19 matches found
EUVD-2019-10100
Malware in sbrugna...
EUVD-2016-8880
Malware in sbrugna...
EUVD-2016-0554
Malware in sbrugna...
The Age of Integrity
We need to talk about data integrity. Narrowly, the term refers to ensuring that data isn’t tampered with, either in transit or in storage. Manipulating account balances in bank databases, removing entries from criminal records, and murder by removing notations about allergies from medical record...
CVE-2020-1759
A vulnerability was found in Red Hat Ceph Storage 4 and Red Hat Openshift Container Storage 4.2 where, A nonce reuse vulnerability was discovered in the secure mode of the messenger v2 protocol, which can allow an attacker to forge auth tags and potentially manipulate the data by leveraging the...
CVE-2020-1759
A vulnerability was found in Red Hat Ceph Storage 4 and Red Hat Openshift Container Storage 4.2 where, A nonce reuse vulnerability was discovered in the secure mode of the messenger v2 protocol, which can allow an attacker to forge auth tags and potentially manipulate the data by leveraging the...
CVE-2020-1759
A vulnerability was found in Red Hat Ceph Storage 4 and Red Hat Openshift Container Storage 4.2 where, A nonce reuse vulnerability was discovered in the secure mode of the messenger v2 protocol, which can allow an attacker to forge auth tags and potentially manipulate the data by leveraging the...
CVE-2020-1759
A vulnerability was found in Red Hat Ceph Storage 4 and Red Hat Openshift Container Storage 4.2 where, A nonce reuse vulnerability was discovered in the secure mode of the messenger v2 protocol, which can allow an attacker to forge auth tags and potentially manipulate the data by leveraging the...
CVE-2020-1759
A nonce reuse vulnerability was discovered in the secure mode of the messenger v2 protocol, which can allow an attacker to forge auth tags and potentially manipulate the data by leveraging the reuse of a nonce in a session. Messages encrypted using a reused nonce value are susceptible to serious...
OpenSSL: ChaCha20-Poly1305 with long nonces (CVE-2019-1543) - Windows
OpenSSL is prone to a vulnerability which allows a nonce reuse. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:openssl:openssl";...
EulerOS 2.0 SP3 : openssl110f (EulerOS-SA-2019-1328)
According to the version of the openssl110f packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - ChaCha20-Poly1305 is an AEAD cipher, and requires a unique nonce input for every encryption operation. RFC 7539 specifies that the nonce value...
Design/Logic Flaw
ChaCha20-Poly1305 is an AEAD cipher, and requires a unique nonce input for every encryption operation. RFC 7539 specifies that the nonce value IV should be 96 bits 12 bytes. OpenSSL allows a variable nonce length and front pads the nonce with 0 bytes if it is less than 12 bytes. However it also...
CVE-2019-1543
ChaCha20-Poly1305 is an AEAD cipher, and requires a unique nonce input for every encryption operation. RFC 7539 specifies that the nonce value IV should be 96 bits 12 bytes. OpenSSL allows a variable nonce length and front pads the nonce with 0 bytes if it is less than 12 bytes. However it also...
Spoofing
Software Integrity Attacks vulnerability in Intel Security Anti-Virus Engine AVE 5200 through 5800 allows local attackers to bypass local security protection via a crafted input file...
CVE-2016-8032
Software Integrity Attacks vulnerability in Intel Security Anti-Virus Engine AVE 5200 through 5800 allows local attackers to bypass local security protection via a crafted input file...
CVE-2016-8032
The CVE-2016-8032 entry concerns Intel Security Anti-Virus Engine (AVE) versions 5200–5800. According to the provided documents, a vulnerability in AVE allows a local attacker to bypass local security protections by supplying a crafted input file. The impact described is bypass of security protec...
CVE-2016-8032
Software Integrity Attacks vulnerability in Intel Security Anti-Virus Engine AVE 5200 through 5800 allows local attackers to bypass local security protection via a crafted input file...
Spoofing
Software Integrity Attacks vulnerability in Intel Security Anti-Virus Engine AVE 5200 through 5800 allows local users to bypass local security protection via a crafted input file...
CVE-2016-8031
Software Integrity Attacks vulnerability in Intel Security Anti-Virus Engine AVE 5200 through 5800 allows local users to bypass local security protection via a crafted input file...