10 matches found
CVE-2014-10374
On Fitbit activity-tracker devices, certain addresses never change. According to the popets-2019-0036.pdf document, this leads to "permanent trackability" and "considerable privacy concerns" without a user-accessible anonymization feature. The devices, such as Charge 2, transmit Bluetooth Low...
Mozilla: Keystroke Side-Channel Leakage
The Mozilla Foundation Security Advisory describes this flaw as: Keyboard events reference strings like "KeyA" that were at fixed, known, and widely-spread addresses. Cache-based timing attacks such as Prime+Probe could have possibly figured out which keys were being pressed...
Mozilla: Keystroke Side-Channel Leakage
The Mozilla Foundation Security Advisory describes this flaw as: Keyboard events reference strings like "KeyA" that were at fixed, known, and widely-spread addresses. Cache-based timing attacks such as Prime+Probe could have possibly figured out which keys were being pressed...
Mozilla: Keystroke Side-Channel Leakage
The Mozilla Foundation Security Advisory describes this flaw as: Keyboard events reference strings like "KeyA" that were at fixed, known, and widely-spread addresses. Cache-based timing attacks such as Prime+Probe could have possibly figured out which keys were being pressed...
Mozilla: Keystroke Side-Channel Leakage
The Mozilla Foundation Security Advisory describes this flaw as: Keyboard events reference strings like "KeyA" that were at fixed, known, and widely-spread addresses. Cache-based timing attacks such as Prime+Probe could have possibly figured out which keys were being pressed...
Mozilla: Keystroke Side-Channel Leakage
The Mozilla Foundation Security Advisory describes this flaw as: Keyboard events reference strings like "KeyA" that were at fixed, known, and widely-spread addresses. Cache-based timing attacks such as Prime+Probe could have possibly figured out which keys were being pressed...
Mozilla: Keystroke Side-Channel Leakage
The Mozilla Foundation Security Advisory describes this flaw as: Keyboard events reference strings like "KeyA" that were at fixed, known, and widely-spread addresses. Cache-based timing attacks such as Prime+Probe could have possibly figured out which keys were being pressed...
AlmaLinux 8 : thunderbird (ALSA-2022:8547)
The remote AlmaLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ALSA-2022:8547 advisory. - Service Workers should not be able to infer information about opaque cross-origin responses; but timing information for cross-origin media combined with...
Nova: DoS by allocating all Fixed IPs
OpenStack Compute Nova Grizzly, Folsom 2012.2, and Essex 2012.1 does not properly implement a quota for fixed IPs, which allows remote authenticated users to cause a denial of service resource exhaustion and failure to spawn new instances via a large number of calls to the addFixedIp function...
DEBIAN-CVE-2013-1838
OpenStack Compute Nova Grizzly, Folsom 2012.2, and Essex 2012.1 does not properly implement a quota for fixed IPs, which allows remote authenticated users to cause a denial of service resource exhaustion and failure to spawn new instances via a large number of calls to the addFixedIp function...