CVE-2024-52925

In OPSWAT MetaDefender Kiosk before 4.7.0, arbitrary code execution can be performed by an attacker via the MD Kiosk Unlock Device feature for software encrypted USB drives...

CVE-2024-52925

In OPSWAT MetaDefender Kiosk before 4.7.0, arbitrary code execution can be performed by an attacker via the MD Kiosk Unlock Device feature for software encrypted USB drives...

CGA-MHWF-FPRC-G83H

Bulletin has no description...

SUSE-SU-2024:1773-1 Security update for opensc

This update for opensc fixes the following issues: - CVE-2023-5992: Fixed a side-channel leaks while stripping encryption PKCS1 padding bsc1219386...

Ross Anderson

Ross Anderson unexpectedly passed away Thursday night in, I believe, his home in Cambridge. I cant remember when I first met Ross. Of course it was before 2008, when we created the Security and Human Behavior workshop. It was well before 2001, when we created the Workshop on Economics and...

CVE-2023-51392

Ember ZNet between v7.2.0 and v7.4.0 used software AES-CCM instead of integrated hardware cryptographic accelerators, potentially increasing risk of electromagnetic and differential power analysis sidechannel attacks...

CVE-2019-18630

On Xerox AltaLink B8045/B8055/B8065/B8075/B8090 and C8030/C8035/C8045/C8055/C8070 multifunction printers with software releases before 101.00x.099.28200, portions of the drive containing executable code were not encrypted thus leaving it open to potential cryptographic information disclosure...

Self-Encrypting Drive Vulnerabilities - US

Lenovo Security Advisory: LEN-25256 Potential Impact: Information disclosure Severity: Medium Scope of Impact: Industry-wide CVE Identifier: CVE-2018-12037, CVE-2018-12038, CVE-2019-10636, CVE-2019-10705, CVE-2019-10706, CVE-2019-11686 Summary Description: As reported in CERT Coordination Center...

Self-Encrypting Drive Vulnerabilities - Lenovo Support US

No description provided...

November 2018 Patch Tuesday – 62 Vulns, TFTP Server RCE, Adobe PoC

This month's Patch Tuesday addresses 62 vulnerabilities, with 12 of them labeled as Critical. Out of the Criticals, 8 are for the Chakra Scripting Engine used by Microsoft Edge. A Remote Code Execution vulnerability in Windows Deployment Services' TFTP server is also addressed in this release...

Guidance for configuring BitLocker to enforce software encryption

Microsoft is aware of reports of vulnerabilities in the hardware encryption of certain self-encrypting drives SEDs. Customers concerned about this issue should consider using the software only encryption provided by BitLocker Drive Encryption™. On Windows computers with self-encrypting drives,...

KLA11345 Guidance for configuring BitLocker to enforce software encryption

Microsoft is aware of reports of vulnerabilities in the hardware encryption of certain self-encrypting drives and recommends customers to use the software only encryption provided by BitLocker Drive Encryption. For the details, see ADV180028 Original advisories ADV180028 Related products...

Microsoft Windows: Use of hardware-based encryption (software encryption failover)

This policy setting allows you to manage BitLocker Copyright C 2018 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

kernel: net: mac80211: plain text information leak

An information leak flaw was found in the Linux kernel's IEEE 802.11 wireless networking implementation. When software encryption was used, a remote attacker could use this flaw to leak up to 8 bytes of plaintext...

kernel: net: mac80211: plain text information leak

An information leak flaw was found in the Linux kernel's IEEE 802.11 wireless networking implementation. When software encryption was used, a remote attacker could use this flaw to leak up to 8 bytes of plaintext...

openSUSE 10 Security Update : seamonkey (seamonkey-3631)

This update brings Mozilla SeaMonkey to security update version 1.1.2 - MFSA 2007-17 / CVE-2007-2871 : Chris Thomas demonstrated that XUL popups opened by web content could be placed outside the boundaries of the content area. This could be used to spoof or hide parts of the browser chrome such a...

openSUSE 10 Security Update : MozillaThunderbird (MozillaThunderbird-3545)

This update brings Mozilla Thunderbird to security update version 1.5.0.12. - MFSA 2007-17 / CVE-2007-2871 : Chris Thomas demonstrated that XUL popups opened by web content could be placed outside the boundaries of the content area. This could be used to spoof or hide parts of the browser chrome...

Mozilla Foundation Security Advisory 2007-15

Title: Security Vulnerability in APOP Authentication Impact: Moderate Announced: May 30, 2007 Reporter: Gatan Leurent Products: Thunderbird, SeaMonkey Fixed in: Thunderbird 1.5.0.12 Thunderbird 2.0.0.4 SeaMonkey 1.0.9 SeaMonkey 1.1.2 Description Gatan Leurent informed us of a weakness in APOP...

Security Vulnerability in APOP Authentication — Mozilla

Gaëtan Leurent informed us of a weakness in APOP authentication that could allow an attacker to recover the first part of your mail password if the attacker could interpose a malicious mail server on your network masquerading as your legitimate mail server. With normal settings it could take...