Lucene search
K

226 matches found

myhack58
myhack58
added 2015/08/24 12:0 a.m.23 views

Camera 3 6 0 applications privacy data breach analysis-vulnerability warning-the black bar safety net

A lot of popular Android apps leak privacy data. We found another popular Google Play app,“Camera 3 6 0 Ultimate”,not only for the user's photos are optimized, but also inadvertently leaked the private data that can allow a malicious user is not authenticated access to the user Camera 3 6 0 cloud...

7AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2015/07/06 12:0 a.m.81 views

CentOS 5 : openssl (CESA-2015:1197) (Logjam)

Updated openssl packages that fix three security issues are now available for Red Hat Enterprise Linux 5. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are available fo...

7.5CVSS7.2AI score0.9986EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2015/05/13 1:33 p.m.8 views

SSL/TLS: "Invariance Weakness" vulnerability in RC4 stream cipher

The RC4 algorithm, as used in the TLS protocol and SSL protocol, does not properly combine state data with key data during the initialization phase, which makes it easier for remote attackers to conduct plaintext-recovery attacks against the initial bytes of a stream by sniffing network traffic...

5CVSS6.7AI score0.73851EPSS
Exploits0References5
OpenVAS
OpenVAS
added 2015/05/06 12:0 a.m.249 views

Debian: Security Advisory (DSA-3253-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS6.5AI score0.99999EPSS
Exploits23References3
RedHat Linux
RedHat Linux
added 2015/04/13 11:54 a.m.62 views

Moderate: Red Hat Security Advisory: openssl security update

Updated openssl packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5 Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are available...

7.5CVSS7.2AI score0.98685EPSS
Exploits2References11
NVD
NVD
added 2015/04/01 2:0 a.m.23 views

CVE-2015-2808

The RC4 algorithm, as used in the TLS protocol and SSL protocol, does not properly combine state data with key data during the initialization phase, which makes it easier for remote attackers to conduct plaintext-recovery attacks against the initial bytes of a stream by sniffing network traffic...

5CVSS4.5AI score0.73851EPSS
Exploits0References101
Prion
Prion
added 2015/04/01 2:0 a.m.24 views

Design/Logic Flaw

The RC4 algorithm, as used in the TLS protocol and SSL protocol, does not properly combine state data with key data during the initialization phase, which makes it easier for remote attackers to conduct plaintext-recovery attacks against the initial bytes of a stream by sniffing network traffic...

5CVSS6.8AI score0.73851EPSS
Exploits0References101Affected Software29
Cvelist
Cvelist
added 2015/04/01 12:0 a.m.34 views

CVE-2015-2808

The RC4 algorithm, as used in the TLS protocol and SSL protocol, does not properly combine state data with key data during the initialization phase, which makes it easier for remote attackers to conduct plaintext-recovery attacks against the initial bytes of a stream by sniffing network traffic...

4.9AI score0.73851EPSS
Exploits0References101
Debian CVE
Debian CVE
added 2015/04/01 12:0 a.m.66 views

CVE-2015-2808

The RC4 algorithm, as used in the TLS protocol and SSL protocol, does not properly combine state data with key data during the initialization phase, which makes it easier for remote attackers to conduct plaintext-recovery attacks against the initial bytes of a stream by sniffing network traffic...

5CVSS5.4AI score0.73851EPSS
Exploits0
UbuntuCve
UbuntuCve
added 2015/03/31 12:0 a.m.119 views

CVE-2015-2808

The RC4 algorithm, as used in the TLS protocol and SSL protocol, does not properly combine state data with key data during the initialization phase, which makes it easier for remote attackers to conduct plaintext-recovery attacks against the initial bytes of a stream by sniffing network traffic...

5CVSS6.3AI score0.73851EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2015/03/30 12:0 a.m.56 views

Mandriva Linux Security Advisory : openssl (MDVSA-2015:062)

Multiple vulnerabilities has been discovered and corrected in openssl : Race condition in the ssl3readbytes function in s3pkt.c in OpenSSL through 1.0.1g, when SSLMODERELEASEBUFFERS is enabled, allows remote attackers to inject data across sessions or cause a denial of service use-after-free and...

7.5CVSS8.2AI score0.99999EPSS
Exploits106References27
Cent OS
Cent OS
added 2015/03/23 9:19 p.m.85 views

openssl security update

CentOS Errata and Security Advisory CESA-2015:0716 Updated openssl packages that fix several security issues and one bug are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS ba...

7.5CVSS7.1AI score0.44503EPSS
Exploits2References7
Cent OS
Cent OS
added 2015/01/26 7:17 p.m.82 views

java security update

CentOS Errata and Security Advisory CESA-2015:0085 Updated java-1.6.0-openjdk packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5, 6, and 7. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring...

10CVSS6.8AI score0.99999EPSS
Exploits12References7
OpenVAS
OpenVAS
added 2015/01/23 12:0 a.m.38 views

CentOS Update for java CESA-2015:0068 centos5

Check the version of java SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.882094";...

10CVSS6.3AI score0.06877EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2015/01/19 12:0 a.m.29 views

Oracle Solaris Third-Party Patch Update : fetchmail (multiple_vulnerabilities_in_fetchmail) (BEAST)

The remote Solaris system is missing necessary patches to address security updates : - The SSL protocol, as used in certain configurations in Microsoft Windows and Microsoft Internet Explorer, Mozilla Firefox, Google Chrome, Opera, and other products, encrypts data by using CBC mode with chained...

5.8CVSS6.7AI score0.73327EPSS
Exploits4References4
Tenable Nessus
Tenable Nessus
added 2015/01/19 12:0 a.m.52 views

Oracle Solaris Third-Party Patch Update : openssl (multiple_vulnerabilities_in_openssl6) (POODLE)

The remote Solaris system is missing necessary patches to address security updates : - Memory leak in d1srtp.c in the DTLS SRTP extension in OpenSSL 1.0.1 before 1.0.1j allows remote attackers to cause a denial of service memory consumption via a crafted handshake message. CVE-2014-3513 - The SSL...

7.1CVSS6.4AI score0.99999EPSS
Exploits7References6
Tenable Nessus
Tenable Nessus
added 2015/01/19 12:0 a.m.49 views

Oracle Solaris Third-Party Patch Update : python (multiple_vulnerabilities_in_python) (BEAST)

The remote Solaris system is missing necessary patches to address security updates : - The SSL protocol, as used in certain configurations in Microsoft Windows and Microsoft Internet Explorer, Mozilla Firefox, Google Chrome, Opera, and other products, encrypts data by using CBC mode with chained...

5CVSS6.4AI score0.73327EPSS
Exploits9References6
Check Point Advisories
Check Point Advisories
added 2014/12/28 12:0 a.m.5 views

Microsoft Windows Secure Sockets Layer Version 3.0 - Ver2 (CVE-2004-0120)

Secure Socket Layer SSL is a cryptographic protocol that provides security and data integrity for communications over TCP/IP networks. The protocol is considered obsolete and insecure. This protection can detect and prevent connections attempting to use this protocol. In particular, this protecti...

5CVSS2.9AI score0.55583EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2014/12/01 12:0 a.m.52 views

SuSE 11.3 Security Update : IBM Java (SAT Patch Number 9992)

java-160-ibm has been updated to version 1.6.0sr16.2 to fix 18 security issues. These security issues has been fixed : - Unspecified vulnerability in Oracle Java SE 6u81. CVE-2014-3065 - The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other products, uses nondeterministic CBC padding,...

10CVSS6.3AI score0.99999EPSS
Exploits8References43
OSV
OSV
added 2014/11/19 10:21 a.m.9 views

SUSE-SU-2015:0343-2 Security update for IBM Java

java-160-ibm has been updated to version 1.6.0sr16.2 to fix 18 security issues. These security issues have been fixed: Unspecified vulnerability in Oracle Java SE 6u81 CVE-2014-3065. The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other products, uses nondeterministic CBC padding, whi...

10CVSS5.7AI score0.99999EPSS
Exploits12References107
Rows per page
Query Builder