IBM BigFix Platform Information Disclosure Vulnerability (CNVD-2018-21187)

IBM BigFix Platform is a dynamic set of IBM's integrated messaging content-driven and management system multi-technology platform. A security vulnerability exists in IBM BigFix Platform versions 9.5 through 9.5.9. A local attacker could exploit the vulnerability to read user credentials...

samba: Weak authentication protocol regression

A flaw was found in the way samba allowed the use of weak NTLMv1 authentication even when NTLMv1 was explicitly disabled. A man-in-the-middle attacker could use this flaw to read the credential and other details passed between the samba server and client...

PT-2012-1275 · Red Hat · Jboss Eap +1

Name of the Vulnerable Software and Affected Versions: JBoss AS versions 5.0 and earlier JBoss EAP versions 5.0 and earlier Description: The issue allows local users to read credentials by listing the process and its arguments, as twiddle.sh in JBoss AS and EAP accepts credentials as command-line...

GLSA-200701-12 : Mono: Information disclosure

The remote host is affected by the vulnerability described in GLSA-200701-12 Mono: Information disclosure Jose Ramon Palanco has discovered that the System.Web class in the XSP for the ASP.NET server 1.1 through 2.0 in Mono does not properly validate or sanitize local pathnames which could allow...