golang-fips/openssl: Memory leaks in code encrypting and decrypting RSA payloads

A memory leak flaw was found in Golang in the RSA encrypting/decrypting code, which might lead to a resource exhaustion vulnerability using attacker-controlled inputs​. The memory leak happens in github.com/golang-fips/openssl/openssl/rsa.goL113. The objects leaked are pkey​ and ctx​. That functi...

CVE-2018-18203

A vulnerability in the update mechanism of Subaru StarLink Harman head units 2017, 2018, and 2019 may give an attacker with physical access to the vehicle's USB ports the ability to rewrite the firmware of the head unit. This occurs because the device accepts modified QNX6 filesystem images as lo...

IP. Board CMS malicious redirect analysis-vulnerability warning-the black bar safety net

IP. Board CMS is a famous CMS system, which allows users to easily create and manage online communities. And recently Sucuri researcher recently found a for the IP. Board of redirection. After analysis, researchers found that this attack has lasted 2 years. ! Visitors is a malicious redirect The...

Apple's SSL Vulnerability might allow NSA to hack iOS Devices Remotely

Just two days before Apple has disclosed a critical Security flaw in the SSL implementation on the iOS software that would allow man-in-the-middle attacks to intercept the SSL data by spoofing SSL servers. Dubbed as CVE-2014-1266, the so-called ‘goto fail;’ vulnerability in which the secure...

German Hacker Cracks GSM Call Encryption Code

German Hacker Cracks GSM Call Encryption Code A German computer boffin has worked out a way to crack code used to encrypt most of the world's mobile Internet traffic. Karsten Nohl is going to publish a guide to prompt global operators to improve their safeguards. Karsten Nohl and his team of 24...

N-point virtual host management system-fatal vulnerability. Pass to kill all versions-bug warning-the black bar safety net

This is N fatal vulnerability directly get Server Permissions. Because directly related to MYSQL, MSSQL SA and ROOT but encrypted in a way I also see in his encryption code. A bit confused that... I looked online also with no N-point virtual host management system of one aspect of the ODAY or the...

Tradecms English foreign trade enterprises web site v1. 0. Vulnerability analysis-vulnerability warning-the black bar safety net

Release time: 2010-07-15 Affected version: Tradecms English foreign trade enterprises web site v1. 0 Vulnerability description: injection vulnerabilities, cross-permissions vulnerability; Database address: ClkjDaTa/ClkjCms. mdb Database open password: The default account and password: user: admin...