11 matches found
Improper Certificate Validation
Overview Affected versions of this package are vulnerable to Improper Certificate Validation via improper verification of AWS EC2 identity documents in the aws-iid process. An attacker can cause the system to accept forged identity documents by providing documents with missing or invalid...
EUVD-2007-0268
Malware in sbrugna...
PROTEAN: Federated Intrusion Detection in Non-IID Environments through Prototype-Based Knowledge Sharing
In distributed networks, participants often face diverse and fast-evolving cyberattacks. This makes techniques based on Federated Learning FL a promising mitigation strategy. By only exchanging model updates, FL participants can collaboratively build detection models without revealing sensitive...
The vulnerability of the ps_mix_phase function in the libfaad/ps_dec.c component of the Freeware Advanced Audio Decoder 2 (FAAD2) allows a hacker to gain access to confidential data and also trigger a service failure.
The vulnerability of the psmixphase function in the libfaad/psdec.c component of the Freeware Advanced Audio Decoder 2 FAAD2 decoder is related to the lack of checking for the iidindex. Exploiting this vulnerability allows an attacker to gain access to confidential data and also cause service...
CVE-2019-10896
Wireshark CVE-2019-10896 affects DOF dissector in versions 2.4.0–2.4.13, 2.6.0–2.6.7, and 3.0.0. The root cause is improper handling of generated IID and OID bytes in epan/dissectors/packet-dof.c, which could cause a crash. The vulnerability is addressed by the DOF dissector fix in that file. Rem...
EUVD-2019-2618
In Wireshark 2.4.0 to 2.4.13, 2.6.0 to 2.6.7, and 3.0.0, the DOF dissector could crash. This was addressed in epan/dissectors/packet-dof.c by properly handling generated IID and OID bytes...
CVE-2019-10896
In Wireshark 2.4.0 to 2.4.13, 2.6.0 to 2.6.7, and 3.0.0, the DOF dissector could crash. This was addressed in epan/dissectors/packet-dof.c by properly handling generated IID and OID bytes...
PT-2018-3818 · Audiocoding +2 · Faad2 +2
Name of the Vulnerable Software and Affected Versions: Freeware Advanced Audio Decoder 2 FAAD2 versions 2.8.8 Description: The issue is related to a buffer over-read in the ps mix phase function of the libfaad/ps dec.c component of the Freeware Advanced Audio Decoder 2 FAAD2 audio decoder. This i...
JVN#24238648: RBB SPEED TEST App fails to verify SSL server certificates
RBB SPEED TEST App provided by IID, Inc. fails to verify SSL server certificates. Impact A man-in-the-middle attack may allow an attacker to eavesdrop on an encrypted communication. Solution Update the Application Update to the latest version according to the information provided by the developer...
CVE-2007-0266
SQL injection vulnerability in boxx/ShowAppendix.asp in Ezboxx Portal System Beta 0.7.6 and earlier allows remote attackers to inject arbitrary web script or HTML via the iid parameter...
CVE-2007-0265
Multiple cross-site scripting XSS vulnerabilities in Ezboxx Portal System Beta 0.7.6 and earlier allow remote attackers to inject arbitrary web script or HTML via 1 the pic parameter to custom/piczoom.asp, 2 the nocatname parameter to boxx/user-upload.asp, or 3 the iid parameter to...