Lucene search
K

210 matches found

OSV
OSV
added 2024/02/06 12:15 p.m.6 views

AZL-34190 CVE-2024-0690 affecting package ansible for versions less than 2.14.12-2

An information disclosure flaw was found in ansible-core due to a failure to respect the ANSIBLENOLOG configuration in some scenarios. Information is still included in the output in certain tasks, such as loop items. Depending on the task, this issue may include sensitive information, such as...

5.5CVSS6.7AI score0.00301EPSS
Exploits0References1
OSV
OSV
added 2024/02/06 12:15 p.m.7 views

AZL-34539 CVE-2024-0690 affecting package ansible for versions less than 2.17.0-1

An information disclosure flaw was found in ansible-core due to a failure to respect the ANSIBLENOLOG configuration in some scenarios. Information is still included in the output in certain tasks, such as loop items. Depending on the task, this issue may include sensitive information, such as...

5.5CVSS5.7AI score0.00301EPSS
Exploits0References1
OSV
OSV
added 2024/02/06 12:15 p.m.3 views

DEBIAN-CVE-2024-0690

An information disclosure flaw was found in ansible-core due to a failure to respect the ANSIBLENOLOG configuration in some scenarios. Information is still included in the output in certain tasks, such as loop items. Depending on the task, this issue may include sensitive information, such as...

5.5CVSS6.9AI score0.00301EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2024/02/06 12:15 p.m.33 views

CVE-2024-0690

An information disclosure flaw was found in ansible-core due to a failure to respect the ANSIBLENOLOG configuration in some scenarios. Information is still included in the output in certain tasks, such as loop items. Depending on the task, this issue may include sensitive information, such as...

5.5CVSS6.8AI score0.00301EPSS
Exploits0References3
PyPA
PyPA
added 2024/02/06 12:15 p.m.9 views

PYSEC-2024-36

An information disclosure flaw was found in ansible-core due to a failure to respect the ANSIBLENOLOG configuration in some scenarios. It was discovered that information is still included in the output in certain tasks, such as loop items. Depending on the task, this issue may include sensitive...

5.5CVSS8.4AI score0.00301EPSS
Exploits0References6Affected Software1
OSV
OSV
added 2024/02/06 12:15 p.m.3 views

PYSEC-2024-36

An information disclosure flaw was found in ansible-core due to a failure to respect the ANSIBLENOLOG configuration in some scenarios. It was discovered that information is still included in the output in certain tasks, such as loop items. Depending on the task, this issue may include sensitive...

5.5CVSS6.9AI score0.00301EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2024/01/18 12:0 a.m.5 views

PT-2024-1818

Name of the Vulnerable Software and Affected Versions ansible-core affected versions not specified Description An information disclosure flaw was found in ansible-core due to a failure to respect the ANSIBLE NO LOG configuration in some scenarios. Information is still included in the output in...

5.5CVSS6.7AI score0.00301EPSS
Exploits0References107
Vulnrichment
Vulnrichment
added 2023/06/07 12:0 a.m.6 views

CVE-2023-33283

Marval MSM through 14.19.0.12476 uses a static encryption key for secrets. An attacker that gains access to encrypted secrets can decrypt them by using this key...

6.9AI score0.00108EPSS
Exploits1References1
Securelist
Securelist
added 2023/05/17 10:0 a.m.30 views

Minas – on the way to complexity

Sometimes when investigating an infection and focusing on a targeted attack, we come across something we were not expecting. The case described below is one such occurrence. In June 2022, we found a suspicious shellcode running in the memory of a system process. We decided to dig deeper and...

7.3AI score
Exploits0
Positive Technologies
Positive Technologies
added 2023/04/04 12:0 a.m.3 views

PT-2023-22074 · Nextcloud +2 · Nextcloud Desktop Client +2

Name of the Vulnerable Software and Affected Versions: Nextcloud Desktop Client versions 3.0.0 through 3.6.4 Description: A malicious server administrator can gain full access to an end-to-end encrypted folder, allowing them to decrypt files, recover the folder structure, and add new files...

8.8CVSS6.1AI score0.04698EPSS
Exploits10References37
Vulnrichment
Vulnrichment
added 2023/03/03 12:0 a.m.4 views

CVE-2021-36689

An issue discovered in com.samourai.wallet.PinEntryActivity.java in Streetside Samourai Wallet 0.99.96i allows attackers to view sensitive information and decrypt data via a brute force attack that uses a recovered samourai.dat file. The PIN is 5 to 8 digits, which may be insufficient in this...

6.5AI score0.00295EPSS
Exploits1References2
SUSE CVE
SUSE CVE
added 2023/02/15 4:26 a.m.2 views

SUSE CVE-2018-12374

Plaintext of decrypted emails can leak through by user submitting an embedded form by pressing enter key within a text input field. This vulnerability affects Thunderbird 52.9...

3.1CVSS8.9AI score0.02042EPSS
Exploits0References6
SUSE CVE
SUSE CVE
added 2023/02/15 3:44 a.m.5 views

SUSE CVE-2021-26315

When the AMD Platform Security Processor PSP boot rom loads, authenticates, and subsequently decrypts an encrypted FW, due to insufficient verification of the integrity of decrypted image, arbitrary code may be executed in the PSP when encrypted firmware images are used...

7.8CVSS7.8AI score0.0016EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 3:23 a.m.3 views

SUSE CVE-2022-39249

Matrix Javascript SDK is the Matrix Client-Server SDK for JavaScript. Prior to version 19.7.0, an attacker cooperating with a malicious homeserver can construct messages appearing to have come from another person. Such messages will be marked with a grey shield on some platforms, but this may be...

7.5CVSS9AI score0.00946EPSS
Exploits0References4
Schneier on Security
Schneier on Security
added 2022/11/29 12:19 p.m.11 views

Charles V of Spain Secret Code Cracked

Diplomatic code cracked after 500 years: In painstaking work backed by computers, Pierrot found "distinct families" of about 120 symbols used by Charles V. "Whole words are encrypted with a single symbol" and the emperor replaced vowels coming after consonants with marks, she said, an inspiration...

0.2AI score
Exploits0
Positive Technologies
Positive Technologies
added 2022/09/28 12:0 a.m.4 views

PT-2022-24849 · Unknown · Matrix Ios Sdk

Name of the Vulnerable Software and Affected Versions: Matrix iOS SDK versions prior to 0.23.19 Description: The issue allows an attacker, in cooperation with a malicious homeserver, to construct messages that appear to come from another person. These messages may be marked with a grey shield on...

7.5CVSS7.2AI score0.0072EPSS
Exploits0References8
RedHat Linux
RedHat Linux
added 2022/09/26 2:54 p.m.3 views

Mozilla: Leaking of sensitive information when composing a response to an HTML email with a META refresh tag

A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes the issue of a Thunderbird user replying to a crafted HTML email containing a meta tag, with the meta tag having the http-equiv="refresh" attribute and the content attribute specifying an URL. Thunderbird started a...

8.1CVSS7.6AI score0.00768EPSS
Exploits0References6
Citrix
Citrix
added 2021/12/15 12:0 a.m.12 views

Diagnostic data to collect for Citrix Tech Support when a Citrix Browser App fails to launch

To find out what is going wrong when a Citrix browser app fails to launch, tech support needs: Decrypted Fiddler traces, the output from the terminal window, and Citrix Browser debug logs...

7AI score
Exploits0
Schneier on Security
Schneier on Security
added 2021/11/10 12:17 p.m.14 views

Hacking the Sony Playstation 5

I just dont think its possible to create a hack-proof computer system, especially when the system is physically in the hands of the hackers. The Sony Playstation 5 is the latest example: Hackers may have just made some big strides towards possibly jailbreaking the PlayStation 5 over the weekend,...

7AI score
Exploits0
OSV
OSV
added 2021/06/02 4:15 p.m.4 views

DEBIAN-CVE-2021-31855

KDE Messagelib through 5.17.0 reveals cleartext of encrypted messages in some situations. Deleting an attachment of a decrypted encrypted message stored on a remote server e.g., an IMAP server causes KMail to upload the decrypted content of the message to the remote server. With a crafted message...

6.5CVSS6.5AI score0.00604EPSS
Exploits0References1
Rows per page
Query Builder