7 matches found
EUVD-2026-38132
AVideo through 29.0 contains an authorization bypass vulnerability in the Meet plugin's uploadRecordedVideo.json.php endpoint that derives the target usersid from the uploaded filename without verification. An attacker with knowledge of the Meet shared secret can craft a malicious file upload wit...
EUVD-2020-6089
Malware in sbrugna...
EUVD-2023-2524
Malicious code in bioql PyPI...
K06110200: BIG-IP and BIG-IQ TACACS+ audit log vulnerability CVE-2023-43485
Security Advisory Description When TACACS+ audit forwarding is configured on a BIG-IP or BIG-IQ system, shared secret is logged in plaintext in the audit log. CVE-2023-43485 Impact An authenticated attacker with at least auditor role privileges can view shared secret. There is no data plane...
SUSE CVE-2023-43617
An issue was discovered in Croc through 9.6.5. When a custom shared secret is used, the sender and receiver may divulge parts of this secret to an untrusted Relay, as part of composing a room name...
Fortinet FortiManager TLS Certificate Validation Failure (FG-IR-16-055)
Fortinet FortiManager is prone to a TLS certificate validation failure vulnerability. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
DEBIAN-CVE-2011-5095
The Diffie-Hellman key-exchange implementation in OpenSSL 0.9.8, when FIPS mode is enabled, does not properly validate a public parameter, which makes it easier for man-in-the-middle attackers to obtain the shared secret key by modifying network traffic, a related issue to CVE-2011-1923...