Lucene search
K

55 matches found

NVD
NVD
added 2019/07/23 2:15 p.m.29 views

CVE-2019-1010208

IDRIX, Truecrypt Veracrypt, Truecrypt Prior to 1.23-Hotfix-1 Veracrypt, all versions Truecrypt is affected by: Buffer Overflow. The impact is: Minor information disclosure of kernel stack. The component is: Veracrypt NT Driver veracrypt.sys. The attack vector is: Locally executed code, IOCTL...

3.3CVSS3.6AI score0.00461EPSS
Exploits0References1
OSV
OSV
added 2019/07/23 2:15 p.m.29 views

CVE-2019-1010208

IDRIX, Truecrypt Veracrypt, Truecrypt Prior to 1.23-Hotfix-1 Veracrypt, all versions Truecrypt is affected by: Buffer Overflow. The impact is: Minor information disclosure of kernel stack. The component is: Veracrypt NT Driver veracrypt.sys. The attack vector is: Locally executed code, IOCTL...

3.3CVSS6.3AI score
Exploits0References1
Prion
Prion
added 2019/07/23 2:15 p.m.64 views

Buffer overflow

IDRIX, Truecrypt Veracrypt, Truecrypt Prior to 1.23-Hotfix-1 Veracrypt, all versions Truecrypt is affected by: Buffer Overflow. The impact is: Minor information disclosure of kernel stack. The component is: Veracrypt NT Driver veracrypt.sys. The attack vector is: Locally executed code, IOCTL...

2.1CVSS3.7AI score0.00461EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2019/07/23 1:12 p.m.1980 views

CVE-2019-1010208

CVE-2019-1010208 affects Veracrypt/NT Driver (veracrypt.sys) and prior Truecrypt/IDRIX implementations. Root cause: Buffer Overflow in the Veracrypt NT Driver leading to information disclosure on the kernel stack. Impact stated as partial kernel stack information disclosure; attack vector is loca...

3.3CVSS3.7AI score0.00461EPSS
Exploits0References1Affected Software2
Cvelist
Cvelist
added 2019/07/23 1:12 p.m.37 views

CVE-2019-1010208

IDRIX, Truecrypt Veracrypt, Truecrypt Prior to 1.23-Hotfix-1 Veracrypt, all versions Truecrypt is affected by: Buffer Overflow. The impact is: Minor information disclosure of kernel stack. The component is: Veracrypt NT Driver veracrypt.sys. The attack vector is: Locally executed code, IOCTL...

3.5AI score0.00461EPSS
Exploits0References1
The Hacker News
The Hacker News
added 2018/06/18 2:50 p.m.3 views

Apple macOS Bug Reveals Cache of Sensitive Data from Encrypted Drives

Security researchers are warning of almost a decade old issue with one of the Apple's macOS feature which was designed for users' convenience but is potentially exposing the contents of files stored on password-protected encrypted drives. Earlier this month, security researcher Wojciech Regula fr...

6.5AI score
Exploits0
The Hacker News
The Hacker News
added 2018/06/18 2:50 p.m.63 views

Apple macOS Bug Reveals Cache of Sensitive Data from Encrypted Drives

Security researchers are warning of almost a decade old issue with one of the Apple's macOS feature which was designed for users' convenience but is potentially exposing the contents of files stored on password-protected encrypted drives. Earlier this month, security researcher Wojciech Regula fr...

0.2AI score
Exploits0
Kitploit
Kitploit
added 2017/12/10 9:9 p.m.46 views

CryKeX - Linux Memory Cryptographic Keys Extractor

CryKeX - Linux Memory Cryptographic Keys Extractor Properties: Cross-platform Minimalism Simplicity Interactivity Compatibility/Portability Application Independable Process Wrapping Process Injection Dependencies: Unix - should work on any Unix-based OS BASH - the whole script root privileges...

7.2AI score
Exploits0References2
n0where
n0where
added 2017/11/28 5:0 a.m.35 views

Linux Memory Cryptographic Keys Extractor: CryKeX

Some work has been already published regarding the subject of cryptograhic keys security within DRAM. Basically, we need to find something that looks like a key entropic and specific length and then confirm its nature by analyzing the memory structure around it C data types. The idea is to dump...

0.6AI score
Exploits0References2
Kitploit
Kitploit
added 2017/11/08 9:37 p.m.34 views

Parrot Security 3.9 - Security GNU/Linux Distribution Designed with Cloud Pentesting and IoT Security in Mind

Security GNU/Linux distribution designed with cloud pentesting and IoT security in mind. It includes a full portable laboratory for security and digital forensics experts, but it also includes all you need to develop your own softwares or protect your privacy with anonymity and crypto tools...

7.3AI score
Exploits0
NVD
NVD
added 2017/10/03 1:29 a.m.17 views

CVE-2015-7359

The 1 IsVolumeAccessibleByCurrentUser and 2 MountDevice methods in Ntdriver.c in TrueCrypt 7.0, VeraCrypt before 1.15, and CipherShed, when running on Windows, do not check the impersonation level of impersonation tokens, which allows local users to impersonate a user at SecurityIdentify level an...

7.8CVSS7.7AI score0.00578EPSS
Exploits0References5
Prion
Prion
added 2017/10/03 1:29 a.m.36 views

Code injection

The 1 IsVolumeAccessibleByCurrentUser and 2 MountDevice methods in Ntdriver.c in TrueCrypt 7.0, VeraCrypt before 1.15, and CipherShed, when running on Windows, do not check the impersonation level of impersonation tokens, which allows local users to impersonate a user at SecurityIdentify level an...

4.6CVSS7.1AI score0.00578EPSS
Exploits0References5Affected Software3
NVD
NVD
added 2017/10/03 1:29 a.m.25 views

CVE-2015-7358

The IsDriveLetterAvailable method in Driver/Ntdriver.c in TrueCrypt 7.0, VeraCrypt before 1.15, and CipherShed, when running on Windows, does not properly validate drive letter symbolic links, which allows local users to mount an encrypted volume over an existing drive letter and gain privileges...

7.8CVSS7.7AI score0.01195EPSS
Exploits1References6
Cvelist
Cvelist
added 2017/10/02 7:0 p.m.22 views

CVE-2015-7358

The IsDriveLetterAvailable method in Driver/Ntdriver.c in TrueCrypt 7.0, VeraCrypt before 1.15, and CipherShed, when running on Windows, does not properly validate drive letter symbolic links, which allows local users to mount an encrypted volume over an existing drive letter and gain privileges...

7.7AI score0.01195EPSS
Exploits1References6
Cvelist
Cvelist
added 2017/10/02 7:0 p.m.18 views

CVE-2015-7359

The 1 IsVolumeAccessibleByCurrentUser and 2 MountDevice methods in Ntdriver.c in TrueCrypt 7.0, VeraCrypt before 1.15, and CipherShed, when running on Windows, do not check the impersonation level of impersonation tokens, which allows local users to impersonate a user at SecurityIdentify level an...

7.7AI score0.00578EPSS
Exploits0References5
CVE
CVE
added 2017/10/02 7:0 p.m.45 views

CVE-2015-7359

CVE-2015-7359 concerns the Windows kernel driver in TrueCrypt 7.0, VeraCrypt (before 1.15), and CipherShed. The flaw: IsVolumeAccessibleByCurrentUser and MountDevice do not validate the impersonation level of tokens, allowing local users to impersonate a user at SecurityIdentify level and access ...

7.8CVSS7.6AI score0.00578EPSS
Exploits0References5Affected Software3
CVE
CVE
added 2017/10/02 7:0 p.m.90 views

CVE-2015-7358

CVE-2015-7358 affects TrueCrypt 7.0, VeraCrypt (before 1.15), and CipherShed; the IsDriveLetterAvailable check in the Windows driver (Driver/Ntdriver.c) fails to validate drive-letter symbolic links, enabling a local attacker to remap a system drive and gain full privileges via the GLOBAL?? entry...

7.8CVSS7.6AI score0.01195EPSS
Exploits1References6Affected Software3
NVD
NVD
added 2017/01/23 9:59 p.m.18 views

CVE-2016-1281

Untrusted search path vulnerability in the installer for TrueCrypt 7.2 and 7.1a, VeraCrypt before 1.17-BETA, and possibly other products allows local users to execute arbitrary code with administrator privileges and conduct DLL hijacking attacks via a Trojan horse DLL in the "application...

7.8CVSS7.8AI score0.00798EPSS
Exploits1References2
Prion
Prion
added 2017/01/23 9:59 p.m.89 views

Design/Logic Flaw

Untrusted search path vulnerability in the installer for TrueCrypt 7.2 and 7.1a, VeraCrypt before 1.17-BETA, and possibly other products allows local users to execute arbitrary code with administrator privileges and conduct DLL hijacking attacks via a Trojan horse DLL in the "application...

4.4CVSS7.8AI score0.00798EPSS
Exploits1References2Affected Software2
OSV
OSV
added 2017/01/23 9:59 p.m.20 views

CVE-2016-1281

Untrusted search path vulnerability in the installer for TrueCrypt 7.2 and 7.1a, VeraCrypt before 1.17-BETA, and possibly other products allows local users to execute arbitrary code with administrator privileges and conduct DLL hijacking attacks via a Trojan horse DLL in the "application...

7.8CVSS7.6AI score
Exploits0References2
Rows per page
Query Builder