38 matches found
[SECURITY] Fedora 44 Update: openbao-2.5.4-1.fc44
Openbao secures, stores, and tightly controls access to tokens, passwords, certificates, API keys, and other secrets in modern computing. Openbao handles leasing, key revocation, key rolling, and auditing. Through a unified API, us ers can access an encrypted Key/Value store and network...
[SECURITY] Fedora 44 Update: openbao-2.5.3-1.fc44
Openbao secures, stores, and tightly controls access to tokens, passwords, certificates, API keys, and other secrets in modern computing. Openbao handles leasing, key revocation, key rolling, and auditing. Through a unified API, us ers can access an encrypted Key/Value store and network...
[SECURITY] Fedora 42 Update: openbao-2.5.3-1.fc42
Openbao secures, stores, and tightly controls access to tokens, passwords, certificates, API keys, and other secrets in modern computing. Openbao handles leasing, key revocation, key rolling, and auditing. Through a unified API, us ers can access an encrypted Key/Value store and network...
QuickDrop 跨站脚本漏洞
QuickDrop is a self-hosted anonymous file sharing application developed by Rostislav. It supports multipart uploads and encrypted storage. Versions of QuickDrop prior to 1.5.3 had a cross-site scripting vulnerability. This vulnerability stemmed from a storage-related cross-site scripting flaw in...
Authorization Bypass Through User-Controlled Key
Overview Affected versions of this package are vulnerable to Authorization Bypass Through User-Controlled Key through the certificate issuance/auto-certification flows in api/certificate/issue.go and api/sites/autocert.go, and JSON field encryption migration in the internal/migrate. An attacker c...
Authorization Bypass Through User-Controlled Key
Overview Affected versions of this package are vulnerable to Authorization Bypass Through User-Controlled Key through the certificate issuance/auto-certification flows in api/certificate/issue.go and api/sites/autocert.go, and JSON field encryption migration in the internal/migrate. An attacker c...
Authorization Bypass Through User-Controlled Key
Overview Affected versions of this package are vulnerable to Authorization Bypass Through User-Controlled Key through the certificate issuance/auto-certification flows in api/certificate/issue.go and api/sites/autocert.go, and JSON field encryption migration in the internal/migrate. An attacker c...
CVE-2026-26104
A flaw was found in the udisks storage management daemon that allows unprivileged users to back up LUKS encryption headers without authorization. The issue occurs because a privileged D-Bus method responsible for exporting encryption metadata does not perform a policy check. As a result, sensitiv...
[SECURITY] Fedora 42 Update: openbao-2.4.3-1.fc42
Openbao secures, stores, and tightly controls access to tokens, passwords, certificates, API keys, and other secrets in modern computing. Openbao handles leasing, key revocation, key rolling, and auditing. Through a unified API, us ers can access an encrypted Key/Value store and network...
EUVD-2025-36551
Contrast has insecure LUKS2 persistent storage partitions may be opened and used...
CVE-2025-58356
Constellation is the first Confidential Kubernetes. The Constellation CVM image uses LUKS2-encrypted volumes for persistent storage. When opening an encrypted storage device, the CVM uses the libcryptsetup function cryptactivatebypasshrase. If the VM is successful in opening the partition with th...
EUVD-2006-0370
Malware in sbrugna...
EUVD-2016-6681
Malware in sbrugna...
EUVD-2022-48980
Malicious code in bioql PyPI...
EUVD-2022-37309
Malicious code in bioql PyPI...
CVE-2022-34354
IBM Sterling Partner Engagement Manager 2.0 allows encrypted storage of client data to be stored locally which can be read by another user on the system. IBM X-Force ID: 230424...
Sensitive Data Disclosure Vulnerability in Connection Configuration Endpoints
The Fides webserver has a number of endpoints that retrieve ConnectionConfiguration records and their associated secrets which can contain sensitive data e.g. passwords, private keys, etc.. These secrets are stored encrypted at rest in the application database, and the associated endpoints are no...
Velociraptor 0.7.1 Release
Written by Dr. Michael Cohen Sigma Support, ETW Multiplexing, Local Encrypted Storage and New VQL Capabilities Highlight the Last Release of 2023 Rapid7 is excited to announce that version 0.7.1 of Velociraptor is live and available for download. There are several new features and capabilities th...
Velociraptor 0.7.1 Release
Written by Dr. Michael Cohen Sigma Support, ETW Multiplexing, Local Encrypted Storage and New VQL Capabilities Highlight the Last Release of 2023 Rapid7 is excited to announce that version 0.7.1 of Velociraptor is live and available for download. There are several new features and capabilities th...
Oracle Linux 7 : firefox (ELSA-2023-5019)
The remote Oracle Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2023-5019 advisory. 102.15.0-1.0.1 - Remove upstream references Orabug: 30143292 - Update distribution for Oracle Linux Orabug: 30143292 - Add...