angr (>=9.2.187 <=9.2.214), angr-management (>=9.2.187 <=9.2.214) +25 more potentially affected by unknown CVE via uefi-firmware (=1.11.0)

uefi-firmware PYPI version =1.11.0 is affected by a known vulnerability. The following packages have a transitive dependency on uefi-firmware and may be impacted: - angr =9.2.187, =9.2.187, =1.0.0rc2, =1.0.7, =1.0.4, =9.2.7, =0.0.1, =9.2.187, =1.0.3, =0.1.0, =2.3.2, =0.1.0, =0.1.5 and more Source...

cle-en-main.net Cross Site Scripting vulnerability OBB-2813894

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

cle-en-main.net Cross Site Scripting vulnerability OBB-2283309

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

cle-en-main.net Cross Site Scripting vulnerability OBB-1463547

Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

cle-usb-publicitaire.pro Cross Site Scripting vulnerability OBB-1192305

Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

Code injection

apinit on Cray devices with CLE before 4.2.UP02 and 5.x before 5.1.UP00 does not use alpsauth data to validate the UID in a launch message, which allows local users to gain privileges via a modified aprun program, aka ID FN5912...

CVE-2014-0748

CVE-2014-0748 affects Cray Aprun/Apinit on Cray supercomputers. The issue arises from the apinit service not validating the UID in launch messages received via aprun against the ALPS-authenticated UID, allowing a local user to escalate privileges to root on a compute node. Affected versions were ...

CVE-2014-0748

apinit on Cray devices with CLE before 4.2.UP02 and 5.x before 5.1.UP00 does not use alpsauth data to validate the UID in a launch message, which allows local users to gain privileges via a modified aprun program, aka ID FN5912...

[mwrlabs advisory][CVE-2014-0748] Cray Aprun/Apinit Privilege Escalation

Cray Aprun/Apinit Privilege Escalation ====================================== MWR have identified a vulnerability which allows users to escalate their privileges to root on Cray supercomputers. This advisory details the vulnerability and the patches which Cray customers can apply in order to...

Default credentials

The Client Login Extension CLE in Novell Identity Manager before 3.5.1 20070730 stores the username and password in a local file, which allows local users to obtain sensitive information by reading this file...

CVE-2007-4526

CVE-2007-4526 concerns the Client Login Extension (CLE) in Novell Identity Manager prior to version 3.5.1 20070730 . The vulnerability arises because CLE stores usernames and passwords in a local file, enabling local users to read sensitive credentials from the filesystem. The provided sources co...