Astra Linux - уязвимость в systemd

Before version 247, systemd does not properly prevent local privilege escalation for certain Sudo configurations. For example, plausible sudoers files may allow the execution of the “systemctl status” command. Specifically, systemd does not set LESSSECURE to 1, allowing other programs to be...

CVE-2025-62345

Technical details for CVE-2025-62345 are not publicly provided in the supplied documents; no affected versions, exploit information, or remediation details are included. Monitor for updates.

Linux Distros Unpatched Vulnerability : CVE-2023-26604

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - systemd before 247 does not adequately block local privilege escalation for some Sudo configurations, e.g., plausible sudoers files in which the systemctl statu...

CVE-2024-38883

Summary (CVE-2024-38883): Horizon Business Services Inc. Caterease v16.0.1.1663–v24.0.1.2405 (and possibly later) may be vulnerable to a remote, network-based attack due to negotiating with a less-secure encryption algorithm, enabling a Drop Encryption Level attack. The issue is described across ...

CVE-2023-46686

A reliance on untrusted inputs in a security decision could be exploited by a privileged user to configure the Gallagher Command Centre Diagnostics Service to use less secure communication protocols. This issue affects: Gallagher Diagnostics Service prior to v1.3.0 distributed in 9.00.1507MR1...

CVE-2023-46686

A reliance on untrusted inputs in a security decision could be exploited by a privileged user to configure the Gallagher Command Centre Diagnostics Service to use less secure communication protocols. This issue affects: Gallagher Diagnostics Service prior to v1.3.0 distributed in 9.00.1507MR1...

OESA-2023-1166 systemd security update

systemd is a system and service manager that runs as PID 1 and starts the rest of the system. Security Fixes: systemd before 247 does not adequately block local privilege escalation for some Sudo configurations, e.g., plausible sudoers files in which the "systemctl status" command may be executed...

OESA-2023-1167 systemd security update

systemd is a system and service manager that runs as PID 1 and starts the rest of the system. Security Fixes: systemd before 247 does not adequately block local privilege escalation for some Sudo configurations, e.g., plausible sudoers files in which the "systemctl status" command may be executed...

CVE-2022-22781

The Zoom Client for Meetings for MacOS Standard and for IT Admin prior to version 5.9.6 failed to properly check the package version during the update process. This could lead to a malicious actor updating an unsuspecting user’s currently installed version to a less secure version...

Authentication flaw

A logic issue was addressed with improved validation. This issue is fixed in iOS 14.6 and iPadOS 14.6. An attacker in WiFi range may be able to force a client to use a less secure authentication mechanism...

Security Bulletin: IBM QRadar SIEM uses less secure methods for securing data at rest and in transit between hosts (CVE-2020-4980)

Summary IBM QRadar SIEM uses less secure methods for protecting data in transit between hosts when encrypt host connections is not enabled as well as data at rest. Vulnerability Details CVEID: CVE-2020-4980 DESCRIPTION: IBM QRadar SIEM uses less secure methods for protecting data in transit betwe...

IBM Security Key Lifecycle Manager: All Security Bulletins

Summary This page lists all the security bulletins that are released for IBM Security Key Lifecycle Manager. Vulnerability Details Security Bulletin: IBM Security Key Lifecycle Manager stores unencrypted password CVE-2016-6092 --- Security Bulletin: IBM Security Key Lifecycle Manager uses Less...

How to configure Email Notifications when using Gmail or Google Apps Mail in Veeam ONE

Challenge You need to configure email notifications to be sent to a Gmail or Google Apps Mail account in Veeam ONE. Cause Use of port 587 is required for TLS when communicating with Gmail or Google Apps Mail. Solution Set the Port to 587 in Veeam ONE console Options Server Settings SMTP Settings...

Security Bulletin: IBM QRadar Network Security is affected by a less-secure algorithm during negotiations vulnerability (CVE-2017-1491)

Summary IBM QRadar Network Security has addressed less-secure algorithm during negotiations Vulnerability Details CVEID: CVE-2017-1491 DESCRIPTION: IBM QRadar Network Security supports interaction between multiple actors and allows those actors to negotiate which algorithm should be used as a...

SMTP Service Cleartext Login Permitted

The remote host is running an SMTP server that advertises that it allows cleartext logins over unencrypted connections. An attacker may be able to uncover user names and passwords by sniffing traffic to the server if a less secure authentication mechanism i.e. LOGIN or PLAIN is used. C Tenable...

CVE-2006-4399

User interface inconsistency in Workgroup Manager in Apple Mac OS X 10.4 through 10.4.7 appears to allow administrators to change the authentication type from crypt to ShadowHash passwords for accounts in a NetInfo parent, when such an operation is not actually supported, which could result in le...

CVE-2006-1248

Unspecified vulnerability in usermod in HP-UX B.11.00, B.11.11, and B.11.23, when run with certain options that involve a new home directory, might cause usermod to change the ownership of all directories and files under the new directory, which might result in less secure permissions than intend...

CVE-2006-1248

Unspecified vulnerability in usermod in HP-UX B.11.00, B.11.11, and B.11.23, when run with certain options that involve a new home directory, might cause usermod to change the ownership of all directories and files under the new directory, which might result in less secure permissions than intend...

CVE-2005-3168

The SECEDIT command on Microsoft Windows 2000 before Update Rollup 1 for SP4, when using a security template to set Access Control Lists ACLs on folders, does not apply ACLs on folders that are listed after a long folder entry, which could result in less secure permissions than specified by the...

CVE-2005-3177

CHKDSK in Microsoft Windows 2000 before Update Rollup 1 for SP4, Windows XP, and Windows Server 2003, when running in fix mode, does not properly handle security descriptors if the master file table contains a large number of files or if the descriptors do not satisfy certain NTFS conventions,...