EUVD-2021-21875

Malware in sbrugna...

CVE-2020-13856

An issue was discovered on Mofi Network MOFI4500-4GXeLTE 4.0.8-std devices. Authentication is not required to download the support file that contains sensitive information such as cleartext credentials and password hashes...

GHSA-428J-Q447-47RW Apache Rave information disclosure vulnerability

The users/get program in the User RPC API in Apache Rave 0.11 through 0.20 allows remote authenticated users to obtain sensitive information about all user accounts via the offset parameter, as demonstrated by discovering password hashes in the password field of a response...

Updated openssh packages fix security vulnerability

The dosetupenv function in session.c in sshd in OpenSSH through 7.2p2, when the UseLogin feature is enabled and PAM is configured to read .pamenvironment files in user home directories, allows local users to gain privileges by triggering a crafted environment for the /bin/login program, as...

SUSE SLES11 Security Update : pam (SUSE-SU-2016:1645-1)

This update for pam fixes two security issues. These security issues were fixed : - CVE-2015-3238: pamunix in conjunction with SELinux allowed for DoS attacks bsc934920. - CVE-2013-7041: Compare password hashes case-sensitively bsc854480. The update package also includes non-security fixes. See...

XMB Forum 1.8 - 'member.php' SQL Injection

// source: https://www.securityfocus.com/bid/7406/info XMB Forum Member.PHP has been reported prone to an SQL injection vulnerability, under certain conditions. The SQL injection vulnerability has been reported to affect the registration page of XMB Forum. This is reportedly due to insufficient...

FreeBSD-SA-01:59.rmuser

-----BEGIN PGP SIGNED MESSAGE----- ============================================================================= FreeBSD-SA-01:59 Security Advisory FreeBSD, Inc. Topic: rmuser contains a race condition exposing /etc/master.passwd Category: core Module: rmuser Announced: 2001-09-04 Credits:...