207 matches found
EUVD-2023-37448
Malicious code in bioql PyPI...
EUVD-2024-0003
Malicious code in bioql PyPI...
EUVD-2023-53258
Malicious code in bioql PyPI...
hv_netvsc: Don't free decrypted memory
...
dma-direct: Leak pages on dma_set_decrypted() failure
...
Linux Distros Unpatched Vulnerability : CVE-2021-31855
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - KDE Messagelib through 5.17.0 reveals cleartext of encrypted messages in some situations. Deleting an attachment of a decrypted encrypted message stored on a...
Linux Distros Unpatched Vulnerability : CVE-2020-10685
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in Ansible Engine affecting Ansible Engine versions 2.7.x before 2.7.17 and 2.8.x before 2.8.11 and 2.9.x before 2.9.7 as well as Ansible Tower...
Linux Distros Unpatched Vulnerability : CVE-2024-0690
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An information disclosure flaw was found in ansible-core due to a failure to respect the ANSIBLENOLOG configuration in some scenarios. Information is still...
SUSE SLES15 Security Update : kernel RT (Live Patch 0 for SLE 15 SP6) (SUSE-SU-2025:02390-1)
The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:02390-1 advisory. This update for the Linux Kernel 6.4.0-1506008 fixes several issues. The following security issues were fixed: - CVE-2024-53146: NFSD: Prevent...
CVE-2024-25649
In Delinea PAM Secret Server 11.4, it is possible for an attacker with Administrator access to the Secret Server machine to read the following data from a memory dump: the decrypted master key, database credentials when SQL Server Authentication is enabled, the encryption key of RabbitMQ queue...
CVE-2024-36497
The decrypted configuration file contains the password in cleartext which is used to configure WINSelect. It can be used to remove the existing restrictions and disable WINSelect entirely...
CVE-2024-1639
The License Manager for WooCommerce plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the showLicenseKey and showAllLicenseKeys functions in all versions up to, and including, 3.0.6. This makes it possible for authenticated attackers, with admi...
CVE-2024-29978
User passwords are decrypted and stored on memory before any user logged in. Those decrypted passwords can be retrieved from the coredump file. As for the details of affected product names, model numbers, and versions, refer to the information provided by the respective vendors listed under...
CVE-2024-32151
User passwords are decrypted and stored on memory before any user logged in. Those decrypted passwords can be retrieved from the coredump file. As for the details of affected product names, model numbers, and versions, refer to the information provided by the respective vendors listed under...
CVE-2005-2746
Mail.app in Mail for Apple Mac OS X 10.3.9 and 10.4.2 includes message contents when using auto-reply rules, which could cause Mail.app to include decrypted message contents for encrypted messages...
CVE-2025-1993
IBM App Connect Enterprise Certified Container 8.1, 8.2, 9.0, 9.1, 9.2, 10.0, 10.1, 11.0, 11.1, 11.2, 11.3, 11.4, 11.5, 11.6, 12.0, 12.1, 12.2, 12.3, 12.4, 12.5, 12.6, 12.7, 12.8, 12.9, and 12.10 DesignerAuthoring instances store their flows in a database that is protected by weaker than expected...
CVE-2025-0123
A vulnerability in the Palo Alto Networks PAN-OS® software enables unlicensed administrators to view clear-text data captured using the packet capture feature https://docs.paloaltonetworks.com/pan-os/11-0/pan-os-admin/monitoring/take-packet-captures/take-a-custom-packet-capture in decrypted HTTP/...
CVE-2025-0123
A vulnerability in the Palo Alto Networks PAN-OS® software enables unlicensed administrators to view clear-text data captured using the packet capture feature https://docs.paloaltonetworks.com/pan-os/11-0/pan-os-admin/monitoring/take-packet-captures/take-a-custom-packet-capture in decrypted HTTP/...
uio_hv_generic: Don't free decrypted memory
...
Linux Distros Unpatched Vulnerability : CVE-2024-57793
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: virt: tdx-guest: Just leak decrypted memory on unrecoverable errors In CoCo VMs it is possib...