CVE-2025-65843

Aquarius Desktop 3.0.069 for macOS contains an insecure file handling vulnerability in its support data archive generation feature. The application follows symbolic links placed inside the /Library/Logs/Aquarius directory and treats them as regular files. When building the support ZIP, Aquarius...

CVE-2025-65843

Aquarius Desktop 3.0.069 for macOS contains an insecure file handling vulnerability in its support data archive generation feature. The application follows symbolic links placed inside the /Library/Logs/Aquarius directory and treats them as regular files. When building the support ZIP, Aquarius...

CVE-2025-65843

Aquarius Desktop 3.0.069 for macOS contains an insecure file handling vulnerability in its support data archive generation. The product follows symbolic links placed in ~/Library/Logs/Aquarius and treats them as regular files. While building the support ZIP, a JUCE directory iterator configured t...

Cloudflare Confirms Data Breach Linked to Salesforce and Salesloft Drift

Cloudflare confirms a Salesforce-linked data breach via Salesloft Drift, exposing customer support case data but leaving core systems…...

PYSEC-2024-298

OpenCTI is an open-source cyber threat intelligence platform. Before 6.3.0, general users can access information that can only be accessed by users with access privileges to admin and support information SETTINGSSUPPORT. This is due to inadequate access control for support information...

PYSEC-2024-298

OpenCTI is an open-source cyber threat intelligence platform. Before 6.3.0, general users can access information that can only be accessed by users with access privileges to admin and support information SETTINGSSUPPORT. This is due to inadequate access control for support information...

PT-2024-31785 · Opencti · Opencti

Name of the Vulnerable Software and Affected Versions: OpenCTI versions prior to 6.3.0 Description: The issue arises from inadequate access control for support information, allowing general users to access data meant only for users with admin and support privileges. This is facilitated by the...

OPENSUSE-SU-2020:2010-1 Security update for chromium

This update for chromium fixes the following issues: - Update to 87.0.4280.66 boo1178923 - Wayland support by default - CVE-2020-16018: Use after free in payments. - CVE-2020-16019: Inappropriate implementation in filesystem. - CVE-2020-16020: Inappropriate implementation in cryptohome. -...

Information Disclosure

sosreport is vulnerable to information disclosure. If a malicious user can get access to the technical-support data stream and if the /etc/fstab file contains passwords, the sensitive information can be disclosed...

IBM General Parallel File System Information Disclosure Vulnerability

IBM General Parallel File System GPFS is a scalable, highly available, high-performance enterprise file management system optimized for petabyte-scale storage management from IBM in the United States. A security vulnerability exists in the /usr/lpp/mmfs/bin/gpfs.snap file in IBM GPFS version 4.1....

SuSE 6.3/6.4/7.0 sdb Arbitrary Command Execution Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/3208/info An input validation error exists in sdb, the SuSE Support Data Base. The problem exists in the sdbsearch.cgi script, which uses data directly from the 'Referer' header field from a HTTP request as a path when...

CVE-2014-4040

snap in powerpc-utils 1.2.20 produces an archive with fstab and yaboot.conf files potentially containing cleartext passwords, and lacks a warning about reviewing this archive to detect included passwords, which might allow remote attackers to obtain sensitive information by leveraging access to a...

CVE-2014-4040

snap in powerpc-utils 1.2.20 produces an archive with fstab and yaboot.conf files potentially containing cleartext passwords, and lacks a warning about reviewing this archive to detect included passwords, which might allow remote attackers to obtain sensitive information by leveraging access to a...

Design/Logic Flaw

sosreport in Red Hat sos 1.7 and earlier on Red Hat Enterprise Linux RHEL 5 produces an archive with an fstab file potentially containing cleartext passwords, and lacks a warning about reviewing this archive to detect included passwords, which might allow remote attackers to obtain sensitive...

CVE-2014-3925

CVE-2014-3925 affects sosreport in Red Hat sos 1.7 and earlier on RHEL 5, where the generated archive may contain an fstab with cleartext passwords and lacks a warning to review for passwords, enabling potential sensitive-information disclosure if an attacker can access the technical-support data...

CVE-2014-3925

sosreport in Red Hat sos 1.7 and earlier on Red Hat Enterprise Linux RHEL 5 produces an archive with an fstab file potentially containing cleartext passwords, and lacks a warning about reviewing this archive to detect included passwords, which might allow remote attackers to obtain sensitive...

UBUNTU-CVE-2014-3925

sosreport in Red Hat sos 1.7 and earlier on Red Hat Enterprise Linux RHEL 5 produces an archive with an fstab file potentially containing cleartext passwords, and lacks a warning about reviewing this archive to detect included passwords, which might allow remote attackers to obtain sensitive...

Tapes Containing Information On 800K Lost From California Child Support Agency

Backup cartridges containing records on 800,000 individuals belonging to the California Department of Child Support Services DCCS were lost in transit between an IBM facility in Colorado and DCCS’s headquarters in California On March 12, according to a statement from DCCS. PDF The records in...

SuSE 6.3/6.4/7.0 sdb - Arbitrary Command Execution

source: https://www.securityfocus.com/bid/3208/info An input validation error exists in sdb, the SuSE Support Data Base. The problem exists in the sdbsearch.cgi script, which uses data directly from the 'Referer' header field from a HTTP request as a path when opening it's "keylist.txt" file. The...

SuSE 6.36.47.0 sdb - Arbitrary Command Execution

SuSE 6.36.47.0 sdb - Arbitrary Command Execution source: https://www.securityfocus.com/bid/3208/info An input validation error exists in sdb, the SuSE Support Data Base. The problem exists in the sdbsearch.cgi script, which uses data directly from the 'Referer' header field from a HTTP request as...