EVE Has Partially Predetermined Vault Key

Impact The deriveVaultKey function calls retrieveCloudKey which always returns "foobarfoobarfoobarfoobarfoobarfo". When merged with the randomly generated 32-byte key using mergeKeys 16 bytes from each, the last 16 bytes are always "arfoobarfoobarfo". This enables an attacker with physical access...

EUVD-2020-6645

Malware in sbrugna...

EUVD-2008-0630

Malware in sbrugna...

EUVD-2007-3904

Malware in sbrugna...

EUVD-2019-4195

Malware in sbrugna...

EUVD-2023-34351

Malicious code in bioql PyPI...

EUVD-2023-48037

Malicious code in bioql PyPI...

EUVD-2025-21410

Malicious code in bioql PyPI...

EUVD-2021-28867

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2024-4025

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A Denial of Service DoS condition has been discovered in GitLab CE/EE affecting all versions from 7.10 prior before 16.11.5, version 17.0 before 17.0.3, and 17....

Dell PowerProtect Data Domain 安全漏洞

Dell PowerProtect Data Domain Dell PowerProtect DD is a suite of hardware appliances for data protection, backup, storage, and deduplication from Dell USA. A security vulnerability exists in Dell PowerProtect Data Domain that stems from an authentication bypass that could lead to a protection...

CVE-2025-6265

CVE-2025-6265 affects Zyxel NWA50AX PRO firmware versions 7.10(ACGE.2) and earlier. A path traversal vulnerability exists in the file_upload-cgi CGI program that could allow an authenticated administrator to access certain directories and delete files (e.g., the configuration file) on the device....

CVE-2022-31266

In ILIAS through 7.10, lack of verification when changing an email address on the Profile Page allows remote attackers to take over accounts...

CVE-2019-14752

SuiteCRM 7.10.x and 7.11.x before 7.10.20 and 7.11.8 has XSS...

Canonical Ubuntu Linux SEoL (7.10.x)

According to its version, Canonical Ubuntu Linux is 7.10.x. It is, therefore, no longer maintained by its vendor or provider. Lack of support implies that no new security patches for the product will be released by the vendor. As a result, it may contain security vulnerabilities. %NASLMINLEVEL...

BIT-SUITECRM-2020-8784

SuiteCRM 7.10.x versions prior to 7.10.23 and 7.11.x versions prior to 7.11.11 allow SQL Injection issue 2 of 4...

BIT-SUITECRM-2020-8786

SuiteCRM 7.10.x versions prior to 7.10.23 and 7.11.x versions prior to 7.11.11 allow SQL Injection issue 4 of 4...

BIT-SUITECRM-2020-8787

SuiteCRM 7.10.x versions prior to 7.10.23 and 7.11.x versions prior to 7.11.11 allow for an invalid Bean ID to be submitted...

BIT-SUITECRM-2021-41869

SuiteCRM 7.10.x before 7.10.33 and 7.11.x before 7.11.22 is vulnerable to privilege escalation...

PT-2023-28893

Name of the Vulnerable Software and Affected Versions SoftwareX versions prior to 7.10 Description The issue arises from the implementation of deriveVaultKey, which generates a vault key with the last 16 bytes predetermined to be "arfoobarfoobarfo". This occurs because deriveVaultKey calls...