EUVD-1999-0925

Malware in sbrugna...

EUVD-2025-29574

Malicious code in bioql PyPI...

CVE-2024-56429

itech iLabClient 3.7.1 relies on the hard-coded YngAYdgAE/kKZYu2F2wm6w== key found in iLabClient.jar for local users to read or write to the database...

SUSE CVE-2017-9270

In cryptctl before version 2.0 a malicious server could send RPC requests that could overwrite files outside of the cryptctl key database...

cryptctl file overwrite vulnerability

cryptctl is an open source disk encryption utility. The program sets up LUKS-based disk encryption using a randomly-generated secret key, which is kept in a dedicated secret key server. A security vulnerability exists in versions prior to cryptctl 2.0. An attacker can exploit the vulnerability by...

CVE-2017-9270

In cryptctl before version 2.0 a malicious server could send RPC requests that could overwrite files outside of the cryptctl key database...

Code injection

In cryptctl before version 2.0 a malicious server could send RPC requests that could overwrite files outside of the cryptctl key database...

CVE-2017-9270 post-auth arbitrary file write on cryptctl server

In cryptctl before version 2.0 a malicious server could send RPC requests that could overwrite files outside of the cryptctl key database...

CVE-2017-9270

CVE-2017-9270 affects cryptctl prior to version 2.0. A vulnerability in the cryptctl RPC handling allows a malicious server to send RPC requests that overwrite files outside of the cryptctl key database. Impact is arbitrary file writes outside the key DB; exploit status is not detailed in the pro...

CVE-2017-2715

The Files APP 7.1.1.309 and earlier versions in some Huawei mobile phones has a brute-force password cracking vulnerability due to the improper design of the Safe key database. An unauthorized attacker could access sensitive database information and may crack users' Safe passwords, leading to...

Design/Logic Flaw

The Files APP 7.1.1.309 and earlier versions in some Huawei mobile phones has a brute-force password cracking vulnerability due to the improper design of the Safe key database. An unauthorized attacker could access sensitive database information and may crack users' Safe passwords, leading to...

CVE-2017-2715

The Files APP 7.1.1.309 and earlier versions in some Huawei mobile phones has a brute-force password cracking vulnerability due to the improper design of the Safe key database. An unauthorized attacker could access sensitive database information and may crack users' Safe passwords, leading to...

CVE-2017-2715

The CVE corresponds to CVE-2017-2715 affecting Huawei’s Files APP (7.1.1.309 and earlier) on some Huawei mobile phones. The root cause is an improper design of the Safe key database, enabling brute-force attempts to crack the user’s Safe password and potentially access sensitive database informat...

FireMaster - The Firefox Master Password Cracking Tool

FireMaster is the First ever tool to recover the lost Master Password of Firefox. Master password is used by Firefox to protect the stored loign/password information for all visited websites. If the master password is forgotten, then there is no way to recover the master password and user will lo...

SuSE 11.3 Security Update : gpg2 (SAT Patch Number 7919)

This update for gpg2 provides the following fixes : - 780943: Set proper file permissions when en/de-crypting files. - 798465: Fix an issue that could cause corruption of the public keys database. CVE-2012-6085 - 808958: Select proper ciphers when running in FIPS mode. %NASLMINLEVEL 70300 C Tenab...

US-CERT Technical Cyber Security Alert TA08-079B -- MIT Kerberos Updates for Multiple Vulnerabilities

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 National Cyber Alert System Technical Cyber Security Alert TA08-079B MIT Kerberos Updates for Multiple Vulnerabilities Original release date: March 19, 2008 Last revised: -- Source: US-CERT Systems Affected MIT Kerberos Overview The MIT Kerberos...

MITKRB5-SA-2007-004: kadmind multiple RPC lib vulnerabilities

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 MIT krb5 Security Advisory 2007-004 Original release: 2007-06-26 Last update: 2007-06-26 Topic: kadmind affected by multiple RPC library vulnerabilities Severity: CRITICAL CVE: CVE-2007-2442 CERT: VU356961 CVE: CVE-2007-2443 CERT: VU365313 SUMMARY...

CVE-2007-0957

Stack-based buffer overflow in the krb5klogsyslog function in the kadm5 library, as used by the Kerberos administration daemon kadmind and Key Distribution Center KDC, in MIT krb5 before 1.6.1 allows remote authenticated users to execute arbitrary code and modify the Kerberos key database via...

DEBIAN-CVE-2007-1216

Double free vulnerability in the GSS-API library lib/gssapi/krb5/k5unseal.c, as used by the Kerberos administration daemon kadmind in MIT krb5 before 1.6.1, when used with the authentication method provided by the RPCSECGSS RPC library, allows remote authenticated users to execute arbitrary code...

CVE-2007-1216

Double free vulnerability in the GSS-API library lib/gssapi/krb5/k5unseal.c, as used by the Kerberos administration daemon kadmind in MIT krb5 before 1.6.1, when used with the authentication method provided by the RPCSECGSS RPC library, allows remote authenticated users to execute arbitrary code...