15 matches found
EUVD-2020-22032
Malware in sbrugna...
EUVD-2017-6517
Malware in sbrugna...
EUVD-2018-2713
Malware in sbrugna...
EUVD-2021-29721
Malicious code in bioql PyPI...
PT-2025-30715 · Hcl · Hcl Iem
Name of the Vulnerable Software and Affected Versions: HCL IEM affected versions not specified Description: HCL IEM is affected by a password in cleartext issue. Sensitive information is transmitted without adequate protection, potentially exposing it to unauthorized access during transit...
Amazon Linux 2023 : ghostscript, ghostscript-gtk, ghostscript-tools-dvipdf (ALAS2023-2025-1000)
It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2025-1000 advisory. gslibctxstashsanitizedarg in base/gslibctx.c in Artifex Ghostscript before 10.05.1 lacks argument sanitization for the case. A created PDF document includes its password in cleartext. CVE-2025-48708...
[SECURITY] [DLA 2374-1] gnome-shell security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-2374-1 [email protected] https://www.debian.org/lts/security/ Chris Lamb September 15, 2020 https://wiki.debian.org/LTS -...
Medium: golang
Issue Overview: Arbitrary code execution during go get or go get -d: Go before 1.8.4 and 1.9.x before 1.9.1 allows "go get" remote command execution. Using custom domains, it is possible to arrange things so that example.com/pkg1 points to a Subversion repository but example.com/pkg1/pkg2 points ...
CVE-2017-15042
An unintended cleartext issue exists in Go before 1.8.4 and 1.9.x before 1.9.1. RFC 4954 requires that, during SMTP, the PLAIN auth scheme must only be used on network connections secured with TLS. The original implementation of smtp.PlainAuth in Go 1.0 enforced this requirement, and it was...
CVE-2017-15042
An unintended cleartext issue exists in Go before 1.8.4 and 1.9.x before 1.9.1. RFC 4954 requires that, during SMTP, the PLAIN auth scheme must only be used on network connections secured with TLS. The original implementation of smtp.PlainAuth in Go 1.0 enforced this requirement, and it was...
CVE-2017-15042
An unintended cleartext issue exists in Go before 1.8.4 and 1.9.x before 1.9.1. RFC 4954 requires that, during SMTP, the PLAIN auth scheme must only be used on network connections secured with TLS. The original implementation of smtp.PlainAuth in Go 1.0 enforced this requirement, and it was...
Design/Logic Flaw
An unintended cleartext issue exists in Go before 1.8.4 and 1.9.x before 1.9.1. RFC 4954 requires that, during SMTP, the PLAIN auth scheme must only be used on network connections secured with TLS. The original implementation of smtp.PlainAuth in Go 1.0 enforced this requirement, and it was...
CVE-2017-15042
CVE-2017-15042 affects Go up to 1.8.4 and 1.9.x up to 1.9.1, where smtp.PlainAuth could leak credentials to a MITM SMTP server that advertises PLAIN without STARTTLS. The issue arises from server decisions on PLAIN acceptance, allowing username/password to be sent in cleartext on non-TLS connecti...
CVE-2017-15042
An unintended cleartext issue exists in Go before 1.8.4 and 1.9.x before 1.9.1. RFC 4954 requires that, during SMTP, the PLAIN auth scheme must only be used on network connections secured with TLS. The original implementation of smtp.PlainAuth in Go 1.0 enforced this requirement, and it was...
CVE-2017-15042
Removed by vendor...