55 matches found
Hardcoded credentials
NVIDIA GPU and Tegra hardware contain a vulnerability in the internal microcontroller, which may allow a user with elevated privileges to instantiate a DMA write operation only within a specific time window timed to corrupt code execution, which may impact confidentiality, integrity, or...
Siemens SINEMA Server
1. EXECUTIVE SUMMARY CVSS v3 4.7 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: SINEMA Server Vulnerability: Missing Authentication for Critical Function 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to obtain encoded...
Time window must be chosen carefully
Handle tensors Vulnerability details Impact The variable timeWindow in the formula of valuation/README.md must be chosen carefully. In fact, it should probably vary with the amount of user volume the protocol has on each asset. Consider what happens when timeWindow is very small 5min. A price...
CVE-2021-1074
NVIDIA GPU Display Driver for Windows installer contains a vulnerability where an attacker with local unprivileged system access may be able to replace an application resource with malicious files. This attack requires a user with system administration rights to execute the installer and requires...
Qualcomm 封闭源组件安全漏洞
A security vulnerability exists in the Qualcomm closed source component that stems from a check time or use time window when processing a store SCM command, where a pointer used may be invalid at a specific time when executing a store SCM call...
openstack-keystone: failure to check signature TTL of the EC2 credential auth method
A flaw was found in Keystone, where the restriction was not checked for the Signature Version 4 V4 process of AWS signatures issued within a limited time window. This flaw allows an attacker to capture an auth header and reuse it, potentially maintaining indefinite access...
CVE-2020-15530
An issue was discovered in Valve Steam Client 2.10.91.91. The installer allows local users to gain NT AUTHORITY\SYSTEM privileges because some parts of %PROGRAMFILESX86%\Steam and/or %COMMONPROGRAMFILESX86%\Steam have weak permissions during a critical time window. An attacker can make this time...
openstack-keystone: failure to check signature TTL of the EC2 credential auth method
A flaw was found in Keystone, where the restriction was not checked for the Signature Version 4 V4 process of AWS signatures issued within a limited time window. This flaw allows an attacker to capture an auth header and reuse it, potentially maintaining indefinite access...
GHSA-54MG-VGRP-MWX9 Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) in Ratpack
Ratpack versions before 1.6.1 generate a session ID using a cryptographically weak PRNG in the JDK's ThreadLocalRandom. This means that if an attacker can determine a small window for the server start time and obtain a session ID value, they can theoretically determine the sequence of session IDs...
Linux kernel denial of service vulnerability (CNVD-2018-06440)
The Linux kernel is a computer operating system kernel written in C and assembly language, compliant with the POSIX standard, and distributed under the GNU General Public License. A denial of service vulnerability exists in the Linux kernel prior to 4.14.4. The vulnerability arises because the...
CVE-2017-11717
MetInfo through 5.3.17 accepts the same CAPTCHA response for 120 seconds, which makes it easier for remote attackers to bypass intended challenge requirements by modifying the client-server data stream, as demonstrated by the login/findpass page...
USN-2710-1 openssh vulnerabilities
Moritz Jodeit discovered that OpenSSH incorrectly handled usernames when using PAM authentication. If an additional vulnerability were discovered in the OpenSSH unprivileged child process, this issue could allow a remote attacker to perform user impersonation. CVE number pending Moritz Jodeit...
UBUNTU-CVE-2015-5352
The x11openhelper function in channels.c in ssh in OpenSSH before 6.9, when ForwardX11Trusted mode is not used, lacks a check of the refusal deadline for X connections, which makes it easier for remote attackers to bypass intended access restrictions via a connection outside of the permitted time...
CVE-2014-2033
The caching feature in SGOS in Blue Coat ProxySG 5.5 through 5.5.11.3, 6.1 through 6.1.6.3, 6.2 through 6.2.15.3, 6.4 through 6.4.6.1, and 6.3 and 6.5 before 6.5.4 allows remote authenticated users to bypass intended access restrictions during a time window after account deletion or modification ...
Design/Logic Flaw
A certain Red Hat patch to the KVM subsystem in the kernel package before 2.6.32-358.11.1.el6 on Red Hat Enterprise Linux RHEL 6 does not properly implement the PV EOI feature, which allows guest OS users to cause a denial of service host OS crash by leveraging a time window during which interrup...