Lucene search
K

80 matches found

The Hacker News
The Hacker News
added 2020/05/19 1:50 p.m.72 views

British Airline EasyJet Suffers Data Breach Exposing 9 Million Customers' Data

British low-cost airline EasyJet today admitted that the company has fallen victim to a cyber-attack, which it labeled "highly sophisticated," exposing email addresses and travel details of around 9 million of its customers. In an official statement released today, EasyJet confirmed that of the 9...

6.9AI score
Exploits0
OpenVAS
OpenVAS
added 2020/01/23 12:0 a.m.15 views

Huawei EulerOS: Security Advisory for gnutls (EulerOS-SA-2019-1203)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.9CVSS6.1AI score0.03623EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2020/01/23 12:0 a.m.23 views

Huawei EulerOS: Security Advisory for gnutls (EulerOS-SA-2019-1272)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.9CVSS6.1AI score0.03623EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2019/08/12 12:0 a.m.44 views

NewStart CGSL CORE 5.04 / MAIN 5.04 : gnutls Multiple Vulnerabilities (NS-SA-2019-0068)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has gnutls packages installed that are affected by multiple vulnerabilities: - It was found that GnuTLS's implementation of HMAC- SHA-256 was vulnerable to Lucky Thirteen-style attack. A remote attacker could use this flaw to...

5.9CVSS6.3AI score0.03623EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2019/04/04 12:0 a.m.28 views

EulerOS Virtualization 2.5.3 : gnutls (EulerOS-SA-2019-1272)

According to the version of the gnutls packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerability : - It was found that GnuTLS's implementation of HMAC-SHA-384 was vulnerable to a Lucky Thirteen-style attack. A remote attacker could u...

5.9CVSS6.4AI score0.03623EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2019/04/02 12:0 a.m.30 views

EulerOS 2.0 SP2 : gnutls (EulerOS-SA-2019-1112)

According to the version of the gnutls packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - It was found that GnuTLS's implementation of HMAC-SHA-384 was vulnerable to a Lucky Thirteen-style attack. A remote attacker could use this flaw to...

5.9CVSS6.5AI score0.03623EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2018/12/10 12:0 a.m.36 views

Amazon Linux 2 : gnutls (ALAS-2018-1120)

It was found that GnuTLS's implementation of HMAC-SHA-256 was vulnerable to Lucky Thirteen-style attack. A remote attacker could use this flaw to conduct distinguishing attacks and plain text recovery attacks via statistical analysis of timing data using crafted packets.CVE-2018-10844 It was foun...

5.9CVSS6.3AI score0.03623EPSS
Exploits0References4
ArchLinux
ArchLinux
added 2018/09/24 12:0 a.m.27 views

[ASA-201809-4] strongswan: authentication bypass

Arch Linux Security Advisory ASA-201809-4 ========================================= Severity: High Date : 2018-09-24 CVE-ID : CVE-2018-16151 CVE-2018-16152 Package : strongswan Type : authentication bypass Remote : Yes Link : https://security.archlinux.org/AVG-769 Summary ======= The package...

7.5CVSS1.8AI score0.01888EPSS
Exploits0References5
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.14 views

Claroline 1.8.9 wiki/wiki.php URL XSS

No description provided by source. source: http://www.securityfocus.com/bid/30269/info Claroline is prone to multiple input-validation vulnerabilities: 1. Multiple cross-site scripting vulnerabilities. 2. A remote URI-redirection vulnerability. An attacker may leverage these issues to execute...

7.1AI score
Exploits0
ThreatPost
ThreatPost
added 2013/07/02 1:52 p.m.13 views

njRAT Attacks Spike Against Middle East High-Value Targets

Government agencies, telecom and energy organizations in the Middle East are being targeted by espionage malware known as njRAT. The remote access Trojan is thorough in its data-stealing capabilities. Beyond dropping a keylogger, variants are capable of accessing a computer’s camera, stealing...

0.9AI score
Exploits0
ThreatPost
ThreatPost
added 2013/06/27 12:32 p.m.11 views

Stolen Opera Code-Signing Certificate Used to Sign Malware

Opera Software said it was able to contain the impact of a security breach that resulted in the theft of an expired code-signing certificate used to sign malware distributed to Windows users during a 36-minute stretch on June 19. Opera developer Sigbjorn Vik said the browser maker was victimized ...

2AI score
Exploits0References4
The Hacker News
The Hacker News
added 2013/04/23 6:23 a.m.8 views

Chinese Hackers targeting American Drones under Operation Beebus

FireEye experts have been tracking the Operation Beebus campaign for a few months now, and new same gang of hackers are being blamed for a set of recently discovered spear-phishing attacks that aim to steal information related to American drones. These attacks exploited previously discovered...

6.7AI score
Exploits0
The Hacker News
The Hacker News
added 2013/04/22 7:23 p.m.20 views

Chinese Hackers targeting American Drones under Operation Beebus

FireEye experts have been tracking the Operation Beebus campaign for a few months now, and new same gang of hackers are being blamed for a set of recently discovered spear-phishing attacks that aim to steal information related to American drones. These attacks exploited previously discovered...

6.7AI score
Exploits0
ThreatPost
ThreatPost
added 2013/04/18 4:36 p.m.9 views

Comment Crew's Operation Beebus Stealing Drone Tech

FireEye experts have been tracking the Operation Beebus campaign for a few months now, and their latest research suggests that whomever is responsible for the attacks is ultimately interested in stealing drone technology-related secrets. Operation Beebus is an APT-style attack campaign targeting...

0.4AI score
Exploits0References4
Prion
Prion
added 2009/06/08 7:30 p.m.19 views

Command injection

The ListView control in the Client GUI AClient.exe in Symantec Altiris Deployment Solution 6.x before 6.9.355 SP1 allows local users to gain SYSTEM privileges and execute arbitrary commands via a "Shatter" style attack on the "command prompt" hidden GUI button to 1 overwrite the CommandLine...

6.8CVSS7.9AI score0.01084EPSS
Exploits0References9Affected Software1
Cvelist
Cvelist
added 2008/03/24 10:0 p.m.26 views

CVE-2008-1473

The Altiris Client Service AClient.exe in Symantec Altiris Deployment Solution 6.8.x before 6.9.164 allows local users to gain privileges via a "Shatter" style attack...

6.5AI score0.00391EPSS
Exploits0References6
Prion
Prion
added 2008/02/12 2:0 a.m.15 views

Code injection

The agent in Symantec Altiris Notification Server before 6.0 SP3 R7 allows local users to gain privileges via a "Shatter" style attack...

6.8CVSS7AI score0.00295EPSS
Exploits0References5Affected Software1
NVD
NVD
added 2006/09/07 12:4 a.m.16 views

CVE-2006-4619

The start update window in update.exe in Avira AntiVir PersonalEdition Classic 7.0 build 151 allows local users to gain system privileges via a "Shatter" style attack on the 1 IParam parameter, and the 2 PBMGETRANGE and 3 PBMSETRANGE messages in an unspecified progress bar. NOTE: some details are...

4.6CVSS6.6AI score0.00324EPSS
Exploits0References5
Cvelist
Cvelist
added 2006/09/07 12:0 a.m.21 views

CVE-2006-4619

The start update window in update.exe in Avira AntiVir PersonalEdition Classic 7.0 build 151 allows local users to gain system privileges via a "Shatter" style attack on the 1 IParam parameter, and the 2 PBMGETRANGE and 3 PBMSETRANGE messages in an unspecified progress bar. NOTE: some details are...

6.6AI score0.00324EPSS
Exploits0References5
OSV
OSV
added 2006/02/02 8:6 p.m.1 views

DEBIAN-CVE-2006-0294

Mozilla Firefox before 1.5.0.1, Thunderbird 1.5 if running Javascript in mail, and SeaMonkey before 1.0 allow remote attackers to execute arbitrary code by changing an element's style from position:relative to position:static, which causes Gecko to operate on freed memory...

7.5CVSS7.7AI score0.04815EPSS
Exploits0References1
Rows per page
Query Builder