210 matches found
AZL-34190 CVE-2024-0690 affecting package ansible for versions less than 2.14.12-2
An information disclosure flaw was found in ansible-core due to a failure to respect the ANSIBLENOLOG configuration in some scenarios. Information is still included in the output in certain tasks, such as loop items. Depending on the task, this issue may include sensitive information, such as...
AZL-34539 CVE-2024-0690 affecting package ansible for versions less than 2.17.0-1
An information disclosure flaw was found in ansible-core due to a failure to respect the ANSIBLENOLOG configuration in some scenarios. Information is still included in the output in certain tasks, such as loop items. Depending on the task, this issue may include sensitive information, such as...
DEBIAN-CVE-2024-0690
An information disclosure flaw was found in ansible-core due to a failure to respect the ANSIBLENOLOG configuration in some scenarios. Information is still included in the output in certain tasks, such as loop items. Depending on the task, this issue may include sensitive information, such as...
CVE-2024-0690
An information disclosure flaw was found in ansible-core due to a failure to respect the ANSIBLENOLOG configuration in some scenarios. Information is still included in the output in certain tasks, such as loop items. Depending on the task, this issue may include sensitive information, such as...
PYSEC-2024-36
An information disclosure flaw was found in ansible-core due to a failure to respect the ANSIBLENOLOG configuration in some scenarios. It was discovered that information is still included in the output in certain tasks, such as loop items. Depending on the task, this issue may include sensitive...
PYSEC-2024-36
An information disclosure flaw was found in ansible-core due to a failure to respect the ANSIBLENOLOG configuration in some scenarios. It was discovered that information is still included in the output in certain tasks, such as loop items. Depending on the task, this issue may include sensitive...
PT-2024-1818
Name of the Vulnerable Software and Affected Versions ansible-core affected versions not specified Description An information disclosure flaw was found in ansible-core due to a failure to respect the ANSIBLE NO LOG configuration in some scenarios. Information is still included in the output in...
CVE-2023-33283
Marval MSM through 14.19.0.12476 uses a static encryption key for secrets. An attacker that gains access to encrypted secrets can decrypt them by using this key...
Minas – on the way to complexity
Sometimes when investigating an infection and focusing on a targeted attack, we come across something we were not expecting. The case described below is one such occurrence. In June 2022, we found a suspicious shellcode running in the memory of a system process. We decided to dig deeper and...
PT-2023-22074 · Nextcloud +2 · Nextcloud Desktop Client +2
Name of the Vulnerable Software and Affected Versions: Nextcloud Desktop Client versions 3.0.0 through 3.6.4 Description: A malicious server administrator can gain full access to an end-to-end encrypted folder, allowing them to decrypt files, recover the folder structure, and add new files...
CVE-2021-36689
An issue discovered in com.samourai.wallet.PinEntryActivity.java in Streetside Samourai Wallet 0.99.96i allows attackers to view sensitive information and decrypt data via a brute force attack that uses a recovered samourai.dat file. The PIN is 5 to 8 digits, which may be insufficient in this...
SUSE CVE-2018-12374
Plaintext of decrypted emails can leak through by user submitting an embedded form by pressing enter key within a text input field. This vulnerability affects Thunderbird 52.9...
SUSE CVE-2021-26315
When the AMD Platform Security Processor PSP boot rom loads, authenticates, and subsequently decrypts an encrypted FW, due to insufficient verification of the integrity of decrypted image, arbitrary code may be executed in the PSP when encrypted firmware images are used...
SUSE CVE-2022-39249
Matrix Javascript SDK is the Matrix Client-Server SDK for JavaScript. Prior to version 19.7.0, an attacker cooperating with a malicious homeserver can construct messages appearing to have come from another person. Such messages will be marked with a grey shield on some platforms, but this may be...
Charles V of Spain Secret Code Cracked
Diplomatic code cracked after 500 years: In painstaking work backed by computers, Pierrot found "distinct families" of about 120 symbols used by Charles V. "Whole words are encrypted with a single symbol" and the emperor replaced vowels coming after consonants with marks, she said, an inspiration...
PT-2022-24849 · Unknown · Matrix Ios Sdk
Name of the Vulnerable Software and Affected Versions: Matrix iOS SDK versions prior to 0.23.19 Description: The issue allows an attacker, in cooperation with a malicious homeserver, to construct messages that appear to come from another person. These messages may be marked with a grey shield on...
Mozilla: Leaking of sensitive information when composing a response to an HTML email with a META refresh tag
A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes the issue of a Thunderbird user replying to a crafted HTML email containing a meta tag, with the meta tag having the http-equiv="refresh" attribute and the content attribute specifying an URL. Thunderbird started a...
Diagnostic data to collect for Citrix Tech Support when a Citrix Browser App fails to launch
To find out what is going wrong when a Citrix browser app fails to launch, tech support needs: Decrypted Fiddler traces, the output from the terminal window, and Citrix Browser debug logs...
Hacking the Sony Playstation 5
I just dont think its possible to create a hack-proof computer system, especially when the system is physically in the hands of the hackers. The Sony Playstation 5 is the latest example: Hackers may have just made some big strides towards possibly jailbreaking the PlayStation 5 over the weekend,...
DEBIAN-CVE-2021-31855
KDE Messagelib through 5.17.0 reveals cleartext of encrypted messages in some situations. Deleting an attachment of a decrypted encrypted message stored on a remote server e.g., an IMAP server causes KMail to upload the decrypted content of the message to the remote server. With a crafted message...