Lucene search
K

794 matches found

RedHat Linux
RedHat Linux
added 2014/01/27 7:54 p.m.7 views

OpenJDK: TLS/SSL handshake timing issues (JSSE, 8023069)

Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45; JRockit R27.7.7 and R28.2.9; Java SE Embedded 7u45; and OpenJDK 7 allows remote attackers to affect confidentiality and integrity via vectors related to JSSE. NOTE: the previous information is from the January 2014 CPU. Oracle ha...

4CVSS6.4AI score0.02414EPSS
Exploits0References5
OpenVAS
OpenVAS
added 2014/01/21 12:0 a.m.31 views

CentOS Update for java CESA-2014:0027 centos5

Check for the Version of java OpenVAS Vulnerability Test CentOS Update for java CESA-2014:0027 centos5 Authors: System Generated Check Copyright: Copyright C 2014 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...

10CVSS0.1AI score0.08383EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2014/01/21 12:0 a.m.264 views

Mandriva Linux Security Advisory : java-1.7.0-openjdk (MDVSA-2014:011)

Multiple vulnerabilities has been discovered and corrected in java-1.7.0-openjdk : An input validation flaw was discovered in the font layout engine in the 2D component. A specially crafted font file could trigger Java Virtual Machine memory corruption when processed. An untrusted Java applicatio...

10CVSS6.4AI score0.08383EPSS
Exploits1References17
RedHat Linux
RedHat Linux
added 2014/01/15 7:17 p.m.4 views

OpenJDK: TLS/SSL handshake timing issues (JSSE, 8023069)

Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45; JRockit R27.7.7 and R28.2.9; Java SE Embedded 7u45; and OpenJDK 7 allows remote attackers to affect confidentiality and integrity via vectors related to JSSE. NOTE: the previous information is from the January 2014 CPU. Oracle ha...

4CVSS6.4AI score0.02414EPSS
Exploits0References5
NVD
NVD
added 2014/01/15 4:8 p.m.20 views

CVE-2014-0411

Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45; JRockit R27.7.7 and R28.2.9; Java SE Embedded 7u45; and OpenJDK 7 allows remote attackers to affect confidentiality and integrity via vectors related to JSSE. NOTE: the previous information is from the January 2014 CPU. Oracle ha...

4CVSS4.4AI score0.02414EPSS
Exploits0References71
Prion
Prion
added 2014/01/15 4:8 p.m.20 views

Design/Logic Flaw

Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45; JRockit R27.7.7 and R28.2.9; Java SE Embedded 7u45; and OpenJDK 7 allows remote attackers to affect confidentiality and integrity via vectors related to JSSE. NOTE: the previous information is from the January 2014 CPU. Oracle ha...

4CVSS5.7AI score0.02414EPSS
Exploits0References71Affected Software3
Cent OS
Cent OS
added 2014/01/15 11:16 a.m.67 views

java security update

CentOS Errata and Security Advisory CESA-2014:0027 Updated java-1.7.0-openjdk packages that fix various security issues are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring Syst...

10CVSS6.3AI score0.08383EPSS
Exploits1References7
ThreatPost
ThreatPost
added 2013/11/01 10:8 a.m.11 views

How Dark Mail Plans to Build an Open, Secure Email Platform

The new Dark Mail Alliance formed this week by Lavabit and Silent Circle will offer an open platform for secure email that will use existing protocols and cloud storage as a way to evade surveillance. The new system, which should be available next year, is in some ways a throwback to the...

7AI score
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2013/07/26 12:0 a.m.18 views

FreeBSD : gnupg -- side channel attack on RSA secret keys (80771b89-f57b-11e2-bf21-b499baab0cbe)

A Yarom and Falkner paper reports : Flush+Reload is a cache side-channel attack that monitors access to data in shared pages. In this paper we demonstrate how to use the attack to extract private encryption keys from GnuPG. The high resolution and low noise of the Flush+Reload attack enables a sp...

5.7AI score
Exploits0References3
FreeBSD
FreeBSD
added 2013/07/18 12:0 a.m.17 views

gnupg -- side channel attack on RSA secret keys

A Yarom and Falkner paper reports: Flush+Reload is a cache side-channel attack that monitors access to data in shared pages. In this paper we demonstrate how to use the attack to extract private encryption keys from GnuPG. The high resolution and low noise of the Flush+Reload attack enables a spy...

3AI score
Exploits0References2
ThreatPost
ThreatPost
added 2013/07/17 10:29 a.m.14 views

Microsoft Asks AG to Let It Publish Detailed Data Request Information

Microsoft, responding to allegations that the company has helped the NSA circumvent encryption in Skype and Outlook.com and provided direct access to data from those and other services, says that it does none of those things and is petitioning the government for permission to publish more...

7AI score
Exploits0References4
ThreatPost
ThreatPost
added 2013/05/09 2:55 p.m.14 views

Name.com Data Breach Forces Password Breach

Domain registrar Name.com has informed its customers via email of a data breach and asked them to reset their passwords. The company, based in Denver, said it discovered a breach and customer account information such as encrypted credentials and credit card numbers may have been accessed along wi...

0.7AI score
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2013/03/09 12:0 a.m.42 views

Ubuntu 7.04 / 7.10 / 8.04 LTS : openssl vulnerability (USN-612-1)

A weakness has been discovered in the random number generator used by OpenSSL on Debian and Ubuntu systems. As a result of this weakness, certain encryption keys are much more common than they should be, such that an attacker could guess the key through a brute-force attack given minimal knowledg...

7.8CVSS6.5AI score0.70721EPSS
Exploits7References2
Tenable Nessus
Tenable Nessus
added 2012/10/12 12:0 a.m.16 views

Windows Phone7 < 7.10.8107 Out-of-Date SSL Certificate Blacklist

Binary data windowsphone7108107.nbin...

7.3AI score
Exploits0References1
OpenVAS
OpenVAS
added 2012/07/03 12:0 a.m.23 views

Ubuntu Update for python-crypto USN-1484-1

Ubuntu Update for Linux kernel vulnerabilities USN-1484-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN14841.nasl 7960 2017-12-01 06:58:16Z santu $ Ubuntu Update for python-crypto USN-1484-1 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.ne...

4.3CVSS7.7AI score0.02727EPSS
Exploits2References2
OpenVAS
OpenVAS
added 2012/07/03 12:0 a.m.22 views

Ubuntu: Security Advisory (USN-1484-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

4.3CVSS9.6AI score0.02727EPSS
Exploits2References2
Exploit DB
Exploit DB
added 2012/04/12 12:0 a.m.33 views

EMC IRM License Server 4.6.1.1995 - Denial of Service

Luigi Auriemma Application: EMC IRM License Server http://www.emc.com Versions: = 4.6.1.1995 Platforms: Windows Bugs: A "version compat check" FIPS NULL pointer B freezing caused by multiple commands C NULL pointer caused by commands after invalid version Exploitation: remote Date: 10 Apr 2012...

7.4AI score
Exploits0
The Hacker News
The Hacker News
added 2011/12/29 12:13 p.m.11 views

Train-switching system can be vulnerable to DDoS attack

Train-switching system can be vulnerable to DDoS attack Hackers who have shut down websites by overwhelming them with web traffic could use the same approach to shut down the computers that control train switching systems, a security expert said at a hacking conference in Berlin. Prof. Stefan...

6.7AI score
Exploits0
ThreatPost
ThreatPost
added 2011/11/22 2:14 p.m.13 views

How the Duqu Authors May Have Erred

Duqu has been called the spawn of Stuxnet, or maybe some sort of stepchild or second cousin. That initial analysis came from some similarities in the code of the two attack tools, and now that researchers have had more time to pull Duqu apart and see how it works, it seems more and more likely th...

7.3AI score
Exploits0References2
The Hacker News
The Hacker News
added 2011/11/21 11:19 a.m.2 views

Is it hard to crack full Disk Encryption For Law Enforcement ?

Is it hard to crack full Disk Encryption For Law Enforcement ? If you'd rather keep your data private, take heart: disk encryption is a lot harder to break than techno-thriller movies and TV shows make it out to be, to the chagrin of some branches of law enforcement. MrSeb writes with word of a...

7.1AI score
Exploits0
Rows per page
Query Builder