EUVD-2014-3500

Malware in sbrugna...

EUVD-2022-5669

Malicious code in bioql PyPI...

SUSE CVE-2014-3495

duplicity 0.6.24 has improper verification of SSL certificates...

FTP backend for Duplicity Discloses Passwords to Process Listing

The FTP backend for Duplicity before 0.4.9 sends the password as a command line argument when calling ncftp, which might allow local users to read the password by listing the process and its arguments...

GHSA-WXCW-RQXC-HJ85 FTP backend for Duplicity Discloses Passwords to Process Listing

The FTP backend for Duplicity before 0.4.9 sends the password as a command line argument when calling ncftp, which might allow local users to read the password by listing the process and its arguments...

duplicity trust management issue vulnerability

duplicity is a Linux-based file compression and backup utility. A trust management issue vulnerability exists in duplicity version 0.6.24. The vulnerability stems from the lack of an effective trust management mechanism in a networked system or product. An attacker can exploit default passwords o...

DEBIAN-CVE-2014-3495

duplicity 0.6.24 has improper verification of SSL certificates...

CVE-2014-3495

duplicity 0.6.24 has improper verification of SSL certificates...

CVE-2014-3495

duplicity 0.6.24 has improper verification of SSL certificates...

CVE-2014-3495

duplicity 0.6.24 has improper verification of SSL certificates...

Input validation

duplicity 0.6.24 has improper verification of SSL certificates...

UBUNTU-CVE-2014-3495

duplicity 0.6.24 has improper verification of SSL certificates...

CVE-2014-3495

duplicity 0.6.24 has improper verification of SSL certificates...

CVE-2014-3495

CVE-2014-3495 affects duplicity 0.6.24, with the root cause described as improper verification of SSL certificates. The CVSS v3.1 base score is 7.5 (HIGH), driven by confidentiality impact. Exploitation details, affected environments, and remediation steps are not provided in the supplied documen...

CVE-2014-3495

duplicity 0.6.24 has improper verification of SSL certificates...

CVE-2007-5201

The FTP backend for Duplicity before 0.4.9 sends the password as a command line argument when calling ncftp, which might allow local users to read the password by listing the process and its arguments...

Low: Red Hat Security Advisory: libvirt security and bug fix update

An update for libvirt is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE...

[SECURITY] [DLA 773-2] python-crypto regression update

Package : python-crypto Version : 2.6-4+deb7u5 CVE ID : CVE-2013-7459 Debian Bug : 849495, 850025, 850077 It was discovered that there was a regression in the recent update to python-crypto, a cryptographic algorithms and protocols for Python. We now raise a warning not an error on invalid input ...

Fedora Update for duplicity FEDORA-2015-2923

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Updated librsync packages fix security vulnerabilities

Updated librsync packages fix security vulnerability: librsync before 1.0.0 used a truncated MD4 "strong" check sum to match blocks. However, MD4 is not cryptographically strong. It's possible that an attacker who can control the contents of one part of a file could use it to control other region...