Siemens SCALANCE W700/W1700 CVE-2018-14526 Information Disclosure Vulnerability

Description Siemens SCALANCE W700 and W1700 is prone to an information disclosure vulnerability. An attacker can exploit this issue to obtain sensitive information. Successful exploits may lead to other attacks. The following versions of SCALANCE W700 and W1700 are affected: Siemens SCALANCE W700...

SpotAuditor 5.3.2 Local Buffer Overflow

Exploit Title: SpotAuditor 5.3.2 - 'Base64' Local Buffer Overflow SEH Exploit Author: Kirill Nikolaev Date: 2019-12-06 Vulnerable Software: SpotAuditor Vendor Homepage: http://www.nsauditor.com/ Version: 5.3.2 Software Link: http://spotauditor.nsauditor.com/downloads/spotauditorsetup.exe Tested...

New Linux Bug Lets Attackers Hijack Encrypted VPN Connections

A team of cybersecurity researchers has disclosed a new severe vulnerability affecting most Linux and Unix-like operating systems, including FreeBSD, OpenBSD, macOS, iOS, and Android, that could allow remote 'network adjacent attackers' to spy on and tamper with encrypted VPN connections. The...

CVE-2019-5263

HiSuite with 9.1.0.305 and earlier versions and 9.1.0.305MAC and earlier versions and HwBackup with earlier versions before 9.1.1.308 have a brute forcing encrypted backup data vulnerability. Huawei smartphone user backup information can be obtained by brute forcing the password for encrypting th...

CVE-2019-5263

HiSuite with 9.1.0.305 and earlier versions and 9.1.0.305MAC and earlier versions and HwBackup with earlier versions before 9.1.1.308 have a brute forcing encrypted backup data vulnerability. Huawei smartphone user backup information can be obtained by brute forcing the password for encrypting th...

Information disclosure

HiSuite with 9.1.0.305 and earlier versions and 9.1.0.305MAC and earlier versions and HwBackup with earlier versions before 9.1.1.308 have a brute forcing encrypted backup data vulnerability. Huawei smartphone user backup information can be obtained by brute forcing the password for encrypting th...

CVE-2019-5263

HiSuite with 9.1.0.305 and earlier versions and 9.1.0.305MAC and earlier versions and HwBackup with earlier versions before 9.1.1.308 have a brute forcing encrypted backup data vulnerability. Huawei smartphone user backup information can be obtained by brute forcing the password for encrypting th...

CVE-2012-6655

An issue exists AccountService 0.6.37 in the userchangepasswordauthorizedcb function in user.c which could let a local users obtain encrypted passwords...

DEBIAN-CVE-2012-6655

An issue exists AccountService 0.6.37 in the userchangepasswordauthorizedcb function in user.c which could let a local users obtain encrypted passwords...

AZL-44049 CVE-2012-6655 affecting package accountsservice for versions less than 23.13.9-1

An issue exists AccountService 0.6.37 in the userchangepasswordauthorizedcb function in user.c which could let a local users obtain encrypted passwords...

CVE-2012-6655

An issue exists AccountService 0.6.37 in the userchangepasswordauthorizedcb function in user.c which could let a local users obtain encrypted passwords...

UBUNTU-CVE-2012-6655

An issue exists AccountService 0.6.37 in the userchangepasswordauthorizedcb function in user.c which could let a local users obtain encrypted passwords...

CVE-2012-6655

CVE-2012-6655 affects AccountService (accountsservice) 0.6.37, where a flaw in the user_change_password_authorized_cb() function in user.c could allow a local user to obtain encrypted passwords. The connected records confirm the vulnerable component and the root cause, but do not provide a vendor...

CVE-2012-6655

An issue exists AccountService 0.6.37 in the userchangepasswordauthorizedcb function in user.c which could let a local users obtain encrypted passwords...

CVE-2012-6655

An issue exists AccountService 0.6.37 in the userchangepasswordauthorizedcb function in user.c which could let a local users obtain encrypted passwords...

PT-2019-6818 · Freedesktop +3 · Accountsservice +3

Name of the Vulnerable Software and Affected Versions: AccountService version 0.6.37 Description: An issue exists in the user change password authorized cb function in user.c, which could let a local user obtain encrypted passwords. Recommendations: For version 0.6.37, consider restricting access...

Unspecified Vulnerability in CloudBees Jenkins QMetry for JIRA-Test Management Plugin

CloudBees Jenkins Hudson Labs is a set of U.S. CloudBees company based on Java development of continuous integration tools. The product is mainly used to monitor the continuous software version release/testing project and some timed tasks . QMetry for JIRA-Test Management Plugin is used in one of...

Nextcloud: Improper confidentiality protection of server-side encryption keys

This vulnerability is related to the Improper integrity protection of server-side encryption keys vulnerability but leverages a different attack vector. While the previous attack broke the confidentiality of encrypted files because the public keys are not integrity-protected, this new attack brea...

CVE-2019-15801

An issue was discovered on Zyxel GS1900 devices with firmware before 2.50AAHH.0C0. The firmware image contains encrypted passwords that are used to authenticate users wishing to access a diagnostics or password-recovery menu. Using the hardcoded cryptographic key found elsewhere in the firmware,...

CVE-2019-15799

An issue was discovered on Zyxel GS1900 devices with firmware before 2.50AAHH.0C0. User accounts created through the web interface of the device, when given non-admin level privileges, have the same level of privileged access as administrators when connecting to the device via SSH while their...