GHSA-CQ94-QF6Q-MF2H Pysaml2 improperly initializes encryption vector

Python package pysaml2 version 4.5.0 and earlier reuses the initialization vector across encryptions in the IDP server, resulting in weak encryption of data...

Debian DLA-1421-1 : ruby2.1 security update

Multiple vulnerabilities were found in the interpreter for the Ruby language. The Common Vulnerabilities and Exposures project identifies the following issues : CVE-2015-9096 SMTP command injection in Net::SMTP via CRLF sequences in a RCPT TO or MAIL FROM command. CVE-2016-2339 Exploitable heap...

Microsoft Windows: Boot-Start Driver Initialization Policy

This test checks the setting for policy OpenVAS Vulnerability Test $Id: winbootstartdriverinitialization.nasl 11337 2018-09-11 14:23:53Z emoss $ Check value for Boot-Start Driver Initialization Policy Authors: Emanuel Moss Copyright: Copyright c 2018 Greenbone Networks GmbH,...

CVE-2018-10811

strongSwan 5.6.0 and older allows Remote Denial of Service because of Missing Initialization of a Variable...

DEBIAN-CVE-2018-10811

strongSwan 5.6.0 and older allows Remote Denial of Service because of Missing Initialization of a Variable...

Design/Logic Flaw

strongSwan 5.6.0 and older allows Remote Denial of Service because of Missing Initialization of a Variable...

CVE-2018-10811

strongSwan 5.6.0 and older allows Remote Denial of Service because of Missing Initialization of a Variable...

CVE-2018-10811

strongSwan 5.6.0 and older allows Remote Denial of Service because of Missing Initialization of a Variable...

CVE-2018-10811

strongSwan 5.6.0 and older allows Remote Denial of Service because of Missing Initialization of a Variable...

CVE-2018-10811

strongSwan 5.6.0 and older allows Remote Denial of Service because of Missing Initialization of a Variable...

Debian DSA-4229-1 : strongswan - security update

Two vulnerabilities were discovered in strongSwan, an IKE/IPsec suite. - CVE-2018-5388 The stroke plugin did not verify the message length when reading from its control socket. This vulnerability could lead to denial of service. On Debian write access to the socket requires root permission on...

Code injection

In the MDSS driver in all Android releasesAndroid for MSM, Firefox OS for MSM, QRD Android from CAF using the Linux kernel, a data structure may be used without being initialized correctly...

CVE-2018-5860

In the MDSS driver in all Android releasesAndroid for MSM, Firefox OS for MSM, QRD Android from CAF using the Linux kernel, a data structure may be used without being initialized correctly...

CVE-2018-8121

An information disclosure vulnerability exists when the Windows kernel improperly initializes objects in memory, aka "Windows Kernel Information Disclosure Vulnerability." This affects Windows 10 Servers, Windows 10. This CVE ID is unique from CVE-2018-8207...

CVE-2018-8121

An information disclosure vulnerability exists when the Windows kernel improperly initializes objects in memory, aka "Windows Kernel Information Disclosure Vulnerability." This affects Windows 10 Servers, Windows 10. This CVE ID is unique from CVE-2018-8207...

Trend Micro OfficeScan Refresh Vulnerability

Trend Micro OfficeScan is a suite of distributed anti-virus software from Trend Micro. A security vulnerability exists in Trend Micro OfficeScan version 11.0 SP1 and XG. The vulnerability is due to a lack of proper validation of the length of user-supplied data before that length is used to...

CVE-2018-5840

CVE-2018-5840 is a Buffer Copy without Checking Size of Input in the DRM SDE driver initialization path of Android/Linux kernel (CAF variants). The NVD entry states impact as high (local, user interaction required) with a high both for CVSS3 and CVSS2. Affected component appears in the Qualcomm G...

CVE-2018-10811

strongSwan 5.6.0 and older allows Remote Denial of Service because of Missing Initialization of a Variable...

TuyaUS Client Session Initialization Detection via HTTP

Binary data 700265.prm...

SELA Buffer Error Vulnerability

SELA aka SimplE Lossless Audio is a lossless audio encoder/decoder. A stack buffer overflow vulnerability exists in the 'initapev2keys' function in the core/apev2.c file in SELA version 0.1.2-alpha. A detailed vulnerability description is not available at this time...