35 matches found
ethical-hacking-security-labs
Ethical Hacking & Network Security Lab Portfolio A hands-on...
CVE-2026-22702
virtualenv is a tool for creating isolated virtual python environments. Prior to version 20.36.1, TOCTOU Time-of-Check-Time-of-Use vulnerabilities in virtualenv allow local attackers to perform symlink-based attacks on directory creation operations. An attacker with local access can exploit a rac...
EUVD-2021-11034
Malware in sbrugna...
In Trusted Firmware Mbed TLS 2.24.0, a side-channel vulnerability in base64 PEM file decoding allows system-level (administrator) attackers to obtain information about secret RSA keys via a controlled-channel and side-channel attack on software running in isolated environments that can be single stepped, especially Intel SGX.
...
CVE-2021-24117
In Apache Teaclave Rust SGX SDK 1.1.3, a side-channel vulnerability in base64 PEM file decoding allows system-level administrator attackers to obtain information about secret RSA keys via a controlled-channel and side-channel attack on software running in isolated environments that can be single...
The vulnerability of the Kernel component in operating systems such as MacOs, tvOs, watchOs, iPadOs, and iOS allows attackers to influence data integrity.
The vulnerability of the Kernel component in macOS, tvOS, watchOS, iPadOS, and iOS is related to deficiencies in access control within isolated environments. Exploiting this vulnerability could allow attackers to compromise data integrity...
GHSA-VMG2-R3XV-R3XF Simulation of Wasmd message can cause crashing
CWA-2024-009 Severity Low Marginal + Likely^1 Affected versions: - wasmd 0.53.1 Patched versions: - wasmd 0.53.2 please note that wasmd 0.53.1 is broken and must not be used Description of the bug Blank for now. We'll add more detail once chains had a chance to upgrade. Mitigations Apart from...
[SECURITY] Fedora 39 Update: python-virtualenv-20.21.1-25.fc39
virtualenv is a tool to create isolated Python environments. virtualenv is a successor to workingenv, and an extension of virtual-python. It is written by Ian Bicking, and sponsored by the Open Planning Project. It is licensed under an MIT-style permissive license...
[SECURITY] Fedora 41 Update: python-virtualenv-20.21.1-25.fc41
virtualenv is a tool to create isolated Python environments. virtualenv is a successor to workingenv, and an extension of virtual-python. It is written by Ian Bicking, and sponsored by the Open Planning Project. It is licensed under an MIT-style permissive license...
The vulnerability of the Scalefusion MDM Agent software, related to deficiencies in access control within isolated environments, allows a perpetrator to influence the confidentiality, integrity, and accessibility of protected information.
The vulnerability of the Scalefusion MDM Agent software management tool is related to deficiencies in access control within the isolated environment. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of the protected information...
The vulnerability of the Avast Premium Security antivirus protection lies in its lack of access control mechanisms within isolated environments. This allows attackers to enhance their privileges and execute arbitrary codes.
The vulnerability of the Avast Premium Security antivirus protection lies in its lack of access control mechanisms in isolated environments when processing namespace objects. Exploiting this vulnerability can allow attackers to enhance their privileges and execute arbitrary code...
The vulnerability of the Avast Premium Security antivirus protection lies in its lack of access control mechanisms within isolated environments. This allows attackers to enhance their privileges and execute arbitrary codes.
The vulnerability of the Avast Premium Security antivirus protection lies in its lack of access control mechanisms in isolated environments when processing namespace objects. Exploiting this vulnerability can allow attackers to enhance their privileges and execute arbitrary code...
The vulnerability of the Portals components in Google Chrome and Microsoft Edge allows a hacker to escape from an isolated software environment.
The vulnerability of the Portals components in Google Chrome and Microsoft Edge is related to the use of memory after it is freed. Exploiting this vulnerability can allow a malicious actor to escape from an isolated software environment remotely...
CVE-2021-24117
In Apache Teaclave Rust SGX SDK 1.1.3, a side-channel vulnerability in base64 PEM file decoding allows system-level administrator attackers to obtain information about secret RSA keys via a controlled-channel and side-channel attack on software running in isolated environments that can be single...
CVE-2021-24117
In Apache Teaclave Rust SGX SDK 1.1.3, a side-channel vulnerability in base64 PEM file decoding allows system-level administrator attackers to obtain information about secret RSA keys via a controlled-channel and side-channel attack on software running in isolated environments that can be single...
DEBIAN-CVE-2021-24119
In Trusted Firmware Mbed TLS 2.24.0, a side-channel vulnerability in base64 PEM file decoding allows system-level administrator attackers to obtain information about secret RSA keys via a controlled-channel and side-channel attack on software running in isolated environments that can be single...
CVE-2021-24119
In Trusted Firmware Mbed TLS 2.24.0, a side-channel vulnerability in base64 PEM file decoding allows system-level administrator attackers to obtain information about secret RSA keys via a controlled-channel and side-channel attack on software running in isolated environments that can be single...
CVE-2021-24116
In wolfSSL through 4.6.0, a side-channel vulnerability in base64 PEM file decoding allows system-level administrator attackers to obtain information about secret RSA keys via a controlled-channel and side-channel attack on software running in isolated environments that can be single stepped,...
CVE-2021-24119
In Trusted Firmware Mbed TLS 2.24.0, a side-channel vulnerability in base64 PEM file decoding allows system-level administrator attackers to obtain information about secret RSA keys via a controlled-channel and side-channel attack on software running in isolated environments that can be single...
DEBIAN-CVE-2021-24116
In wolfSSL through 4.6.0, a side-channel vulnerability in base64 PEM file decoding allows system-level administrator attackers to obtain information about secret RSA keys via a controlled-channel and side-channel attack on software running in isolated environments that can be single stepped,...