Design/Logic Flaw

Http-signature is a "Reference implementation of Joyent's HTTP Signature Scheme". In versions =0.9.11, http-signature signs only the header values, but not the header names. This makes http-signature vulnerable to header forgery. Thus, if an attacker can intercept a request, he can swap header...

CVE-2017-16005

Http-signature is a "Reference implementation of Joyent's HTTP Signature Scheme". In versions =0.9.11, http-signature signs only the header values, but not the header names. This makes http-signature vulnerable to header forgery. Thus, if an attacker can intercept a request, he can swap header...

Logic Design Vulnerability in LemHealth APP, a Smart Health Bracelet from Synerchip Technology

LemHealth APP is a health management software. A logical design vulnerability exists in the LemHealth APP, a smart health bracelet from Synergy Technology. An attacker can reset any password and perform unauthorized operations by catching packets and intercepting changes...

CVE-2016-10582

closurecompiler is a Closure Compiler for node.js. closurecompiler downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution RCE by swapping out the requested binary with an attacker controlled binary if the attacker is on...

Hardcoded credentials

The airbrake module 0.3.8 and earlier defaults to sending environment variables over HTTP. Environment variables can often times contain secret keys and other sensitive values. A malicious user could be on the same network as a regular user and intercept all the secret keys the user is sending...

CVE-2016-10530

The airbrake module 0.3.8 and earlier defaults to sending environment variables over HTTP. Environment variables can often times contain secret keys and other sensitive values. A malicious user could be on the same network as a regular user and intercept all the secret keys the user is sending...

CVE-2016-10530

The CVE-2016-10530 issue affects the airbrake Node.js module (versions ≤ 0.3.8). It defaults to sending environment variables over HTTP, exposing secrets on privileged networks. This is explicitly described in multiple Connected sources (Airbrake node advisory and CVE records). Impact is exposure...

CVE-2016-10566

install-nw is a module which quickly and robustly installs and caches NW.js. install-nw versions below 1.1.5 download binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution RCE by swapping out the requested binary with an attacker...

Remote code execution

scala-bin is a binary wrapper for Scala. scala-bin downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution RCE by swapping out the requested binary with an attacker controlled binary if the attacker is on the network or...

About the security content of watchOS 4.3.1

About the security content of watchOS 4.3.1 This document describes the security content of watchOS 4.3.1. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are...

About the security content of iOS 11.4

About the security content of iOS 11.4 This document describes the security content of iOS 11.4. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recen...

[SECURITY] [DSA 4211-1] xdg-utils security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4211-1 [email protected] https://www.debian.org/security/ Luciano Bello May 25, 2018 https://www.debian.org/security/faq -...

CVE-2017-12129

An exploitable Weak Cryptography for Passwords vulnerability exists in the web server functionality of Moxa EDR-810 V4.1 build 17030317. An attacker could intercept weakly encrypted passwords and could brute force them...

PT-2018-5370 · Moxa · Moxa Edr-810

Name of the Vulnerable Software and Affected Versions: Moxa EDR-810 version 4.1 build 17030317 Description: A weakness in cryptography for passwords exists in the web server functionality, allowing an attacker to intercept weakly encrypted passwords and potentially brute force them...

CVE-2018-5152

WebExtensions with the appropriate permissions can attach content scripts to Mozilla sites such as accounts.firefox.com and listen to network traffic to the site through the "webRequest" API. For example, this allows for the interception of username and an encrypted password during login to Firef...

CVE-2018-5152

WebExtensions with the appropriate permissions can attach content scripts to Mozilla sites such as accounts.firefox.com and listen to network traffic to the site through the "webRequest" API. For example, this allows for the interception of username and an encrypted password during login to Firef...

Siemens Siveillance VMS Video for Android and iOS Incorrect Certificate Validation Vulnerability

Siemens Siveillance VMS Video for Android is an Android-based video management software from Siemens, Germany. Siveillance VMS Video for iOS is an iOS-based version. A security vulnerability exists in Siveillance VMS Video prior to 12.1a 2018 R1 for Android-based platforms and Siveillance VMS Vid...

Moxa EDR-810 Weak Password Vulnerability

The Moxa EDR-810 is an industrial security router with firewall/NAT/VPN and managed Layer 2 switch functionality. It is designed for Ethernet-based security applications in remote control or monitoring networks. A weak password vulnerability exists in the web server functionality of the Moxa...

PortSwigger Web Security: burp does not validate the common name of the presented collaborator server certificate

Burp is not validating correctly if the presented certificate in collaborator server. It warns if it is a self signed one, but if it is a legitimate one any valid CA, it appears not to be checking the CN. This is an issue for the polling service, since it allows for the connection to be intercept...

Hacker Can Steal Data from Air-Gapped Computers through Power Lines

Do you think it is possible to extract data from a computer using its power cables? If no, then you should definitely read about this technique. Researchers from Israel's Ben Gurion University of the Negev—who majorly focus on finding clever ways to exfiltrate data from an isolated or air-gapped...