111 matches found
CVE-2022-34575
An access control issue in Wavlink WiFi-Repeater RPTA2-77W.M4300.01.GD.2017Sep19 allows attackers to obtain the key information of the device via accessing fctest.shtml...
CVE-2022-34574
The CVE-2022-34574 issue affects Wavlink WiFi-Repeater RPTA2-77W.M4300.01.GD.2017Sep19. Root cause: an access control flaw in the device allows an attacker to obtain key information by accessing the Tftpd32.ini file. Impact per sources: leakage of critical device information. Practical remediatio...
CVE-2022-34570
CVE-2022-34570 concerns WAVLINK WN579 X3 (M79X3.V5030.191012) where an information leak allows attackers to obtain key information by accessing the vulnerable file, messages.txt. The root cause is an access control error or insufficient access rights handling on messages.txt, as described in mult...
GnuPG through 2.3.6 in unusual situations where an attacker possesses any secret-key information from a victim's keyring and other constraints (e.g. use of GPGME) are met allows signature forgery via injection into the status line.
...
PT-2022-6745 · Gpgme +11 · Gpgme +11
Name of the Vulnerable Software and Affected Versions: GnuPG versions prior to 2.3.7 Description: The issue is related to insufficient neutralization of special elements in a request, allowing a remote attacker to access and compromise confidential data. In unusual situations where an attacker...
GHSA-5G4V-2PC6-4HH4 Ansible Sensitive Files Are Locally Readable
The vault subsystem in Ansible before 1.5.5 does not set the umask before creation or modification of a vault file, which allows local users to obtain sensitive key information by reading a file...
Ansible Sensitive Files Are Locally Readable
The vault subsystem in Ansible before 1.5.5 does not set the umask before creation or modification of a vault file, which allows local users to obtain sensitive key information by reading a file...
CVE-2021-44260
A vulnerability is in the 'livemfg.html' page of the WAVLINK AC1200, version WAVLINK-A42W-1.27.6-20180418, which can allow a remote attacker to access this page without any authentication. When processed, it exposes some key information of the manager of router...
Ivanti Workspace Control 安全漏洞
Ivanti Workspace Control RES One Workspace is a set of workspace control software from Ivanti, USA. The software includes features such as user management, application management and report management. A security vulnerability exists in versions prior to Ivanti Workspace Control 2021.2 10.7.30.0,...
How to fix “Nessus failed to load the SSH private key” error?
If you are using Nessus to scan Linux hosts and authenticate by key, you may encounter this problem. You have generated the keys correctly, placed the public key on a remote server. You can connect to this server using the private key. ssh -p22 -i privatekey [email protected] But when...
Bachmann Electronic All M-Base Controllers 加密问题漏洞
Bachmann Electronic All M-Base Controllers is a controller system from Bachmann, Germany, used to control networks. A cryptographic issue vulnerability exists in Bachmann Electronic All M-Base Controllers that stems from not properly using the relevant cryptographic algorithms, resulting in...
Hardcoded credentials
SOPlanning before 1.47 has Incorrect Access Control because certain secret key information, and the related authentication algorithm, is public. The key for admin is hardcoded in the installation code, and there is no key for publicsp which is a guest account...
v-os.ca Cross Site Scripting vulnerability OBB-1259041
Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has:       a. verified the vulnerability and confirmed its existence;       b. notified the website operator about its existence...
zonnetprovedor.net.br Cross Site Scripting vulnerability OBB-1197853
Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has:       a. verified the vulnerability and confirmed its existence;       b. notified the website operator about its existence...
hilyses.com Improper Access Control vulnerability
Open Bug Bounty ID: OBB-1160428 Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has:       a. verified the vulnerability and confirmed its existence;       b. notified the website...
CVE-2016-11049
An issue was discovered on Samsung mobile devices with software through 2016-01-16 Shannon333/308/310 chipsets. The IMEI may be retrieved and modified because of an error in managing key information. The Samsung ID is SVE-2016-5435 March 2016...
Design/Logic Flaw
An issue was discovered on Samsung mobile devices with software through 2016-01-16 Shannon333/308/310 chipsets. The IMEI may be retrieved and modified because of an error in managing key information. The Samsung ID is SVE-2016-5435 March 2016...
CVE-2016-11049
An issue was discovered on Samsung mobile devices with software through 2016-01-16 Shannon333/308/310 chipsets. The IMEI may be retrieved and modified because of an error in managing key information. The Samsung ID is SVE-2016-5435 March 2016...
CVE-2014-4658
The vault subsystem in Ansible before 1.5.5 does not set the umask before creation or modification of a vault file, which allows local users to obtain sensitive key information by reading a file...
CVE-2014-4658
The vault subsystem in Ansible before 1.5.5 does not set the umask before creation or modification of a vault file, which allows local users to obtain sensitive key information by reading a file...