Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
truecrypt vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2007-1738
TrueCrypt 4.3, when installed setuid root, allows local users to cause a denial of service (filesystem unavailability) or gain privileges by mounting a crafted TrueCrypt volume, as demonstrated using (1) /usr/bin or (2) another user's home directory, a different issue than C...
Truecrypt Foundation Truecrypt 3.0
Truecrypt Foundation Truecrypt 4.0
Truecrypt Foundation Truecrypt 4.1
Truecrypt Foundation Truecrypt 4.2
Truecrypt Foundation Truecrypt 4.3
1 EDB exploit
NA
CVE-2007-1589
TrueCrypt prior to 4.3, when set-euid mode is used on Linux, allows local users to cause a denial of service (filesystem unavailability) by dismounting a volume mounted by a different user.
Truecrypt Foundation Truecrypt 4.2
Truecrypt Foundation Truecrypt 4.2a
Truecrypt Foundation Truecrypt 4.0
Truecrypt Foundation Truecrypt 4.1
NA
CVE-2006-2183
Untrusted search path vulnerability in Truecrypt 4.1, when running suid root on Linux, allows local users to execute arbitrary commands and gain privileges via a modified PATH environment variable that references a malicious mount command.
Truecrypt Foundation Truecrypt 4.1
3.3
CVSSv3
CVE-2014-2884
The ProcessVolumeDeviceControlIrp function in Ntdriver.c in TrueCrypt 7.1a allows local users to bypass access restrictions and obtain sensitive information about arbitrary files via a (1) TC_IOCTL_OPEN_TEST or (2) TC_IOCTL_GET_SYSTEM_DRIVE_CONFIG IOCTL call.
Truecrypt Project Truecrypt 7.1
7.1
CVSSv3
CVE-2014-2885
Multiple integer overflows in TrueCrypt 7.1a allow local users to (1) obtain sensitive information via vectors involving a crafted item->OriginalLength value in the MainThreadProc function in EncryptedIoQueue.c or (2) cause a denial of service (memory consumption) via vectors ...
Truecrypt Project Truecrypt 7.1
NA
CVE-2008-3899
TrueCrypt 5.0 stores pre-boot authentication passwords in the BIOS Keyboard buffer and does not clear this buffer before and after use, which allows local users to obtain sensitive information by reading the physical memory locations associated with this buffer. NOTE: the researc...
Truecrypt Foundation Truecrypt 5.0
7.8
CVSSv3
CVE-2015-7358
The IsDriveLetterAvailable method in Driver/Ntdriver.c in TrueCrypt 7.0, VeraCrypt prior to 1.15, and CipherShed, when running on Windows, does not properly validate drive letter symbolic links, which allows local users to mount an encrypted volume over an existing drive letter a...
Ciphershed Ciphershed
Truecrypt Truecrypt 7.0
Idrix Veracrypt
1 EDB exploit
1 Article
7.8
CVSSv3
CVE-2015-7359
The (1) IsVolumeAccessibleByCurrentUser and (2) MountDevice methods in Ntdriver.c in TrueCrypt 7.0, VeraCrypt prior to 1.15, and CipherShed, when running on Windows, do not check the impersonation level of impersonation tokens, which allows local users to impersonate a user at Se...
Truecrypt Truecrypt 7.0
Ciphershed Ciphershed
Idrix Veracrypt
1 Article
7.8
CVSSv3
CVE-2016-1281
Untrusted search path vulnerability in the installer for TrueCrypt 7.2 and 7.1a, VeraCrypt prior to 1.17-BETA, and possibly other products allows local users to execute arbitrary code with administrator privileges and conduct DLL hijacking attacks via a Trojan horse DLL in the &q...
Idrix Truecrypt 7.1
Idrix Veracrypt
Idrix Truecrypt 7.2
3.3
CVSSv3
CVE-2019-1010208
IDRIX, Truecrypt Veracrypt, Truecrypt before 1.23-Hotfix-1 (Veracrypt), all versions (Truecrypt) is affected by: Buffer Overflow. The impact is: Minor information disclosure of kernel stack. The component is: Veracrypt NT Driver (veracrypt.sys). The attack vector is: Locally exec...
Idrix Truecrypt
Idrix Veracrypt
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-2907
hardcoded
inject
CVE-2024-20359
CVE-2024-2467
CVE-2024-4077
CVE-2024-22391
camera
CVE-2024-20353
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »