10 matches found
EUVD-2018-20791
Malware in sbrugna...
Code injection
A plaintext recovery of encrypted messages or a Man-in-the-middle MiTM attack on RSA PKCS 1 v1.5 encryption may be possible without knowledge of the server's private key. Fortinet FortiOS 5.4.6 to 5.4.9, 6.0.0 and 6.0.1 are vulnerable by such attack under VIP SSL feature when CPx being used...
CVE-2018-9194
A plaintext recovery of encrypted messages or a Man-in-the-middle MiTM attack on RSA PKCS 1 v1.5 encryption may be possible without knowledge of the server's private key. Fortinet FortiOS 5.4.6 to 5.4.9, 6.0.0 and 6.0.1 are vulnerable by such attack under VIP SSL feature when CPx being used...
CVE-2018-9194
A plaintext recovery of encrypted messages or a Man-in-the-middle MiTM attack on RSA PKCS 1 v1.5 encryption may be possible without knowledge of the server's private key. Fortinet FortiOS 5.4.6 to 5.4.9, 6.0.0 and 6.0.1 are vulnerable by such attack under VIP SSL feature when CPx being used...
CVE-2018-9194
A plaintext recovery of encrypted messages or a Man-in-the-middle MiTM attack on RSA PKCS 1 v1.5 encryption may be possible without knowledge of the server's private key. Fortinet FortiOS 5.4.6 to 5.4.9, 6.0.0 and 6.0.1 are vulnerable by such attack under VIP SSL feature when CPx being used...
CVE-2018-9194
CVE-2018-9194 relates to a plaintext recovery/MiTM vulnerability in RSA PKCS#1 v1.5 encryption exposed under Fortinet FortiOS VIP SSL when CPx is used, affecting FortiOS 5.4.6–5.4.9 and 6.0.0–6.0.1. The issue arises without knowledge of the server’s private key. Connected sources identify the vul...
CVE-2018-9194
A plaintext recovery of encrypted messages or a Man-in-the-middle MiTM attack on RSA PKCS 1 v1.5 encryption may be possible without knowledge of the server's private key. Fortinet FortiOS 5.4.6 to 5.4.9, 6.0.0 and 6.0.1 are vulnerable by such attack under VIP SSL feature when CPx being used...
j-infosys.de XSS vulnerability
Vulnerable URL: http://www.j-infosys.de/kontaktform.php Details: Description| Value ---|--- Patched:| No Latest check for patch:| 07.08.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 16733368 VIP website status:| No Check j-infosys.de SSL connection:| Grade: F...
xerox.com XSS vulnerability
Vulnerable URL: https://www.xerox.com/annualreport/2005/flashdetection.swf?flashContentURL=javascript:alert%27OPENBUGBOUNTY%27 Details: Description| Value ---|--- Patched:| Yes, at Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 12146 VIP website status:| Yes Check...
aceselectronics.co.uk XSS vulnerability
Vulnerable URL: http://www.aceselectronics.co.uk/templates/meibai/meibai95.php/"--!" Details: Description| Value ---|--- Patched:| Yes, at Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| Unknown / Not calculated VIP website status:| No Check aceselectronics.co.uk SS...