11 matches found
EUVD-2019-0002
Malware in sbrugna...
Ansible sensitive information disclosure
ansible before versions 2.5.14, 2.6.11, 2.7.5 is vulnerable to a information disclosure flaw in vvv+ mode with nolog on that can lead to leakage of sensible data...
SSL/TLS: Known Compromised/Static Certificate Detection
The remote SSL/TLS service is using an SSL/TLS certificate which is known to be compromised/static e.g. known private keys, used by malware, etc. SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective...
CVE-2018-16870
It was found that wolfssl before 3.15.7 is vulnerable to a new variant of the Bleichenbacher attack to perform downgrade attacks against TLS. This may lead to leakage of sensible data...
CVE-2018-16876
ansible before versions 2.5.14, 2.6.11, 2.7.5 is vulnerable to a information disclosure flaw in vvv+ mode with nolog on that can lead to leakage of sensible data...
CVE-2018-16876
ansible before versions 2.5.14, 2.6.11, 2.7.5 is vulnerable to a information disclosure flaw in vvv+ mode with nolog on that can lead to leakage of sensible data...
SSL/TLS: Known Untrusted / Dangerous Certificate Authority (CA) Detection
The service is using an SSL/TLS certificate from a known untrusted and/or dangerous certificate authority CA. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier...
Gnome Keyring Daemon Credential Disclosure Vulnerability
The gnome-keyring-daemon is vulnerable to local credential disclosure as it leaves credentials accessible in memory. gnome-keyring-daemon is vulnerable to local credentials disclosure. Fortunately the attack can be spun on already compromised machines, but sadly, in those cases, an attacker can...
OLX: Able to list user's public name, username, phone number, address, facebook ID...
Hi, Through api-v2/items you can list all information of users except email. As items are sequential, you can just make a script that crawls items from: https://www.olx.com.ar/api-v2/items/822200000 to https://www.olx.com.ar/api-v2/items/901858309 Example of sensible user information from random...
Debian: Security Advisory (DSA-1704-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
ackerTodo42.txt
ackerTodo 4.2 SQL Injection vendor: http://ackertodo.sourceforge.net/site2/index.html File: gadget/login.php Exploiting this issue could allow an attacker to access sensible data. Vuln code: $userlogin = trim$REQUEST'uplogin'; $userpass = trim$REQUEST'uppass'; $numtasks = trim$REQUEST'upnumtasks'...