[SECURITY] Fedora 36 Update: golang-github-xordataexchange-crypt-0.0.2-13.20190412gitb2862e3.fc36

Store and retrieve encrypted configs from etcd or consul...

[SECURITY] Fedora 36 Update: golang-github-google-martian-3.1.0-10.fc36

Martian Proxy is a programmable HTTP proxy designed to be used for testing. Martian is a great tool to use if you want to: - Verify that all or some subset of requests are secure - Mock external services at the network layer - Inject headers, modify cookies or perform other mutations of HTTP...

[SECURITY] Fedora 36 Update: dnscrypt-proxy-2.1.1-5.fc36

A flexible DNS proxy, with support for modern encrypted DNS protocols such as DNSCrypt v2 and DNS-over-HTTP/2. Features: - DNS traffic encryption and authentication. Supports DNS-over-HTTPS DoH and DNSCrypt. - DNSSEC compatible - DNS query monitoring, with separate log files for regular and...

FileWave 信任管理问题漏洞

FileWave is an endpoint management suite from the Swiss company FileWave. FileWave suffers from a security vulnerability that originates from the fact that an unauthenticated attacker can decrypt sensitive information stored in FileWave using a hard-coded encryption key, or even send a crafted...

The vulnerability of the Questions for Confluence application on the Atlassian Confluence Server and the Confluence Data Center, related to the possibility of using strictly encrypted user credentials, allows a hacker to gain full access to the Confluence software with the confluence-users group’s permissions.

The vulnerability of the Questions for Confluence application on the Atlassian Confluence Server web server and the Confluence Data Center is related to the possibility of using strictly encrypted user credentials. Exploiting this vulnerability could allow a malicious actor, operating remotely, t...

[SECURITY] Fedora 35 Update: golang-github-rfjakob-gocryptfs-1.8.0-6.fc35

Encrypted overlay filesystem written in Go...

SUSE: Security Advisory (SUSE-SU-2022:2417-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Slack: Hashed data exposure via WebSockets to Workspace Members

A vulnerability in Slack's system allowed for the exposure of members' email addresses and sensitive data through WebSockets. This occurred when users created or revoked a Shared Invite Link for their workspace, resulting in the transmission of hashed passwords to other workspace members. The iss...

[SECURITY] Fedora 35 Update: golang-github-xordataexchange-crypt-0.0.2-12.20190412gitb2862e3.fc35

Store and retrieve encrypted configs from etcd or consul...

[SECURITY] Fedora 35 Update: dnscrypt-proxy-2.1.1-4.fc35

A flexible DNS proxy, with support for modern encrypted DNS protocols such as DNSCrypt v2 and DNS-over-HTTP/2. Features: - DNS traffic encryption and authentication. Supports DNS-over-HTTPS DoH and DNSCrypt. - DNSSEC compatible - DNS query monitoring, with separate log files for regular and...

CVE-2022-34826

In Couchbase Server 7.1.x before 7.1.1, an encrypted Private Key passphrase may be leaked in the logs...

CVE-2022-34826

In Couchbase Server 7.1.x before 7.1.1, an encrypted Private Key passphrase may be leaked in the logs...

CVE-2022-34826

CVE-2022-34826 affects Couchbase Server 7.1.x prior to 7.1.1, where an encrypted Private Key passphrase may be leaked via logs. The issue can expose confidential data; CVSSv3.1 base score 5.9 (MEDIUM) with NETWORK attack vector, high confidentiality impact, no privileges or user interaction requi...

PT-2022-22378 · Couchbase · Couchbase Server

Name of the Vulnerable Software and Affected Versions: Couchbase Server versions 7.1.x before 7.1.1 Description: The issue concerns the potential leakage of an encrypted Private Key passphrase in the logs. Recommendations: For Couchbase Server versions 7.1.x before 7.1.1, update to version 7.1.1 ...

EulerOS Virtualization 2.10.0 : grub2 (EulerOS-SA-2022-2074)

According to the versions of the grub2 packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - A flaw in grub2 was found where its configuration file, known as grub.cfg, is being created with the wrong permission set allowing...

Couchbase Server 日志信息泄露漏洞

Couchbase Server is a distributed, open source NoSQL non-relational database from Couchbase, Inc. that supports data querying, full-text searching, and active global replication. A log message disclosure vulnerability exists in Couchbase Server 7.1.1 prior to version 7.1.x, which can be exploited...

EulerOS Virtualization 2.10.1 : grub2 (EulerOS-SA-2022-2080)

According to the versions of the grub2 packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - A flaw in grub2 was found where its configuration file, known as grub.cfg, is being created with the wrong permission set allowing...

CVE-2022-35857

kvf-admin through 2022-02-12 allows remote attackers to execute arbitrary code because deserialization is mishandled. The rememberMe parameter is encrypted with a hardcoded key from the com.kalvin.kvf.common.shiro.ShiroConfig file...

July 12, 2022—KB5015808 (OS Build 14393.5246) - EXPIRED

July 12, 2022—KB5015808 OS Build 14393.5246 - EXPIRED EXPIRATION NOTICEIMPORTANT As of March 31, 2026, this update is no longer available from the Microsoft Update Catalog or other release channels. We recommend that you update your devices to the latest version of Windows. --- 11/19/20 For...

How the FBI quietly added itself to criminals’ instant message conversations

Motherboard has disclosed some information about Operation Trojan Shield, in which the FBI intercepted messages from thousands of encrypted phones around the world. These messages are now used in courts across the world as corroborating evidence. Operation Trojan Shield The US Federal Bureau of...