138 matches found
PT-2025-1228 · Mercedes Benz · Mercedes-Benz Head-Unit Ntg6
Name of the Vulnerable Software and Affected Versions: Mercedes-Benz head-unit NTG6 affected versions not specified Description: The issue is related to a race condition in the Mercedes-Benz head-unit NTG6, which can be exploited by connecting to the Ethernet pins on the Base Board. This allows a...
The vulnerability of the CI/CD application deployment and integration teamcity backup file of JetBrains, which allows a hacker to expose user credentials and session cookie files.
The vulnerability of the CI/CD application deployment and integration team environment from JetBrains TeamCity is related to improper cross-border deletion of critical data. Exploiting this vulnerability can allow a malicious actor to access user credentials and cookie session files remotely...
Svakom Siime Eye 安全漏洞
Svakom Siime Eye is a smart home device from Svakom USA. A security vulnerability exists in Svakom Siime Eye version 14.1.00000001.3.330.0.0.3.14, which originates from the fact that when a backup file is created through the web interface, information about all users can be found in plaintext in...
CVE-2024-42019
A vulnerability that allows an attacker to access the NTLM hash of the Veeam Reporter Service service account. This attack requires user interaction and data collected from Veeam Backup & Replication...
PT-2024-6472 · Veeam · Veeam Reporter Service +1
Name of the Vulnerable Software and Affected Versions: Veeam Reporter Service affected versions not specified Description: A vulnerability exists in Veeam Reporter Service that allows an attacker to access the NTLM hash of the service account. This attack requires user interaction and data...
Alternative Method for Migrating Backups to Hardened Linux Repository
Please review the information in this article closely before performing any actions documented herein. This article documents a series of steps that if not performed precisely as documented, could result in data loss. Purpose This article documents an alternative method for migrating backups from...
CVE-2023-6750
The Clone WordPress plugin before 2.4.3 uses buffer files to store in-progress backup informations, which is stored at a publicly accessible, statically defined file path...
WordPress Plugin Clone Security Vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed using the PHP language, which supports personal blogs on PHP and MySQL servers.WordPress plugin is an...
CVE-2023-6271
The Backup Migration WordPress plugin before 1.3.6 stores in-progress backups information in easy to find, publicly-accessible files, which may allow attackers monitoring those to leak sensitive information from the site's backups...
WordPress Plugin Backup Migration Staging Security Vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed using the PHP language, which supports personal blog sites on PHP and MySQL servers.WordPress plugin is an...
Fedora 39 : borgbackup (2023-467632ecbe)
The remote Fedora 39 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2023-467632ecbe advisory. fix for CVE-2023-36811: spoofed archive leads to data loss Please note that starting with borgbackup 1.2.5 all borg repos must use TAM authentication:...
CVE-2023-30735
Improper Preservation of Permissions vulnerability in SAssistant prior to version 8.7 allows local attackers to access backup data in SAssistant...
CVE-2023-30735
Improper Preservation of Permissions vulnerability in SAssistant prior to version 8.7 allows local attackers to access backup data in SAssistant...
Design/Logic Flaw
Improper Preservation of Permissions vulnerability in SAssistant prior to version 8.7 allows local attackers to access backup data in SAssistant...
CVE-2023-30735
Improper Preservation of Permissions vulnerability in SAssistant prior to version 8.7 allows local attackers to access backup data in SAssistant...
CVE-2023-30735
Improper Preservation of Permissions vulnerability in SAssistant prior to version 8.7 allows local attackers to access backup data in SAssistant...
PT-2023-22938 · Unknown · S Assistant
Name of the Vulnerable Software and Affected Versions: SAssistant versions prior to 8.7 Description: The issue allows local attackers to access backup data in SAssistant due to an improper preservation of permissions. This enables unauthorized access to sensitive information. Recommendations: For...
CVE-2023-36811
borgbackup is an opensource, deduplicating archiver with compression and authenticated encryption. A flaw in the cryptographic authentication scheme in borgbackup allowed an attacker to fake archives and potentially indirectly cause backup data loss in the repository. The attack requires an...
CVE-2023-36811 Archive spoofing vulnerability in borgbackup
borgbackup is an opensource, deduplicating archiver with compression and authenticated encryption. A flaw in the cryptographic authentication scheme in borgbackup allowed an attacker to fake archives and potentially indirectly cause backup data loss in the repository. The attack requires an...
CVE-2023-36811
borgbackup is an opensource, deduplicating archiver with compression and authenticated encryption. A flaw in the cryptographic authentication scheme in borgbackup allowed an attacker to fake archives and potentially indirectly cause backup data loss in the repository. The attack requires an...