57 matches found
Microsoft Windows Server 2012 - 'Group Policy' Security Feature Bypass (MS15-014)
Exploit Title: Microsoft Windows Server 2012 - 'Group Policy' Security Feature Bypass Date: 2019-10-28 Exploit Author: Thomas Zuk Version: Windows Server 2003, Windows Vista, Windows Server 2008, Windows 7, Windows Server 2008 R2, Windows 8, Windows Server 2012, Windows RT, Windows 8.1, Windows...
CVE-2018-1000168
nghttp2 version = 1.10.0 and nghttp2 = 1.31.1...
nghttp2: Null pointer dereference when too large ALTSVC frame is received
nghttp2 version = 1.10.0 and nghttp2 = 1.31.1...
Microsoft Windows: Microsoft network client: Send unencrypted password to third-party SMB servers
This test checks the setting for policy OpenVAS Vulnerability Test $Id: winncunencryptedpasswordsmb.nasl 11532 2018-09-21 19:07:30Z cfischer $ Check value for Microsoft network client: Send unencrypted password to third-party SMB servers Authors: Emanuel Moss Copyright: Copyright c 2018 Greenbone...
Microsoft Windows: Microsoft network client: Digitally sign communications (always)
This test checks the setting for policy OpenVAS Vulnerability Test $Id: winncdigitallysigncommunicationsalways.nasl 11532 2018-09-21 19:07:30Z cfischer $ Check value for Microsoft network client: Digitally sign communications always Authors: Emanuel Moss Copyright: Copyright c 2018 Greenbone...
Microsoft Windows: Microsoft network client: Digitally sign communications (if server agrees)
This test checks the setting for policy OpenVAS Vulnerability Test $Id: winncdigitallysigncommunicationsserveragrees.nasl 11532 2018-09-21 19:07:30Z cfischer $ Check value for Microsoft network client: Digitally sign communications if server agrees Authors: Emanuel Moss Copyright: Copyright c 201...
Medium: nghttp2
Issue Overview: nghttp2 version = 1.10.0 and nghttp2 = 1.31.1. CVE-2018-1000168 Affected Packages: nghttp2 Note: This advisory is applicable to Amazon Linux 2 AL2 Core repository. Visit this FAQ section for the difference between AL2 Core and AL2 Extras advisories. Issue Correction: Run yum updat...
CVE-2018-1000168
nghttp2 version = 1.10.0 and nghttp2 = 1.31.1...
Input validation
nghttp2 version = 1.10.0 and nghttp2 = 1.31.1...
CVE-2018-1000168
nghttp2 version = 1.10.0 and nghttp2 = 1.31.1...
CVE-2018-1000168
nghttp2 version = 1.10.0 and nghttp2 = 1.31.1...
CVE-2018-1000168
nghttp2 version = 1.10.0 and nghttp2 = 1.31.1...
Code injection
rhnregks in Red Hat Network Client Tools aka rhn-client-tools on Red Hat Gluster Storage 2.1 and Enterprise Linux RHEL 5, 6, and 7 does not properly validate hostnames in X.509 certificates from SSL servers, which allows remote attackers to prevent system registration via a man-in-the-middle atta...
CVE-2015-1777
rhnregks in Red Hat Network Client Tools aka rhn-client-tools on Red Hat Gluster Storage 2.1 and Enterprise Linux RHEL 5, 6, and 7 does not properly validate hostnames in X.509 certificates from SSL servers, which allows remote attackers to prevent system registration via a man-in-the-middle atta...
CVE-2015-1777
rhnregks in Red Hat Network Client Tools aka rhn-client-tools on Red Hat Gluster Storage 2.1 and Enterprise Linux RHEL 5, 6, and 7 does not properly validate hostnames in X.509 certificates from SSL servers, which allows remote attackers to prevent system registration via a man-in-the-middle atta...
CVE-2015-1777
rhnregks in Red Hat Network Client Tools aka rhn-client-tools on Red Hat Gluster Storage 2.1 and Enterprise Linux RHEL 5, 6, and 7 does not properly validate hostnames in X.509 certificates from SSL servers, which allows remote attackers to prevent system registration via a man-in-the-middle atta...
CVE-2015-1777
CVE-2015-1777 affects rhnreg_ks in Red Hat Network Client Tools (rhn-client-tools) on Red Hat Gluster Storage 2.1 and RHEL 5, 6, 7. The component fails to properly validate hostnames in X.509 certificates from SSL servers, enabling a remote MITM that can prevent system registration. Root cause: h...
CVE-2018-1000168
nghttp2 version = 1.10.0 and nghttp2 = 1.31.1...
AT&T Global Network Client - Certificates or keys found, Customized SSL, Dynamic Code Loading vulnerabilities
HackApp vulnerability scanner discovered that application AT&T Global Network Client published at the 'play' market has multiple vulnerabilities...
The vulnerability of Cisco VPN Client software allows a malicious individual to increase their privileges.
The vulnerability in dne2000.sys of Citrix Deterministic Network Enhancer for Cisco VPN Client, Blue Coat WinProxy, SafeNet SoftRemote, and HighAssurance Remote allows local users to elevate their privileges by using a specially crafted request called DNEIOCTL DeviceIoControl to the \.\DNE device...