Nextcloud: Bypass password confirmation via Context-dependent access control (CDCA)

A vulnerability was found in Nextcloud server that allowed bypassing password confirmation for deleting workflows. By directly sending a DELETE request to the workflow delete endpoint, an attacker could delete workflows without providing the expected password confirmation. This broken...

CVE-2013-3593

Baramundi Management Suite 7.5 through 8.9 uses cleartext for 1 client-server communication and 2 data storage, which allows remote attackers to obtain sensitive information by sniffing the network, and allows context-dependent attackers to obtain sensitive information by reading a file...