サクサク読めて、アプリ限定の機能も多数!
トップへ戻る
衆院選
www.kb.cert.org
Microsoft Windows 10 gives unprivileged user access to system32\config files Vulnerability Note VU#506989 Original Release Date: 2021-07-20 | Last Revised: 2021-07-29 Overview Multiple versions of Windows 10 grant non-administrative users read access to files in the %windir%\system32\config directory. This can allow for local privilege escalation (LPE). Description With multiple versions of Window
Vulnerability Note VU#257161 Original Release Date: 2020-06-16 | Last Revised: 2022-09-20 Overview Treck IP stack implementations for embedded systems are affected by multiple vulnerabilities. This set of vulnerabilities was researched and reported by JSOF, who calls them Ripple20. Description Treck IP network stack software is designed for and used in a variety of embedded systems. The software c
Microsoft Windows task scheduler contains a local privilege escalation vulnerability in the ALPC interface Vulnerability Note VU#906424 Original Release Date: 2018-08-28 | Last Revised: 2018-09-13 Microsoft Windows task scheduler contains a local privilege escalation vulnerability in the Advanced Local Procedure Call (ALPC) interface, which can allow a local user to obtain SYSTEM privileges. The M
Ghostscript contains multiple -dSAFER sandbox bypass vulnerabilities Vulnerability Note VU#332928 Original Release Date: 2018-08-21 | Last Revised: 2019-03-13 Ghostscript contains multiple -dSAFER sandbox bypass vulnerabilities, which may allow a remote, unauthenticated attacker to execute arbitrary commands on a vulnerable system. Ghostscript contains an optional -dSAFER option, which is supposed
Vulnerability Note VU#962459 Original Release Date: 2018-08-06 | Last Revised: 2018-09-14 The Linux kernel versions 4.9+ and supported versions of FreeBSD are vulnerable to denial of service conditions with low rates of specially modified packets. CWE-400: Uncontrolled Resource Consumption ('Resource Exhaustion') - CVE-2018-5390 Linux kernel versions 4.9+ can be forced to make very expensive calls
Multiple SAML libraries may allow authentication bypass via incorrect XML canonicalization and DOM traversal Vulnerability Note VU#475445 Original Release Date: 2018-02-27 | Last Revised: 2018-06-05 Multiple SAML libraries may incorrectly utilize the results of XML DOM traversal and canonicalization APIs in such a way that an attacker may be able to manipulate the SAML data without invalidating th
Vulnerability Note VU#584653 Original Release Date: 2018-01-04 | Last Revised: 2022-01-07 Overview CPU hardware implementations are vulnerable to cache side-channel attacks. These vulnerabilities are referred to as Meltdown and Spectre. Description CPU hardware implementations are vulnerable to side-channel attacks referred to as Meltdown and Spectre. Both Spectre and Meltdown take advantage of th
Wi-Fi Protected Access (WPA) handshake traffic can be manipulated to induce nonce and session key reuse Vulnerability Note VU#228519 Original Release Date: 2017-10-16 | Last Revised: 2017-11-16 Wi-Fi Protected Access (WPA, more commonly WPA2) handshake traffic can be manipulated to induce nonce and session key reuse, resulting in key reinstallation by a wireless access point (AP) or client. An att
Microsoft Windows SMB Tree Connect Response denial of service vulnerability Vulnerability Note VU#867968 Original Release Date: 2017-02-02 | Last Revised: 2017-03-17 Microsoft Windows contains a memory corruption bug in the handling of SMB traffic, which may allow a remote, unauthenticated attacker to cause a denial of service on a vulnerable system. Microsoft Windows fails to properly handle traf
NTP.org ntpd versions ntp-4.2.7p385 up to but not including ntp-4.2.8p9 and ntp-4.3.0 up to but not including ntp-4.3.94 contain multiple denial of service vulnerabilities. NTP.org's ntpd, versions ntp-4.2.7p385 up to but not including ntp-4.2.8p9 and ntp-4.3.0 up to but not including ntp-4.3.94, contain multiple denial of service vulnerabilities. CWE-476: NULL Pointer Dereference - CVE-2016-9311
Linux kernel memory subsystem copy on write mechanism contains a race condition vulnerability Vulnerability Note VU#243144 Original Release Date: 2016-10-21 | Last Revised: 2016-11-17 The Linux kernel since version 2.6.22 contains a race condition in the way the copy on write mechanism is handled by the memory subsystem, which may be leveraged locally to gain root privileges. CWE-362: Concurrent E
CGI web servers assign Proxy header values from client requests to internal HTTP_PROXY environment variables Vulnerability Note VU#797896 Original Release Date: 2016-07-18 | Last Revised: 2016-07-19 Web servers running in a CGI or CGI-like context may assign client request Proxy header values to internal HTTP_PROXY environment variables. This vulnerability can be leveraged to conduct man-in-the-mi
Vulnerability Note VU#319816 Original Release Date: 2016-03-26 | Last Revised: 2016-03-26 npm allows packages to take actions that could result in a malicious npm package author to create a worm that spreads across the majority of the npm ecosystem. npm is the default package manager for Node.js, which is a runtime environment for developing server-side web applications. There are several factors
Network traffic encrypted using RSA-based SSL certificates over SSLv2 may be decrypted by the DROWN attack Vulnerability Note VU#583776 Original Release Date: 2016-03-01 | Last Revised: 2016-03-14 Network traffic encrypted using an RSA-based SSL certificate may be decrypted if enough SSLv2 handshake data can be collected. This is known as the "DROWN" attack in the media. According to the researche
Vendor Information for VU#591120 Multiple SSL certificate authorities use predefined email addresses as proof of domain ownership VendorStatusDate NotifiedDate UpdatedActalisAffected-26 Mar 2015CERTUMAffected-26 Mar 2015COMODO Security Solutions, Inc.Affected-26 Mar 2015ComSignAffected-26 Mar 2015e-tugraAffected-26 Mar 2015GeoTrustAffected-27 Mar 2015GlobalSignAffected-26 Mar 2015GoDaddyAffected-2
Microsoft Windows NTLM automatically authenticates via SMB when following a file:// URL Vulnerability Note VU#672268 Original Release Date: 2015-04-13 | Last Revised: 2017-09-05 Software running on Microsoft Windows that utilizes HTTP requests can be forwarded to a file:// protocol on a malicious server, which causes Windows to automatically attempt authentication via SMB to the malicious server i
Multiple SSL certificate authorities use predefined email addresses as proof of domain ownership Vulnerability Note VU#591120 Original Release Date: 2015-03-27 | Last Revised: 2015-04-07 Multiple SSL certificate authorities may issue certificates to a customer based solely on the control of certain email addresses. This may allow an attacker to obtain a valid SSL certificate to perform HTTPS spoof
Komodia Redirector with SSL Digestor installs non-unique root CA certificates and private keys, making systems broadly vulnerable to HTTPS spoofing Komodia Redirector SDK is a self-described "interception engine" designed to enable developers to integrate proxy services and web traffic modification (such as ad injection) into their applications. With the SSL Digestor module, HTTPS traffic can also
A regular expressions C library originally written by Henry Spencer is vulnerable to a heap overflow in some circumstances. CWE-122: Heap-based Buffer Overflow From the researcher, the variable len that holds the length of a regular expression string is "enlarged to such an extent that, in the process of enlarging (multiplication and addition), causes the 32 bit register/variable to overflow." It
NTP Project Network Time Protocol daemon (ntpd) contains multiple vulnerabilities (Updated) Vulnerability Note VU#852879 Original Release Date: 2014-12-19 | Last Revised: 2015-10-27 The NTP Project ntpd version 4.2.7 and pervious versions contain several vulnerabilities. ntp-keygen prior to version 4.2.7p230 also uses a non-cryptographic random number generator when generating symmetric keys. Thes
Vulnerability Note VU#978508 Original Release Date: 2014-06-05 | Last Revised: 2015-10-27 The OpenSSL security advisory states: SSL/TLS MITM vulnerability (CVE-2014-0224) =========================================== An attacker using a carefully crafted handshake can force the use of weak keying material in OpenSSL SSL/TLS clients and servers. This can be exploited by a Man-in-the-middle (MITM) att
NTP can be abused to amplify denial-of-service attack traffic Vulnerability Note VU#348126 Original Release Date: 2014-01-10 | Last Revised: 2014-08-26 UDP protocols such as NTP can be abused to amplify denial-of-service attack traffic. Servers running the network time protocol (NTP) based on implementations of ntpd prior to version 4.2.7p26 that use the default unrestricted query configuration ar
Portable SDK for UPnP Devices (libupnp) contains multiple buffer overflows in SSDP Vulnerability Note VU#922681 Original Release Date: 2013-01-29 | Last Revised: 2014-07-30 The Portable SDK for UPnP Devices libupnp library contains multiple buffer overflow vulnerabilities. Devices that use libupnp may also accept UPnP queries over the WAN interface, therefore exposing the vulnerabilities to the in
Vulnerability Note VU#625617 Original Release Date: 2013-01-10 | Last Revised: 2013-06-12 Java 7 Update 10 and earlier versions of Java 7 contain a vulnerability that can allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. The Oracle Java Runtime Environment (JRE) 1.7 allows users to run Java applications in a browser or as standalone programs. Oracle has mad
The Ruby on Rails Action Pack framework is susceptible to authentication bypass, SQL injection, arbitrary code execution, or denial of service. The Ruby on Rails advisory states: "Multiple vulnerabilities in parameter parsing in Action Pack There are multiple weaknesses in the parameter parsing code for Ruby on Rails which allows attackers to bypass authentication systems, inject arbitrary SQL, in
Vulnerability Note VU#323161 Original Release Date: 2012-12-17 | Last Revised: 2014-05-15 Adobe Shockwave Player 12.1.1.151 and earlier versions on the Windows and Macintosh operating systems provide a vulnerable version of the Flash runtime. Adobe Macromedia Shockwave Player is software that plays active web content developed in Macromedia and Adobe Director. Shockwave Player is available as an A
Samsung printers (as well as some Dell printers manufactured by Samsung) contain a hardcoded SNMP full read-write community string that remains active even when SNMP is disabled in the printer management utility. A remote, unauthenticated attacker could access an affected device with administrative read/write privileges. Secondary impacts include: the ability to make changes to the device configur
Sophos Antivirus contains multiple vulnerabilities including memory corruption issues and design flaws. Sophos Antivirus contains multiple vulnerabilities including memory corruption issues and design flaws. Tavis Ormandy's security report lists the following vulnerabilities. These vulnerabilities are new and separate from Tavis' 2011 report entitled "Sophail: A Critical Analysis of Sophos Antivir
DomainKeys Identified Mail (DKIM) Verifiers may inappropriately convey message trust Vulnerability Note VU#268267 Original Release Date: 2012-10-24 | Last Revised: 2016-03-16 DomainKeys Identified Mail (DKIM) Verifiers may inappropriately convey message trust when messages are signed using keys that are too weak (< 1024 bits) or that are marked as test keys. RFC 6376 states "DomainKeys Identified
次のページ
このページを最初にブックマークしてみませんか?
『www.kb.cert.org』の新着エントリーを見る
j次のブックマーク
k前のブックマーク
lあとで読む
eコメント一覧を開く
oページを開く
