Authentication flaw

Circontrol CirCarLife all versions prior to 4.3.1, the PAP credentials of the device are stored in clear text in a log file that is accessible without authentication...

CVE-2018-17922

Circontrol CirCarLife all versions prior to 4.3.1, the PAP credentials of the device are stored in clear text in a log file that is accessible without authentication...

CVE-2018-17922

Circontrol CirCarLife all versions prior to 4.3.1, the PAP credentials of the device are stored in clear text in a log file that is accessible without authentication...

CVE-2018-1876

IBM Robotic Process Automation with Automation Anywhere 11 could under certain cases, display the password in a Control Room log file after installation. IBM X-Force ID: 151707...

CVE-2018-1876

IBM Robotic Process Automation with Automation Anywhere 11 could under certain cases, display the password in a Control Room log file after installation. IBM X-Force ID: 151707...

CVE-2018-17922

Circontrol CirCarLife all versions prior to 4.3.1, the PAP credentials of the device are stored in clear text in a log file that is accessible without authentication...

CVE-2018-17922

CVE-2018-17922 affects Circontrol CirCarLife: all versions before 4.3.1. The PAP credentials are stored in clear text in a log file that is accessible without authentication, enabling credential exposure. NVD lists a CVSSv3 base score of 9.8 (CRITICAL) with remote, unauthenticated access and impa...

ELM Upgrade failed because of a failed dependency check for audit-libs-python

When upgrading the ELM you receive a notification that the ELM upgrade failed, and you should revert to your snapshot and try again. That doesn't help. The ELM upgrade process is logged in /var/log/Unidesk/ApplianceUpgrader.log. It's a chatty log, but you can bring it up in an editor vi, nano,...

openSUSE Security Update : wpa_supplicant (openSUSE-2018-1316)

This update for wpasupplicant provides the following fixes : This security issues was fixe : - CVE-2018-14526: Under certain conditions, the integrity of EAPOL-Key messages was not checked, leading to a decryption oracle. An attacker within range of the Access Point and client could have abused t...

openSUSE: Security Advisory for wpa_supplicant (openSUSE-SU-2018:3539-1)

The remote host is missing an update for the Copyright C 2018 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Security update for wpa_supplicant (moderate)

This update for wpasupplicant provides the following fixes: This security issues was fixe: - CVE-2018-14526: Under certain conditions, the integrity of EAPOL-Key messages was not checked, leading to a decryption oracle. An attacker within range of the Access Point and client could have abused the...

CVE-2018-17447

An Information Exposure Through Log Files issue was discovered in Citrix SD-WAN 10.1.0 and NetScaler SD-WAN 9.3.x before 9.3.6 and 10.0.x before 10.0.4...

Information disclosure

Dell EMC Secure Remote Services, versions prior to 3.32.00.08, contains an Information Exposure vulnerability. The log file contents store sensitive data including executed commands to generate authentication tokens which may prove useful to an attacker for crafting malicious authentication token...

CVE-2018-15765

CVE-2018-15765 affects Dell EMC Secure Remote Services prior to 3.32.00.08. The vulnerability is an Information Exposure in which log files contain sensitive data, including executed commands that generate authentication tokens. This data could help an attacker craft malicious authentication toke...

CVE-2018-8527

An information disclosure vulnerability exists in Microsoft SQL Server Management Studio SSMS when parsing a malicious XEL file containing a reference to an external entity, aka "SQL Server Management Studio Information Disclosure Vulnerability." This affects SQL Server Management Studio 17.9, SQ...

November 8, 2016 — KB3198585 (OS Build 10240.17190)

November 8, 2016 — KB3198585 OS Build 10240.17190 This update includes quality improvements and security updates. No new operating system features are being introduced in this update. Key changes include: Addressed issue to update the Access Point Name APN database. Addressed issue with deadlocks...

CVE-2018-1670

IBM Financial Transaction Manager for ACH Services for Multi-Platform 3.0.2 could allow an authenticated user to obtain sensitive product configuration information from log files. IBM X-Force ID: 144946...

CVE-2018-1768

IBM Spectrum Protect Plus 10.1.0 and 10.1.1 could disclose sensitive information when an authorized user executes a test operation, the user id an password may be displayed in plain text within an instrumentation log file. IBM X-Force ID: 148622...

UBUNTU-CVE-2018-14624

A vulnerability was discovered in 389-ds-base through versions 1.3.7.10, 1.3.8.8 and 1.4.0.16. The lock controlling the error log was not correctly used when re-opening the log file in logerroremergency. An attacker could send a flood of modifications to a very large DN, which would cause slapd t...

libfsclfs Denial of Service Vulnerability

libfsclfs is a library and tool for accessing the Common Log File System CLFS. A denial-of-service vulnerability exists in the 'libfsclfsblockread' function of the libfsclfsblock.c file in libfsclfs 2018-07-25 and earlier versions, which can be exploited by a remote attacker with the help of a...