19 matches found
CVE-2024-53097
In the Linux kernel, the following vulnerability has been resolved: mm: krealloc: Fix MTE false alarm in dokrealloc This patch addresses an issue introduced by commit 1a83a716ec233 "mm: krealloc: consider spare memory for GFPZERO" which causes MTE Memory Tagging Extension to falsely report a...
Multi-DNC 安全漏洞
Multi-DNC is a completely software-based machine tool communication system from Multi-DNC. A security vulnerability exists in Multi-DNC that stems from path traversal...
Fully Offline Electronic Cash: Is It an Intractable Problem?
By Daily Contributors Is truly offline offline electronic Cash possible? Unlike Bitcoin, experts dig deeper into the technical hurdles of creating software-based cash that works without the internet. Discover why achieving this might be a tougher nut to crack than expected. This is a post from...
CVE-2023-20583 Software based Power Side Channel on AMD CPUs
A potential power side-channel vulnerability in AMD processors may allow an authenticated attacker to monitor the CPU power consumption as the data in a cache line changes over time potentially resulting in a leak of sensitive information...
GSD-2023-1000491 fs/ntfs3: Add null pointer check to attr_load_runs_vcn
fs/ntfs3: Add null pointer check to attrloadrunsvcn This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v6.0.17 by commit...
Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Software-Based SSL/TLS Denial of Service Vulnerability
A vulnerability in the software-based SSL/TLS message handler of Cisco Adaptive Security Appliance ASA Software and Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service DoS condition. This...
CVE-2021-1402
A vulnerability in the software-based SSL/TLS message handler of Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to trigger a reload of an affected device, resulting in a denial of service DoS condition. The vulnerability is due to insufficient validati...
Input validation
A vulnerability in the software-based SSL/TLS message handler of Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to trigger a reload of an affected device, resulting in a denial of service DoS condition. The vulnerability is due to insufficient validati...
CVE-2021-1402 Cisco Firepower Threat Defense Software SSL Decryption Policy Denial of Service Vulnerability
A vulnerability in the software-based SSL/TLS message handler of Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to trigger a reload of an affected device, resulting in a denial of service DoS condition. The vulnerability is due to insufficient validati...
Cisco Firepower Threat Defense Software SSL Decryption Policy Denial of Service Vulnerability
A vulnerability in the software-based SSL/TLS message handler of Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to trigger a reload of an affected device, resulting in a denial of service DoS condition. The vulnerability is due to insufficient validati...
honggfuzz vulnerability mining technology principle analysis-vulnerability warning-the black bar safety net
Google AFLWinAFL, the libfuzzer and honggfuzz is the most famous of the three based on code coverage fuzzer is. Online on the AFLWinAFLanalysis of the articles more, and on the latter two Analysis Articles less. Before the spring brother has written about honggfuzz article: honggfuzz vulnerabilit...
Aerotech A3200 Software-Based Machine Controller Motion Module Detection
Binary data 763905.prm...
Self-encrypting hard drives do not adequately protect data
Overview There are multiple vulnerabilities in implementations of ATA Security or TCG Opal Standards in Self-Encrypting Disks SEDs, which can allow an attacker to decrypt contents of an encrypted drive. Description CVE-2018-12037 There is no cryptographic relation between the password provided by...
Microsoft Windows: Hardware-based encryption for OS drives (software encryption failover)
This policy setting allows you to manage BitLocker Copyright C 2018 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Microsoft Windows: Hardware-based encryption: BitLockers software-based encryption
This test checks the setting for policy OpenVAS Vulnerability Test $Id: winhwencryptionbitlocker.nasl 11363 2018-09-12 13:46:05Z emoss $ Check value for Configure use of hardware-based encryption for fixed data drives: Use BitLocker software-based encryption when hardware encryption is not...
Microsoft Windows: Hardware-based encryption: Restrict encryption algorithms
This policy setting allows you to manage BitLocker Copyright C 2018 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Moderate: Red Hat Security Advisory: openstack-swift security update
Updated openstack-swift packages that fix one security issue are now available for Red Hat Enterprise Linux OpenStack Platform 3.0. The Red Hat Security Response Team has rated this update as having Moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a...
Optimalog Optima PLC Multiple Vulnerabilities
Overview Independent researcher Luigi Auriemma identified a NULL Pointer Dereference and an Infinite Loop and released proof-of-concept exploit code for Optimalog’s Optima PLC application without coordination with ICS-CERT, the vendor, or any other coordinating entity known to ICS-CERT. Optimalog...
Kerio Control Detection
Kerio Control formerly known as Kerio WinRoute is installed on the remote Windows host. It acts as a software-based firewall. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid51388; scriptversion"1.11"; scriptsetattributeattribute:"pluginmodificationdate",...