EUVD-2016-1294

Malware in sbrugna...

CVE-2023-31135 Dgraph Audit Log Encryption nonce reuse

Dgraph is an open source distributed GraphQL database. Existing Dgraph audit logs are vulnerable to brute force attacks due to nonce collisions. The first 12 bytes come from a baseIv which is initialized when an audit log is created. The last 4 bytes come from the length of the log line being...

Design/Logic Flaw

Potential for arbitrary code execution in npm package @thi.ng/egf gpg-tagged property values only if decrypt: true option is enabled. PR with patch has been submitted and will has been released as of v0.4.0 By default the EGF parse functions do NOT attempt to decrypt values since GPG only availab...

Oracle Linux 6 : gnupg2 (ELSA-2018-2180)

The remote Oracle Linux 6 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2018-2180 advisory. 2.0.14-9 - fix CVE-2018-12020 - missing sanitization of original filename Tenable has extracted the preceding description block directly from the Oracle Linux...

Information disclosure

Information Disclosure can occur in encryptionProfiles.jsd in Hitek Software's Automize because of the Read attribute being set for Users. This allows an attacker to recover encrypted passwords for GPG Encryption profiles. Verified in all 10.x versions up to and including 10.25, and all 11.x...

CVE-2016-10103

Information Disclosure can occur in encryptionProfiles.jsd in Hitek Software's Automize because of the Read attribute being set for Users. This allows an attacker to recover encrypted passwords for GPG Encryption profiles. Verified in all 10.x versions up to and including 10.25, and all 11.x...

CVE-2016-10103

Affected software/product: Hitek Software Automize. Vulnerability: Information disclosure in encryptionProfiles.jsd caused by the Read attribute being set for Users, enabling recovery of encrypted passwords for GPG Encryption profiles. Root cause / affected component: Read permission on User data...

CVE-2016-10103

Information Disclosure can occur in encryptionProfiles.jsd in Hitek Software's Automize because of the Read attribute being set for Users. This allows an attacker to recover encrypted passwords for GPG Encryption profiles. Verified in all 10.x versions up to and including 10.25, and all 11.x...

SUSE-SU-2015:0512-1 Security update for kdebase4-runtime

kdebase4-runtime has been updated to fix one security issue: CVE-2013-7252: Added gpg based encryption support to kwallet bnc857200. Security Issues: CVE-2013-7252...

SquirrelMail G/PGP Encryption Plug-in 2.0 Command Execution Vuln

Exploit for unknown platform in category web applications ================================================================ SquirrelMail G/PGP Encryption Plug-in 2.0 Command Execution Vuln ================================================================ SquirrelMail G/PGP Encryption Plug-in Remote...