Collaborate Disseminate
CPU hardware implementations are vulnerable to cache side-channel attacks. These vulnerabilities are referred to as Meltdown and Spectre. Continue reading VU#584653: CPU hardware vulnerable to side-channel attacks
TLS implementations may disclose side channel information via discrepancies between valid and invalid PKCS#1 padding,and may therefore be vulnerable to Bleichenbacher-style attacks. This attack is known as a"ROBOT attack". Continue reading VU#144389: TLS implementations may disclose side channel information via discrepancies between valid and invalid PKCS#1 padding
Apple MacOS High Sierra fails to properly require authentication for disabled accounts,such as root account,which can allow an authenticated user to obtain root privileges. Continue reading VU#113765: Apple MacOS High Sierra disabled account authentication bypass
Install Norton Security for Mac,prior to version 7.6,does not validate SSL certificates. Continue reading VU#681983: Install Norton Security for Mac does not verify SSL certificates
Install Norton Security for Mac,prior to version 7.6,does not validate SSL certificates. Continue reading VU#681983: Install Norton Security for Mac does not verify SSL certificates
Microsoft Windows 8 introduced a change in how system-wide mandatory ASLR is implemented. This change requires system-wide bottom-up ASLR to be enabled for mandatory ASLR to receive entropy. Tools that enable system-wide ASLR without also setting bottom-up ASLR will fail to properly randomize executables that do not opt in to ASLR. Continue reading VU#817544: Windows 8 and later fail to properly randomize all applications if system-wide mandatory ASLR is enabled via EMET or Windows Defender Exploit Guard
Microsoft Windows 8 introduced a change in how system-wide mandatory ASLR is implemented. This change requires system-wide bottom-up ASLR to be enabled for mandatory ASLR to receive entropy. Tools that enable system-wide ASLR without also setting bottom-up ASLR will fail to properly randomize executables that do not opt in to ASLR. Continue reading VU#817544: Windows 8 and later fail to properly randomize every application if system-wide mandatory ASLR is enabled via EMET or Windows Defender Exploit Guard
Microsoft Equation Editor contains a stack buffer overflow,which can allow a remote,unauthenticated attacker to execute arbitrary code on a vulnerable system. Continue reading VU#421280: Microsoft Office Equation Editor stack buffer overflow
Microsoft Equation Editor contains a stack buffer overflow,which can allow a remote,unauthenticated attacker to execute arbitrary code on a vulnerable system. Continue reading VU#421280: Microsoft Office Equation Editor stack buffer overflow
The P1735 IEEE standard describes methods for encrypting electronic-design intellectual property(IP),as well as the management of access rights for such IP. The methods are flawed and,in the most egregious cases,enable attack vectors that allow recovery of the entire underlying plaintext IP. Implementations of IEEE P1735 may be weak to cryptographic attacks that allow an attacker to obtain plaintext intellectual property without the key,among other impacts. Continue reading VU#739007: IEEE P1735 implementations may have weak cryptographic protections