CVE-2026-45041 RustFS: Hard-coded RSA private key in license verifier permits arbitrary license forgery

RustFS is a distributed object storage system built in Rust. Prior to 1.0.0-beta.2, crates/appauth/src/token.rs ships a 2048-bit RSA private key as a string constant named TESTPRIVATEKEY and uses it in production via parselicense to "verify" license tokens. Because the key is embedded in every...

rustfs 安全漏洞

RustFS is a high-performance object storage system developed by RustFS. Versions of RustFS prior to 1.0.0-beta.2 contained a security vulnerability. This vulnerability stemmed from the use of embedded test private keys for license verification, allowing anyone to forge any license token...

EUVD-2021-22795

Malware in sbrugna...

CVE-2021-36174

A memory allocation with excessive size value vulnerability in the license verification function of FortiPortal before 6.0.6 may allow an attacker to perform a denial of service attack via specially crafted license blobs...

Licensed uberAgent still shows Evaluation Version splash screen at login

An operating system with uberAgent installed continues to show a splash screen during user login, stating the agent is running an Evaluation Version. The uberAgent.log file shows messages similar to the following: 2024-12-06 13:50:25.560 +0100,INFO ,WORKGROUP,SRV2016$,6372,LicenseCheck,Starting...

uberAgent fails to start due to invalid license signature

Attempting to start the uberAgent service results in a failure. The uberAgent.log file shows messages similar to the following: 2024-12-06 13:50:25.560 +0100,ERROR,WORKGROUP,SRV2016$,6372,LicenseCheck,Failed to read or verify the license file: C:\ProgramData\vast limits\uberAgent\License...

uberAgent on MacOS displays splash screen at login, fails to recognize license file

uberAgent on MacOS displays a splash screen at login advising users: "Evaluation Version. Not for Production Use." uberAgent.log will show failure to read the licensing file. LicenseCheck,Starting license verification LicenseCheck,Copying license files from to cache LicenseCheck,Reading license...

CVE-2024-44087

A vulnerability has been identified in Automation License Manager V5 All versions, Automation License Manager V6.0 All versions V6.0 SP12 Upd3, Automation License Manager V6.2 All versions V6.2 Upd3. Affected applications do not properly validate certain fields in incoming network packets on port...

NiceRAT Malware Targets South Korean Users via Cracked Software

Threat actors have been observed deploying a malware called NiceRAT to co-opt infected devices into a botnet. The attacks, which target South Korean users, are designed to propagate the malware under the guise of cracked software, such as Microsoft Windows, or tools that purport to offer license...

CVE-2021-36174

A memory allocation with excessive size value vulnerability in the license verification function of FortiPortal before 6.0.6 may allow an attacker to perform a denial of service attack via specially crafted license blobs...

Design/Logic Flaw

A memory allocation with excessive size value vulnerability in the license verification function of FortiPortal before 6.0.6 may allow an attacker to perform a denial of service attack via specially crafted license blobs...

CVE-2021-36174

A memory allocation with excessive size value vulnerability in the license verification function of FortiPortal before 6.0.6 may allow an attacker to perform a denial of service attack via specially crafted license blobs...

CVE-2021-36174

A memory allocation with excessive size value vulnerability in the license verification function of FortiPortal before 6.0.6 may allow an attacker to perform a denial of service attack via specially crafted license blobs...

FortiPortal - Uncontrolled memory allocation

A memory allocation with excessive size value vulnerability CWE-789 in the license verification function of FortiPortal may allow an attacker to perform a denial of service attack via specially crafted license blobs...

ExpressionEngine: License verification mechanism can be bypassed

@unbaiat discovered that an invalid license file could be accepted as valid in certain circumstances. @unbaiat gave a detailed report with step-by-step instructions for replicating, enabling a speedy resolution to the issue...

Office 365 Activation Error: Cannot Verify the License Currently Installed for This Product

Office 365 2016 Activation with error: Cannot verify the license currently installed for this product...

Google license verification cracked with Android

Exploit for Android platform in category web applications This is private exploit. You can buy it at https://0day.today...