue was addressed with improved state management. This issue is fixed in macOS Mojave 10.14.4. An encrypted volume may be unmounted and remounted by a different user without prompting for the password...
Code injection
An issue existed in the handling of links in encrypted PDFs. This issue was addressed by adding a confirmation prompt. This issue is fixed in macOS Catalina 10.15. An attacker may be able to exfiltrate the contents of an encrypted PDF...
CVE-2019-8772
An issue existed in the handling of links in encrypted PDFs. This issue was addressed by adding a confirmation prompt. This issue is fixed in macOS Catalina 10.15. An attacker may be able to exfiltrate the contents of an encrypted PDF...
CVE-2019-8522
CVE-2019-8522 affects macOS DiskArbitration. The issue is a logic flaw in state management that could allow an encrypted volume to be unmounted and remounted by a different user without prompting for a password. Apple lists this vulnerability under macOS Mojave 10.14.3/10.14.4 context and explici...
Inspecting TLS Web Traffic - Part 1
In this series of blogs I'm going to talk about how the continued move towards all web traffic being encrypted has impacted enterprise security. In this blog I'm going to focus on the basics - what is encrypted web traffic and how can you proactively control this. TLS encryption is the de-facto...
SYS.1.2.2.A14
Ziel des Bausteins SYS.1.2.2 ist die Absicherung von Microsoft Windows Server 2012 und Microsoft Windows Server 2012 R2. Die Kern-Anforderung Copyright C 2019 Greenbone Networks GmbH SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can redistribute it and/or modify it...
Threat Analysis Unit (TAU) Threat Intelligence Notification: Cyborg Ransomware
Cyborg Ransomware was found being distributed via spear-phishing email campaign which contains a fake “Windows Update” email which appears as a ‘.jpg’ file in the email attachment, but is instead a ‘.exe’ binary file. It tries to tempt users to click on the malicious attachment file in order to...
Siemens SCALANCE W700/W1700 CVE-2018-14526 Information Disclosure Vulnerability
Description Siemens SCALANCE W700 and W1700 is prone to an information disclosure vulnerability. An attacker can exploit this issue to obtain sensitive information. Successful exploits may lead to other attacks. The following versions of SCALANCE W700 and W1700 are affected: Siemens SCALANCE W700...
SpotAuditor 5.3.2 Local Buffer Overflow
Exploit Title: SpotAuditor 5.3.2 - 'Base64' Local Buffer Overflow SEH Exploit Author: Kirill Nikolaev Date: 2019-12-06 Vulnerable Software: SpotAuditor Vendor Homepage: http://www.nsauditor.com/ Version: 5.3.2 Software Link: http://spotauditor.nsauditor.com/downloads/spotauditorsetup.exe Tested...
New Linux Bug Lets Attackers Hijack Encrypted VPN Connections
A team of cybersecurity researchers has disclosed a new severe vulnerability affecting most Linux and Unix-like operating systems, including FreeBSD, OpenBSD, macOS, iOS, and Android, that could allow remote 'network adjacent attackers' to spy on and tamper with encrypted VPN connections. The...
CVE-2019-5263
HiSuite with 9.1.0.305 and earlier versions and 9.1.0.305MAC and earlier versions and HwBackup with earlier versions before 9.1.1.308 have a brute forcing encrypted backup data vulnerability. Huawei smartphone user backup information can be obtained by brute forcing the password for encrypting th...
CVE-2019-5263
HiSuite with 9.1.0.305 and earlier versions and 9.1.0.305MAC and earlier versions and HwBackup with earlier versions before 9.1.1.308 have a brute forcing encrypted backup data vulnerability. Huawei smartphone user backup information can be obtained by brute forcing the password for encrypting th...
Information disclosure
HiSuite with 9.1.0.305 and earlier versions and 9.1.0.305MAC and earlier versions and HwBackup with earlier versions before 9.1.1.308 have a brute forcing encrypted backup data vulnerability. Huawei smartphone user backup information can be obtained by brute forcing the password for encrypting th...
CVE-2019-5263
HiSuite with 9.1.0.305 and earlier versions and 9.1.0.305MAC and earlier versions and HwBackup with earlier versions before 9.1.1.308 have a brute forcing encrypted backup data vulnerability. Huawei smartphone user backup information can be obtained by brute forcing the password for encrypting th...
CVE-2012-6655
An issue exists AccountService 0.6.37 in the userchangepasswordauthorizedcb function in user.c which could let a local users obtain encrypted passwords...
AZL-44049 CVE-2012-6655 affecting package accountsservice for versions less than 23.13.9-1
An issue exists AccountService 0.6.37 in the userchangepasswordauthorizedcb function in user.c which could let a local users obtain encrypted passwords...
DEBIAN-CVE-2012-6655
An issue exists AccountService 0.6.37 in the userchangepasswordauthorizedcb function in user.c which could let a local users obtain encrypted passwords...
CVE-2012-6655
An issue exists AccountService 0.6.37 in the userchangepasswordauthorizedcb function in user.c which could let a local users obtain encrypted passwords...