23 matches found
EUVD-2011-1940
Malware in sbrugna...
EUVD-2012-4787
Malware in sbrugna...
Linux Distros Unpatched Vulnerability : CVE-2011-4973
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Authentication bypass vulnerability in modnss 1.0.8 allows remote attackers to assume the identity of a valid user by using their certificate and entering...
CVE-2020-36127
Pax Technology PAXSTORE v7.0.820200511171508 and lower is affected by an information disclosure vulnerability. Through the PUK signature functionality, an administrator will not have access to the current p12 certificate and password. When accessing this functionality, the administrator has the...
GHSA-3P77-WG4C-QM24 Duplicate Advisory: Exposure of sensitive information in ClickHouse
Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-g8ph-74m6-8m7r. This link is maintained to preserve external references. Original Description Exposure of sensitive information in exceptions in ClickHouse's clickhouse-r2dbc, com.clickhouse:clickhouse-jdbc, and...
CVE-2023-43870
When installing the Net2 software a root certificate is installed into the trusted store. A potential hacker could access the installer batch file or reverse engineer the source code to gain access to the root certificate password. Using the root certificate and password they could then create...
CVE-2023-43870
When installing the Net2 software a root certificate is installed into the trusted store. A potential hacker could access the installer batch file or reverse engineer the source code to gain access to the root certificate password. Using the root certificate and password they could then create...
GHSA-G8PH-74M6-8M7R ClickHouse vulnerable to client certificate password exposure in client exception
Summary As initially reported in issue 1331, when client certificate authentication is enabled with password protection, the password referred to as the client option sslkey may be exposed in client exceptions e.g., ClickHouseException or SQLException. This vulnerability can potentially lead to...
SUSE CVE-2011-1943
The destroyonesecret function in nm-setting-vpn.c in libnm-util in the NetworkManager package 0.8.999-3.git20110526 in Fedora 15 creates a log entry containing a certificate password, which allows local users to obtain sensitive information by reading a log file...
PT-2022-21179 · Siemens · Sinema Remote Connect Server
Name of the Vulnerable Software and Affected Versions: SINEMA Remote Connect Server versions prior to V3.1 Description: A vulnerability has been identified due to improper input validation, which could allow the OpenSSL certificate's password to be printed to a file reachable by an attacker...
Citrix ADC - Error: "Invalid private key, or PEM pass phrase required for this private key" on FIPS device
When trying to export a PFX file from a certificate that has already been uploaded to the ADC, we get the error "Invalid private key, or PEM pass phrase required for this private key" , even after making sure the correct certificate and private key is selected, as well as entering the correct...
CVE-2020-36127
Pax Technology PAXSTORE v7.0.820200511171508 and lower is affected by an information disclosure vulnerability. Through the PUK signature functionality, an administrator will not have access to the current p12 certificate and password. When accessing this functionality, the administrator has the...
CVE-2020-36127
Pax Technology PAXSTORE v7.0.820200511171508 and lower is affected by an information disclosure vulnerability. Through the PUK signature functionality, an administrator will not have access to the current p12 certificate and password. When accessing this functionality, the administrator has the...
Komodia Website Under DDoS Attack
Komodia.com, home to the SSL interception module at the heart of the Superfish adware dustup, is currently under a distributed denial-of-service attack. As of 2 p.m. Eastern time, its home page had been replaced with a notice that the site was offline because it was under attack. “Some people say...
IBM Rational Developer for System z Information Disclosure Vulnerability (Windows)
This host is installed with IBM Rational Developer for System z and is prone information disclosure vulnerability. OpenVAS Vulnerability Test $Id: gbibmrationaldeveforsystemzinfodiscvulnwin.nasl 5366 2017-02-20 13:55:38Z cfi $ IBM Rational Developer for System z Information Disclosure Vulnerabili...
CVE-2011-1943
The destroyonesecret function in nm-setting-vpn.c in libnm-util in the NetworkManager package 0.8.999-3.git20110526 in Fedora 15 creates a log entry containing a certificate password, which allows local users to obtain sensitive information by reading a log file...
CVE-2011-1943
The destroyonesecret function in nm-setting-vpn.c in libnm-util in the NetworkManager package 0.8.999-3.git20110526 in Fedora 15 creates a log entry containing a certificate password, which allows local users to obtain sensitive information by reading a log file...
Design/Logic Flaw
The destroyonesecret function in nm-setting-vpn.c in libnm-util in the NetworkManager package 0.8.999-3.git20110526 in Fedora 15 creates a log entry containing a certificate password, which allows local users to obtain sensitive information by reading a log file...
CVE-2011-1943
The destroyonesecret function in nm-setting-vpn.c in libnm-util in the NetworkManager package 0.8.999-3.git20110526 in Fedora 15 creates a log entry containing a certificate password, which allows local users to obtain sensitive information by reading a log file...
CVE-2011-1943
The destroyonesecret function in nm-setting-vpn.c in libnm-util in the NetworkManager package 0.8.999-3.git20110526 in Fedora 15 creates a log entry containing a certificate password, which allows local users to obtain sensitive information by reading a log file...