OPENSUSE-SU-2017:1748-1 Security update for kdepim, messagelib

This update for kdepim and messagelib fixes the following issues: - CVE-2017-9604: The kmail 'send later' function does not have 'sign/encryption' action ensured. boo1044210...

CVE-2017-7902

A "Reusing a Nonce, Key Pair in Encryption" issue was discovered in Rockwell Automation Allen-Bradley MicroLogix 1100 programmable-logic controllers 1763-L16AWA, Series A and B, Version 16.00 and prior versions; 1763-L16BBB, Series A and B, Version 16.00 and prior versions; 1763-L16BWA, Series A...

CVE-2016-9346

An issue was discovered in Moxa MiiNePort E1 versions prior to 1.8, E2 versions prior to 1.4, and E3 versions prior to 1.1. Configuration data are stored in a file that is not encrypted...

SUSE-SU-2016:2780-1 Security update for mysql

This mysql version update to 5.5.53 fixes the following issues: - CVE-2016-6662: Unspecified vulnerability in subcomponent Logging bsc1005580 - CVE-2016-7440: Unspecified vulnerability in subcomponent Encryption bsc1005581 - CVE-2016-5584: Unspecified vulnerability in subcomponent Encryption...

mysql: unspecified vulnerability in subcomponent: Server: Security: Encryption (CPU January 2016)

Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier, 5.6.27 and earlier, and 5.7.9 and MariaDB before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before 10.1.10 allows remote authenticated users to affect integrity via unknown vectors related to encryption...

mysql: unspecified vulnerability related to Server:Security:Encryption (CPU April 2015)

Unspecified vulnerability in Oracle MySQL Server 5.5.41 and earlier, and 5.6.22 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server : Security : Encryption...

MGASA-2015-0277 Updated java-1.7.0-openjdk package fixes security vulnerabilities

Multiple flaws were discovered in the 2D, CORBA, JMX, Libraries and RMI components in OpenJDK. An untrusted Java application or applet could use these flaws to bypass Java sandbox restrictions CVE-2015-4760, CVE-2015-2628, CVE-2015-4731, CVE-2015-2590, CVE-2015-4732, CVE-2015-4733. A flaw was fou...

CVE-2015-1959

IBM Tivoli Security Directory Server 6.0 before iFix 75, 6.1 before iFix 68, 6.2 before iFix 44, 6.3 before iFix 37, 6.3.1 before iFix 11, and 6.4 before iFix 2 does not properly restrict encrypted files, which allows local users to obtain sensitive information or possibly have unspecified other...

mysql: unspecified vulnerability related to Server:Security:Encryption (CPU Jan 2015)

Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier, and 5.6.21 and earlier, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Server : Security : Encryption...

mysql: unspecified vulnerability related to Server:Security:Encryption (CPU Jan 2015)

Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier, and 5.6.21 and earlier, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Server : Security : Encryption...

UBUNTU-CVE-2015-0411

Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier, and 5.6.21 and earlier, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Server : Security : Encryption...

Important: Red Hat Security Advisory: kernel-rt security and bug fix update

Updated kernel-rt packages that fix multiple security issues and one bug are now available for Red Hat Enterprise MRG 2.4. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severi...

CVE-2012-4571

Python Keyring 0.9.1 does not securely initialize the cipher when encrypting passwords for CryptedFileKeyring files, which makes it easier for local users to obtain passwords via a brute-force attack...

B.C. dating website hacked !

A hacker bankrupt into the online dating website Plenty of Fish aftermost week, auspiciously exporting hundreds of accounts. Markus Frind, CEO of the Vancouver-based company, said Monday all passwords accept been displace back the Jan. 18 aegis breach. He additionally said all annual users accept...

CVE-2004-2642

Yeemp 0.9.9 and earlier does not properly encrypt inbound files, which allows remote attackers to spoof the identity of the sender...

Issues In CGINews and CGIForum

Vendor : Markus Triska URL : http://triskam.virtualave.net/cginews.html Version : 1.07 And Possible Earlier & CGIForum 1.09 Risk : Weak Encryption & Info Disclosure Description: CGINews is a multi-user Web site news posting system written in Perl. Main features include: adding, updating, and...

MSIE->LinkillerSaveRef:another caller-based authorization

LinkillerSaveRef:another caller-based authorizationis broken. "that's all" is end of file if you are in a hurry tested Browser Ver MS Internet Explorer: 6.0.2600.0000.xpclntqfe.021108-2107; Encryption: 128-bit; Patch:; Q810847; So, it's far from fully patched. It also works after applying the pat...

WinMX 2.6 - Design Error

WinMX 2.6 - Design Error WinMX Design Error Vendor: Frontcode Technologies Product: WinMX Version: = 2.6 Website: http://www.winmx.com/ BID: 7771 Description: WinMX 2.6 is an older version of the popular file sharing client WinMX. While the current version is 3.31, 2.6 still remains quite popular...

CaesarFTP weak encryption

Cleartext passwords in Program FilesCesarFTPsettings.ini...

WorkforceROI Xpede 4.17.0 - Weak Password Encryption

WorkforceROI Xpede 4.17.0 - Weak Password Encryption source: https://www.securityfocus.com/bid/4344/info An issue has been reported in Xpede, which could lead to a compromise of user authentication information. Reportedly, Xpede cookies containing username and password data is stored using a weak...