Nextcloud 安全漏洞

Nextcloud is an open source suite of self-hosted file synchronization and sharing communication application platform from Nextcloud, Germany. A security vulnerability exists in Nextcloud Desktop Client version 3.0.0 through versions prior to 3.6.5. An attacker can exploit the vulnerability to gai...

PT-2023-4601 · Mirantis +7 · Mirantis Container Runtime +8

Name of the Vulnerable Software and Affected Versions: Moby versions prior to 23.0.3 Moby versions prior to 20.10.24 Mirantis Container Runtime versions prior to 20.10.16 Description: The issue is related to the encrypted overlay network feature in Moby's Swarm Mode. Encrypted overlay networks...

Fedora 37 : libldb / samba (2023-fca3bfed78)

The remote Fedora 37 host has packages installed that are affected by multiple vulnerabilities as referenced in the FEDORA-2023-fca3bfed78 advisory. Update to ldb 2.6.2 and samba 4.17.7 Security fixes for CVE-2023-0225, CVE-2023-0922, CVE-2023-0614 Tenable has extracted the preceding description...

Security Bulletin: IBM FlashSystem 9100 family and IBM Storwize V7000 2076-724 (Gen3) systems are NOT affected by security vulnerabilities CVE-2018-12037 and CVE-2018-12038

Summary IBM FlashSystem 9100 systems and Storwize V7000 2076-724 Gen3 systems are NOT affected by the security vulnerabilities where, by the absence of a cryptographic link between the password and the Disk Encryption Key, allows attackers with privileged access to SSD firmware to gain full acces...

The vulnerability of the control panel for servers and cloud services, CloudPanel, arises from the use of a rigidly encrypted cryptographic key for the SSL certificate. This allows attackers to gain unauthorized access to protected information.

The vulnerability of the control panel for servers and cloud services like CloudPanel lies in the use of a strictly encrypted cryptographic key for the SSL certificate. Exploiting this vulnerability could allow an attacker to gain unauthorized access to protected information...

Veeam Backup and Replication Authentication Bypass (KB4288)

The version of Veeam Backup and Replication installed on the remote Windows host is prior to 11.0.1.1261 P20230227 or 12.x prior to 12.0.0.1420 P20230223. It is, therefore, affected by authentication bypass vulnerability that allows encrypted credentials stored in the configuration database to be...

The vulnerability of the software for programming Mitsubishi Electric GX Works3, related to the possibility of using strictly encrypted user data, allows a intruder to gain access to protected information.

The vulnerability of the software for programming Mitsubishi Electric GX Works3 relates to the possibility of using strictly encrypted user data. Exploiting this vulnerability can allow a malicious actor to gain access to protected information...

Amazon Linux 2023 : bpftool, kernel, kernel-devel (ALAS2023-2023-070)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2023-070 advisory. 2024-04-10: CVE-2023-0461 was added to this advisory. 2024-02-01: CVE-2024-0562 was added to this advisory. 2024-02-01: CVE-2022-48619 was added to this advisory. 2023-10-10: CVE-2023-3357 was...

The vulnerability of the KVM virtualization subsystem in AMD Secure Encrypted Virtualization (SEV) in the virt/kvm/kvm_main.c kernel of the Linux operating system allows a hacker to trigger a service failure.

The vulnerability of the KVM virtualization subsystem in AMD Secure Encrypted Virtualization SEV in the virt/kvm/kvmmain.c kernel of the Linux operating system is related to a breach of processor cache integrity. Exploiting this vulnerability could allow an attacker to trigger a service failure...

PT-2025-18819

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The issue is related to the Linux kernel's fscrypt, where the keyring is not properly destroyed after security sb delete, leading to a potential NULL dereference. This problem occurs whe...

The vulnerability of the APC Easy UPS Online Monitoring Software’s software lies in its use of strictly encrypted credentials, allowing a intruder to gain unauthorized access to the target system.

The vulnerability of the APC Easy UPS Online Monitoring Software relates to the use of strictly encrypted login credentials. Exploiting this vulnerability could allow a perpetrator to gain unauthorized access to the target system...

CVE-2023-27532

Vulnerability in Veeam Backup & Replication component allows encrypted credentials stored in the configuration database to be obtained. This may lead to gaining access to the backup infrastructure hosts...

CVE-2023-27532

Vulnerability in Veeam Backup & Replication component allows encrypted credentials stored in the configuration database to be obtained. This may lead to gaining access to the backup infrastructure hosts...

Design/Logic Flaw

Vulnerability in Veeam Backup & Replication component allows encrypted credentials stored in the configuration database to be obtained. This may lead to gaining access to the backup infrastructure hosts...

CVE-2023-27532

Vulnerability in Veeam Backup & Replication component allows encrypted credentials stored in the configuration database to be obtained. This may lead to gaining access to the backup infrastructure hosts. Recent assessments: sfewer-r7 at March 14, 2023 2:49pm UTC reported: On March 7, 2023, Veeam...

Veeam Backup & Replication 访问控制错误漏洞

Veeam Backup & Replication is a backup and replication software from Veeam USA. A security vulnerability exists in Veeam Backup & Replication, which stems from allowing access to encrypted credentials stored in the configuration database, which can be exploited by an attacker to gain access to th...

CVE-2023-27532

CVE-2023-27532 affects Veeam Backup & Replication, specifically the Cloud Connect component. The vulnerability allows an unauthenticated actor inside the backup network perimeter to obtain encrypted credentials stored in the configuration database, potentially leading to access to backup infrastr...

USN-5936-1: Samba vulnerabilities

Evgeny Legerov discovered that Samba incorrectly handled buffers in certain GSSAPI routines of Heimdal. A remote attacker could possibly use this issue to cause Samba to crash, resulting in a denial of service. CVE-2022-3437 Tom Tervoort discovered that Samba incorrectly used weak rc4-hmac Kerber...

PT-2023-1918

Name of the Vulnerable Software and Affected Versions Veeam Backup & Replication versions 11.0.1.1261 through 12.0.0.1420 Description A flaw exists in the Veeam Backup & Replication software that allows an unauthenticated user with network access to obtain encrypted credentials stored in the...

CVE-2023-27532

Article Applicability This article documents a vulnerability discovered in a core service of Veeam Backup & Replication and Veeam Cloud Connect. This vulnerability does not affect other Veeam products e.g., Veeam Backup for Microsoft 365, Veeam Agent for Microsoft Windows , Veeam ONE, Veeam Servi...