Lucene search
K

49 matches found

OSV
OSV
added 2018/07/10 2:29 p.m.4 views

UBUNTU-CVE-2018-1128

It was found that cephx authentication protocol did not verify ceph clients correctly and was vulnerable to replay attack. Any attacker having access to ceph cluster network who is able to sniff packets on network can use this vulnerability to authenticate with ceph service and perform actions...

7.5CVSS6.8AI score0.01374EPSS
Exploits0References2
OSV
OSV
added 2018/07/10 2:29 p.m.2 views

DEBIAN-CVE-2018-1128

It was found that cephx authentication protocol did not verify ceph clients correctly and was vulnerable to replay attack. Any attacker having access to ceph cluster network who is able to sniff packets on network can use this vulnerability to authenticate with ceph service and perform actions...

7.5CVSS7.9AI score0.01374EPSS
Exploits0References1
OSV
OSV
added 2018/07/10 2:29 p.m.4 views

UBUNTU-CVE-2018-10861

A flaw was found in the way ceph mon handles user requests. Any authenticated ceph user having read access to ceph can delete, create ceph storage pools and corrupt snapshot images. Ceph branches master, mimic, luminous and jewel are believed to be affected...

8.1CVSS6.8AI score0.03249EPSS
Exploits0References2
CVE
CVE
added 2018/07/10 2:0 p.m.382 views

CVE-2018-1128

CVE-2018-1128 describes a replay vulnerability in the Cephx authentication protocol where a packet sniffer on a Ceph cluster network can authenticate to Ceph services due to insufficient verification of clients. The issue affects the msgr2 protocol (used by most Ceph communication) and can compro...

7.5CVSS7AI score0.01374EPSS
Exploits0References12Affected Software7
Debian CVE
Debian CVE
added 2018/07/10 2:0 p.m.68 views

CVE-2018-1128

It was found that cephx authentication protocol did not verify ceph clients correctly and was vulnerable to replay attack. Any attacker having access to ceph cluster network who is able to sniff packets on network can use this vulnerability to authenticate with ceph service and perform actions...

7.5CVSS8AI score0.01374EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2018/07/10 12:0 a.m.4 views

PT-2018-10454

Name of the Vulnerable Software and Affected Versions Ceph branches master, mimic, luminous, and jewel are believed to be vulnerable. Description A flaw was found in the way signature calculation was handled by the cephx authentication protocol. An attacker with access to the Ceph cluster network...

9.8CVSS8.2AI score0.08743EPSS
Exploits19References592
hackapp
hackapp
added 2016/04/01 9:23 a.m.13 views

Luminous Kika Keyboard Theme - Customized SSL, Dangerous filesystem permissions, WebView SSL handling enabled vulnerabilities

HackApp vulnerability scanner discovered that application Luminous Kika Keyboard Theme published at the 'play' market has multiple vulnerabilities...

0.2AI score
Exploits0References1Affected Software1
hackapp
hackapp
added 2016/04/01 9:19 a.m.11 views

Luminous Hola Launcher Theme - Dangerous filesystem permissions, Exported components, External URLs vulnerabilities

HackApp vulnerability scanner discovered that application Luminous Hola Launcher Theme published at the 'play' market has multiple vulnerabilities...

0.3AI score
Exploits0References1Affected Software1
The Hacker News
The Hacker News
added 2011/09/02 1:18 a.m.12 views

Persistent XSS vulnerability in eBuddy Web Messenger

Persistent XSS vulnerability in eBuddy Web Messenger A team member from Virtual Luminous Security, Russian Federation, has discovered a persistent XSS vulnerability in eBuddy the biggest web IM solution in the world by transmitting messages with embedded encoded javascript code. In-depth detail...

6.4AI score
Exploits0
Rows per page
Query Builder