CVE-2022-28384

An issue was discovered in certain Verbatim drives through 2022-03-31. Due to an insecure design, they allow an offline brute-force attack for determining the correct passcode, and thus gaining unauthorized access to the stored encrypted data. This affects Keypad Secure USB 3.2 Gen 1 Drive Part...

RHEL 8 : mailman:2.1 (RHSA-2021:4826)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2021:4826 advisory. Mailman is a program used to help manage e-mail discussion lists. Security Fixes: mailman: CSRF token bypass allows to perform CSRF attacks...

Debian DLA-3049-1 : mailman - LTS security update

The remote Debian 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the dla-3049 advisory. - In GNU Mailman before 2.1.36, a crafted URL to the Cgi/options.py user options page can execute arbitrary JavaScript for XSS. CVE-2021-43331 - In GNU Mailman...

CVE-2022-28384

The provided connected documents confirm CVE-2022-28384 affects Verbatim devices with insecure design that allows an offline brute-force attack to determine the correct passcode and gain access to stored encrypted data. Affected products include the Verbatim Keypad Secure USB 3.2 Gen 1 Drive (thr...

CVE-2022-0652

Sophos UTM vulnerability CVE-2022-0652 involves insecure permissions on Confd log files containing SHA512crypt password hashes for local users (including root). A local attacker could perform offline brute-force attacks on these hashes. Affected products are Sophos UTM versions prior to 9.710. Re...

RHEL 8 : mailman:2.1 (RHSA-2021:4838)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2021:4838 advisory. Mailman is a program used to help manage e-mail discussion lists. Security Fixes: mailman: CSRF token bypass allows to perform CSRF attacks...

Important: Red Hat Security Advisory: mailman:2.1 security update

An update for the mailman:2.1 module is now available for Red Hat Enterprise Linux 8.1 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, i...

Important: Red Hat Security Advisory: mailman:2.1 security update

An update for the mailman:2.1 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

One Identity Defender 5.9.3 Insecure Cryptographic Storage

Title: One Identity Defender - Insecure Cryptographic Storage Date: 01 September 2019 Affected Software: ================== One Identity Defender 5.9.3 Other versions are likely also vulnerable. Insecure Cryptographic Storage: ============================== Defender stores token seeds, PAP secret...