14 matches found
PandaX 安全漏洞
PandaX is a Go language open source low-code development framework for enterprise IoT platforms from PandaX Open Source. A security vulnerability exists in PandaX that stems from incorrect manipulation of the parameter key in the file config.yml, which could lead to the use of hard-coded keys...
EUVD-2021-24321
Malware in sbrugna...
gotribe 信任管理问题漏洞
gotribe is gotribe open source a small cms solution for Go + Vue development. A trust management issue vulnerability exists in gotribe, which stems from the fact that manipulation of the parameter config.key results in hard-coded credentials...
PT-2024-38824 · Go Tribe · Go-Tribe
Name of the Vulnerable Software and Affected Versions: Go-Tribe gotribe up to cd3ccd32cd77852c9ea73f986eaf8c301cfb6310 Description: A critical vulnerability has been found in Go-Tribe gotribe. The issue affects the function Sign of the file pkg/token/token.go. The manipulation of the argument...
CVE-2024-33895
Cosy+ devices running a firmware 21.x below 21.2s10 or a firmware 22.x below 22.1s3 use a unique key to encrypt the configuration parameters. This is fixed in version 21.2s10 and 22.1s3, the key is now unique per device...
CVE-2021-37842
metakv in Couchbase Server 7.0.0 uses Cleartext for Storage of Sensitive Information. Remote Cluster XDCR credentials can get leaked in debug logs. Config key tombstone purging was added in Couchbase Server 7.0.0. This issue happens when a config key, which is being logged, has a tombstone purger...
Design/Logic Flaw
metakv in Couchbase Server 7.0.0 uses Cleartext for Storage of Sensitive Information. Remote Cluster XDCR credentials can get leaked in debug logs. Config key tombstone purging was added in Couchbase Server 7.0.0. This issue happens when a config key, which is being logged, has a tombstone purger...
CVE-2021-37842
CVE-2021-37842 affects Couchbase Server 7.0.0 (metakv). The issue arises from using cleartext storage of sensitive information, enabling potential leakage of Remote Cluster XDCR credentials in debug logs when a config key being logged has an attached tombstone purge timestamp. The Connected docum...
CVE-2021-37842
metakv in Couchbase Server 7.0.0 uses Cleartext for Storage of Sensitive Information. Remote Cluster XDCR credentials can get leaked in debug logs. Config key tombstone purging was added in Couchbase Server 7.0.0. This issue happens when a config key, which is being logged, has a tombstone purger...
OPENSUSE-SU-2019:1284-1 Security update for ceph
This update for ceph version 13.2.4 fixes the following issues: Security issues fixed: - CVE-2018-14662: Fixed an issue with LUKS 'config-key' safety bsc1111177 - CVE-2018-10861: Fixed an authorization bypass on OSD pool ops in ceph-mon bsc1099162 - CVE-2018-1128: Fixed signature check bypass in...
CVE-2019-10060
The Verix Multi-app Conductor application 2.7 for Verifone Verix suffers from a buffer overflow vulnerability that allows attackers to execute arbitrary code via a long configuration key value. An attacker must be able to download files to the device in order to exploit this vulnerability...
SUSE SLED15 / SLES15 Security Update : ceph (SUSE-SU-2019:0586-1)
This update for ceph version 13.2.4 fixes the following issues : Security issues fixed : CVE-2018-14662: Fixed an issue with LUKS 'config-key' safety bsc1111177 CVE-2018-10861: Fixed an authorization bypass on OSD pool ops in ceph-mon bsc1099162 CVE-2018-1128: Fixed signature check bypass in ceph...
MODX Revolution 'setup/controllers/welcome.php' file remote code execution vulnerability
MODX Revolution is a PHP-based open source content management system CMS from the U.S. company MODX. The system supports online collaboration, search engine optimization SEO, add-ons and more. A security vulnerability exists in the setup/controllers/welcome.php file in MODX Revolution 2.5.4-pl an...
XLAtunes 0.1 - album SQL Injection
XLAtunes 0.1 - album SQL Injection Critical Status:High Found By:Bl0od3r Download:http://www.scriptdungeon.com/script.php?ScriptID=2844 Greetz:all my friends fuckz:Donh4cky0u for steeling hacks of others,for his 100% noobility,for his noobass.DON your an idiot.fucka. - confkey-Password...