Authorization Bypass

Keylime is vulnerable to an attack which allows an attacker to Bypass the Challenge-Response Protocol during agent registration. The vulnerability occurs due to the registrar disclosing the correct "authtag" in the error message. This could allow an attacker to simply record the correct expected...

GHSA-F4R5-Q63F-GCWW Keylime registrar and (untrusted) Agent can be bypassed by an attacker

Impact A security issue was found in the Keylime registrar code which allows an attacker to effectively bypass the challenge-response protocol used to verify that an agent has indeed access to an AIK which in indeed related to the EK. When an agent starts up, it will contact a registrar and provi...

Apple QuickTime Player buffer overflow

Buffer overflow on HTTP error message displaying...

Microsoft Internet Explorer 6.0 SP2 - File Download Security Warning Bypass

Microsoft Internet Explorer 6.0 SP2 - File Download Security Warning Bypass Orginal Advisory and exploit by cyberflash Vengy Circumvent Windows XP SP2 security features using execCommand 'SaveAs' function! Demonstration: Notice that you don't receive any warning messages such as: "File Download -...