CVE-2025-67809

An issue was discovered in Zimbra Collaboration ZCS 10.0 and 10.1. A hardcoded Flickr API key and secret are present in the publicly accessible Flickr Zimlet used by Zimbra Collaboration. Because these credentials are embedded directly in the Zimlet, any unauthorized party could retrieve them and...

CVE-2011-5117

Sophos SafeGuard Enterprise Device Encryption 5.x through 5.50.8.13, Sophos SafeGuard Easy Device Encryption Client 5.50.x, and Sophos Disk Encryption 5.50.x have a delay before removal of 1 out-of-date credentials and 2 invalid credentials, which allows physically proximate attackers to defeat t...

Improper Removal of Sensitive Information Before Storage or Transfer

Overview Affected versions of this package are vulnerable to Improper Removal of Sensitive Information Before Storage or Transfer via the rest.AnonymousClientConfig method that does not effectively clear service account credentials loaded using rest.InClusterConfig. An attacker can gain...

CVE-2011-5117

Sophos SafeGuard Enterprise Device Encryption 5.x through 5.50.8.13, Sophos SafeGuard Easy Device Encryption Client 5.50.x, and Sophos Disk Encryption 5.50.x have a delay before removal of 1 out-of-date credentials and 2 invalid credentials, which allows physically proximate attackers to defeat t...