Lucene search
K

5 matches found

GoogleProjectZero
GoogleProjectZero
added 2024/10/25 12:0 a.m.59 views

The Windows Registry Adventure #4: Hives and the registry layout

Posted by Mateusz Jurczyk, Google Project Zero To a normal user or even a Win32 application developer, the registry layout may seem simple: there are five root keys that we know from Regedit abbreviated as HKCR, HKLM, HKCU, HKU and HKCC, and each of them contains a nested tree structure that serv...

7.8CVSS6.4AI score0.08698EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2022/06/01 10:21 p.m.6 views

Mozilla: Querying a WebAuthn token with a large number of allowCredential entries may have leaked cross-origin information

A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes the issue as an attacker could have exploited a timing attack by sending a large number of allowCredential entries and detecting the difference between invalid key handles and cross-origin key handles. This could have...

6.5CVSS7.3AI score0.00594EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2022/06/01 9:8 p.m.4 views

Mozilla: Querying a WebAuthn token with a large number of allowCredential entries may have leaked cross-origin information

A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes the issue as an attacker could have exploited a timing attack by sending a large number of allowCredential entries and detecting the difference between invalid key handles and cross-origin key handles. This could have...

6.5CVSS7.3AI score0.00594EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2022/06/01 8:30 p.m.5 views

Mozilla: Querying a WebAuthn token with a large number of allowCredential entries may have leaked cross-origin information

A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes the issue as an attacker could have exploited a timing attack by sending a large number of allowCredential entries and detecting the difference between invalid key handles and cross-origin key handles. This could have...

6.5CVSS7.3AI score0.00594EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2022/05/31 2:53 p.m.27 views

CVE-2022-31742

A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes the issue as an attacker could have exploited a timing attack by sending a large number of allowCredential entries and detecting the difference between invalid key handles and cross-origin key handles. This could have...

6.5CVSS2.9AI score0.00594EPSS
Exploits0References3
Rows per page
Query Builder