EUVD-2022-51010

Malicious code in bioql PyPI...

CVE-2022-48310

An information disclosure vulnerability allows sensitive key material to be included in technical support archives in Sophos Connect versions older than 2.2.90...

Information disclosure

An information disclosure vulnerability allows sensitive key material to be included in technical support archives in Sophos Connect versions older than 2.2.90...

PT-2023-15689 · Sophos · Sophos Connect

Name of the Vulnerable Software and Affected Versions: Sophos Connect versions prior to 2.2.90 Description: An information disclosure issue allows sensitive key material to be included in technical support archives. Recommendations: For Sophos Connect versions prior to 2.2.90, update to version...

openSUSE 15 Security Update : nextcloud (openSUSE-SU-2021:1255-1)

The remote SUSE Linux SUSE15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2021:1255-1 advisory. - Nextcloud Text is an open source plaintext editing application which ships with the nextcloud server. In affected versions the Nextcloud...

CVE-2021-32801

Nextcloud server is an open source, self hosted personal cloud. In affected versions logging of exceptions may have resulted in logging potentially sensitive key material for the Nextcloud Encryption-at-Rest functionality. It is recommended that the Nextcloud Server is upgraded to 20.0.12, 21.0.4...

Exceptions may have logged Encryption-at-Rest key content

None...

Heap overflow

RSA BSAFE SSL-J versions prior to 6.2.4 contain a Heap Inspection vulnerability that could allow an attacker with physical access to the system to recover sensitive key material...