RockyLinux 10 : squid (RLSA-2025:21002)

The remote RockyLinux 10 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2025:21002 advisory. squid-cache: Squid vulnerable to information disclosure via authentication credential leakage in error handling CVE-2025-62168 Tenable has extracted the precedi...

EUVD-2013-2076

Malware in sbrugna...

EUVD-2012-4473

Malware in sbrugna...

EUVD-2020-21287

Malware in sbrugna...

EUVD-2003-0453

Malware in sbrugna...

[SECURITY] Fedora 42 Update: perl-Catalyst-Authentication-Credential-HTTP-1.019-1.fc42

This module lets you use HTTP authentication with Catalyst::Plugin::Authentication. Both basic and digest authentication are currently supported...

Fedora: Security Advisory (FEDORA-2025-d72429a1f8)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora 42 : perl-Catalyst-Authentication-Credential-HTTP (2025-d72429a1f8)

The remote Fedora 42 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2025-d72429a1f8 advisory. This update upgrade the package to version 1.019. This version fixes CVE-2025-40920 by using Crypt::SysRandom to generate nonces instead of Data::UUID. Tenab...

CVE-2025-48925

The TeleMessage service through 2025-05-05 relies on the client side e.g., the TM SGNL app to do MD5 hashing, and then accepts the hash as the authentication credential...

VulnCheck KEV: CVE-2025-48925

The TeleMessage service through 2025-05-05 relies on the client side e.g., the TM SGNL app to do MD5 hashing, and then accepts the hash as the authentication credential...

CVE-2025-48925

The TeleMessage service through 2025-05-05 relies on the client side e.g., the TM SGNL app to do MD5 hashing, and then accepts the hash as the authentication credential...

CVE-2013-2106

webauth before 4.6.1 has authentication credential disclosure...

GHSA-837Q-JHWX-CMPV Parse Server has an OAuth login vulnerability

Impact The 3rd party authentication handling of Parse Server allows the authentication credentials of some specific authentication providers to be used across multiple Parse Server apps. For example, if a user signed up using the same authentication provider in two unrelated Parse Server apps, th...

PT-2025-32585

Name of the Vulnerable Software and Affected Versions: Catalyst::Authentication::Credential::HTTP versions 1.018 and earlier Description: The software generates nonces using the Perl Data::UUID library, which does not employ a strong cryptographic source for UUID generation. Data::UUID returns v3...

Hitachi Ops Center Common Services和Hitachi Ops Center OVA 安全漏洞

Hitachi Ops Center Common Services and Hitachi Ops Center OVA are both products of Hitachi, Ltd. of Japan.Hitachi Ops Center Common Services is a component that provides Ops Center products with single sign-on capabilities and a web portal. Hitachi Ops Center OVA is a virtualization solution. A...

CVE-2024-29120 Apache StreamPark: Information leakage vulnerability

In Streampark version 2.1.4, when a user logged in successfully, the Backend service would return "Authorization" as the front-end authentication credential. User can use this credential to request other users' information, including the administrator's username, password, salt value, etc. ...

DevOps threat matrix

The use of DevOps practices, which enable organizations to deliver software more quickly and efficiently, has been on the rise. This agile approach minimizes the time-to-market of new features and bug fixes. More and more companies are implementing DevOps services, each with its own infrastructur...

Thycotic Secret Server Credentials Disclosure Vulnerability

The Remote Desktop Launcher in Thycotic Secret Server does not properly cleanup a temporary file that contains an encrypted password once a session has ended. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the...

CKEditor < 4.4.3 Preview Plugin Unspecified XSS Vulnerability

The preview plugin for CKEditor is prone to an unspecified cross-site scripting XSS vulnerability. Copyright C 2016 SCHUTZWERK GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later...

Cisco ASA Web VPN Vulnerabilities

Trustwave's SpiderLabs Security Advisory TWSL2009-002: Cisco ASA Web VPN Multiple Vulnerabilities Published: 2009-06-24 Version: 1.0 Vendor: Cisco Systems, Inc. http://www.cisco.com Versions affected: 8.04, 8.1.2, and 8.2.1 Description: Cisco's Adaptive Security Appliance ASA provides a number of...