5468 matches found
Broadcom Brocade SANnav CVE-2019-16206 Information Disclosure Vulnerability
Description Broadcom Brocade SANnav is prone to an information disclosure vulnerability Successfully exploiting this issue may allow an attacker to obtain sensitive information that may aid in further attacks or cause a denial-of-service condition. Versions prior to Brocade SANnav 2.0 are...
Broadcom Brocade SANnav CVE-2019-16210 Information Disclosure Vulnerability
Description Broadcom Brocade SANnav is prone to an information disclosure vulnerability Successfully exploiting this issue may allow an attacker to obtain sensitive information that may aid in further attacks or cause a denial-of-service condition. Versions prior to Brocade SANnav 2.0 are...
Broadcom Brocade SANnav CVE-2019-16209 SSL Certificate Validation Security Bypass Vulnerability
Description Broadcom Brocade SANnav is prone to a security-bypass vulnerability. An attacker can exploit this issue to perform man-in-the-middle attacks and perform certain unauthorized actions, which will aid in further attacks. Versions prior to Brocade SANnav 2.0 are vulnerable. Technologies...
Verizon, AT&T, Sprint and T-Mobile to replace SMS with RCS Messaging in 2020
Mobile carriers in the United States will finally offer a universal cross-carrier communication standard for the next-generation RCS messaging service that is meant to replace SMS and has the potential to change the way consumers interact with brands for years to come. All major United States...
Cloud Foundry SMB Volume CVE-2019-11283 Information Disclosure Vulnerability
Description Cloud Foundry SMB Volume is prone to an information disclosure vulnerability. An attacker can exploit this issue to gain access to sensitive information; this may lead to further attacks. Technologies Affected Cloud Foundry SMB Volume 1.0.0 Cloud Foundry SMB Volume 1.1.0 Cloud Foundry...
Apple macOS Catalina Information Disclosure Vulnerability
Apple macOS Catalina is the United States Apple Apple company's set of Mac computers developed specifically for the operating system. PDFKit is one of the PDF document generation components. A security vulnerability exists in the handling of links in encrypted PDFs in the PDFKit component of Appl...
Fortinet FortiOS CVE-2019-15703 Insufficient Entropy Vulnerability
Description Fortinet FortiOS is prone to an insufficent entropy vulnerability. Remote attackers can exploit this issue to perform side-channel attacks and obtain sensitive information. This aids in other attacks. Technologies Affected Fortinet FortiOS 2.36.0 Fortinet FortiOS 2.50.0 Fortinet Forti...
CVE-2019-3767
Dell ImageAssist versions prior to 8.7.15 contain an information disclosure vulnerability. Dell ImageAssist stores some sensitive encrypted information in the images it creates. A privileged user of a system running an operating system that was deployed with Dell ImageAssist could potentially...
CVE-2019-3767
Dell ImageAssist versions prior to 8.7.15 contain an information disclosure vulnerability. Dell ImageAssist stores some sensitive encrypted information in the images it creates. A privileged user of a system running an operating system that was deployed with Dell ImageAssist could potentially...
Information disclosure
Dell ImageAssist versions prior to 8.7.15 contain an information disclosure vulnerability. Dell ImageAssist stores some sensitive encrypted information in the images it creates. A privileged user of a system running an operating system that was deployed with Dell ImageAssist could potentially...
CVE-2018-5184
Using remote content in encrypted messages can lead to the disclosure of plaintext. This vulnerability affects Thunderbird ESR 52.8 and Thunderbird 52.8...
[SECURITY] Fedora 29 Update: krb5-1.16.1-26.fc29
Kerberos V5 is a trusted-third-party network authentication system, which can improve your network's security by eliminating the insecure practice of sending passwords over the network in unencrypted form...
Cisco IOS HTTP Client Information Disclosure Vulnerability (cisco-sa-20190925-http-client)
According to its self-reported version, IOS is affected by a vulnerability in the HTTP client feature that allows an unauthenticated, remote attacker to read and modify data that should normally be sent via an encrypted channel. This vulnerability is due to TCP port information not being consider...
Cisco IOS XE Software HTTP Client Information Disclosure Vulnerability (cisco-sa-20190925-http-client)
According to its self-reported version, IOS XE Software is affected by a vulnerability in the HTTP client feature that allows an unauthenticated, remote attacker to read and modify data that should normally be sent via an encrypted channel. This vulnerability is due to TCP port information not...
CVE-2017-18191
OpenStack Nova has a vulnerability in the handling of encrypted volumes. By detaching and reattaching an encrypted volume, an attacker may access the underlying raw volume and corrupt the LUKS header, resulting in a denial of service attack on the compute host. All Nova installations supporting...
Juniper Junos CVE-2019-0069 Local Information Disclosure Vulnerability
Description Juniper Junos is prone to a local information-disclosure vulnerability. An attacker can exploit this issue to gain access to sensitive information; this may lead to further attacks. The following versions of Juniper Junos are affected: Juniper Junos 15.1X49 versions prior to...
Juniper SBR Carrier CVE-2019-0072 Information Disclosure Vulnerability
Description Juniper SBR Carrier is prone to an information-disclosure vulnerability. An attacker can exploit this issue to gain access to sensitive information; this may lead to further attacks. The following product versions are affected: Juniper SBR Carrier versions from 8.4.1 prior to 8.4.1R13...
USN-4150-1 thunderbird vulnerabilities
It was discovered that encrypted S/MIME parts in a multipart message can leak plaintext contents when included in a HTML reply or forward in some circumstances. If a user were tricked in to replying to or forwarding a specially crafted message, an attacker could potentially exploit this to obtain...
Xpdf null pointer dereference vulnerability (CNVD-2019-38488)
Xpdf is an open source PDF reader from Foo Labs. The product supports decoding LZW compressed format files and read encrypted PDF files. Xpdf suffers from a null pointer dereference vulnerability. An attacker could exploit this vulnerability to cause the application to crash...
OpenSSL Information Disclosure Vulnerability (CNVD-2019-38486)
OpenSSL is an open source capable general-purpose cryptographic library from the OpenSSL team that implements the Secure Sockets Layer SSLv2/v3 and Secure Transport Layer TLSv1 protocols. The product supports a variety of cryptographic algorithms , including symmetric ciphers , hash algorithms ,...