strongSwan VPN's charon server prior to version 5.6.3 does not check packet length and may allow buffer underflow,resulting in denial …

CPU hardware utilizing speculative execution may be vulnerable to cache timing side-channel analysis. Also known as"Variant …

Mail clients may leak plaintext messages while decrypting OpenPGP and S/MIME …

In some circumstances,some operating systems or hypervisors may not expect or properly handle an Intel architecture hardware debug …

Some platforms with integrated GPUs,such as smartphones,may allow both side-channel and rowhammer attacks via WebGL,which may allow a …

When a Rich Text(RTF)email is previewed in Microsoft Outlook,remotely-hosted OLE content is retrieved without requiring any additional user …

TLS implementations may disclose side channel information via discrepancies between valid and invalid PKCS#1 padding,and may therefore be …

Apple MacOS High Sierra fails to properly require authentication for disabled accounts,such as root account,which can allow an …

Install Norton Security for Mac,prior to version 7.6,does not validate SSL …

Microsoft Windows 8 introduced a change in how system-wide mandatory ASLR is implemented. This change requires system-wide bottom-up ASLR …

Microsoft Equation Editor contains a stack buffer overflow,which can allow a remote,unauthenticated attacker to execute arbitrary code on a …

The P1735 IEEE standard describes methods for encrypting electronic-design intellectual property(IP),as well as the management of access …

Savitech provides USB audio drivers for a number of specialized audio products. Some versions of the Savitech driver package silently …

The Infineon RSA library version 1.02.013 does not properly generate RSA key pairs,which may allow an attacker to recover the RSA private …

When the Microsoft patch for meltdown is installed on a Windows 7 x64 or Windows Server 2008 R2 x64 system,an unprivileged process may be …

Navarino Infinity web interface up to version 2.2 is affected by multiple …

Bouncy Castle BKS version 1 keystore files use an HMAC that is only 16 bits long,which can allow an attacker to crack a BKS-V1 keystore …

Multiple SAML libraries may incorrectly utilize the results of XML DOM traversal and canonicalization APIs in such a way that an attacker …

The Quagga BGP daemon bgpd prior to version 1.2.3 may be vulnerable to multiple issues that may result in denial of service,information …

The Pulse Secure Linux client GUI fails to validate SSL certificates,which can allow an attacker to modify connection …

CPU hardware implementations are vulnerable to cache side-channel attacks. These vulnerabilities are referred to as Meltdown and …

The Quagga BGP daemon bpgd prior to version 1.2.3 may be vulnerable to multiple issues that may result in denial of service,information …

The Quagga BGP daemon bpgd prior to version 1.2.3 may be vulnerable to multiple issues that may result in denial of service,information …

The Pulse Secure Linux client GUI fails to validate SSL certificates,which can allow an attacker to modify connection …

CPU hardware implementations are vulnerable to side-channel attacks. These vulnerabilities are referred to as Meltdown and …

TLS implementations may disclose side channel information via discrepancies between valid and invalid PKCS#1 padding,and may therefore …

Apple MacOS High Sierra fails to properly require authentication for the root account,which can allow an authenticated user to obtain root …

Apple MacOS High Sierra fails to properly require authentication for the root account,which can allow an authenticated user to obtain root …

Install Norton Security for Mac,prior to version 7.6,does not validate SSL …