NextCloud Server security vulnerabilities

NextCloud Server is an open-source NextCloud server program. There were security vulnerabilities in versions 31.0.0 to 31.0.12, and in versions 32.0.0 to 32.0.3 of NextCloud Server. These vulnerabilities stemmed from a lack of relational checks, which could allow authenticated users to read all...

Wildfly Elytron integration susceptible to brute force attacks via CLI

Impact A flaw was found in Wildfly Elytron integration. The component does not implement sufficient measures to prevent multiple failed authentication attempts within a short time frame, making it more susceptible to brute force attacks via CLI. Patches The default behaviour has been changed in...

EUVD-2021-13693

Malware in sbrugna...

CVE-2021-26908

Automox Agent prior to version 31 logs potentially sensitive information in local log files, which could be used by a locally-authenticated attacker to subvert an organization's security program. The issue has since been fixed in version 31 of the Automox Agent...

Code injection

Automox Agent prior to version 31 uses an insufficiently protected S3 bucket endpoint for storing sensitive files, which could be brute-forced by an attacker to subvert an organization's security program. The issue has since been fixed in version 31 of the Automox Agent...

Information disclosure

Automox Agent prior to version 31 logs potentially sensitive information in local log files, which could be used by a locally-authenticated attacker to subvert an organization's security program. The issue has since been fixed in version 31 of the Automox Agent...

CVE-2021-26908

CVE-2021-26908 and CVE-2021-26909 apply to the Automox Agent prior to version 31. The issues are: (1) information disclosure via logging potentially sensitive data in local log files, and (2) storing sensitive files via an insufficiently protected S3 bucket endpoint that could be brute-forced. Ro...

Automox Alive Automox Agent 日志信息泄露漏洞

Automox Alive Automox Agent is an application from the Automox Alive community. An agent software. A log information disclosure vulnerability exists in versions prior to Automox Agent 31, which stems from logging potentially sensitive information in local log files. No details of the vulnerabilit...

Firefox ESR 31.x < 31.5 Multiple Vulnerabilities

The version of Firefox ESR 31.x installed on the remote Windows host is prior to 31.5. It is, therefore, affected by the following vulnerabilities : - An information disclosure vulnerability exists related to the autocomplete feature that allows an attacker to read arbitrary files. CVE-2015-0822 ...

openSUSE Security Update : MozillaFirefox (openSUSE-2014-476)

MozillaFirefox was updated to version 31 to fix various security issues and bugs : - MFSA 2014-56/CVE-2014-1547/CVE-2014-1548 Miscellaneous memory safety hazards - MFSA 2014-57/CVE-2014-1549 bmo1020205 Buffer overflow during Web Audio buffering for playback - MFSA 2014-58/CVE-2014-1550 bmo1020411...

Stable Channel Update

Chrome has been updated to 31.0.1650.57 for Windows, Mac, Linux and Chrome Frame. Security fixes and rewards: Congratulations to Pinkie Pie, for reclaiming his title with another impressive exploit! Ka-po-po-po-pow!!! $50,000 319117 319125 Critical CVE-2013-6632: Multiple memory corruption issues...