The SSH Plugin stores credentials which allow jobs to access remote servers via the SSH protocol. User passwords and passphrases for encrypted SSH keys are stored in plaintext in a configuration file.
Apache Hive 2.1.x before 2.1.2, 2.2.x before 2.2.1, and 2.3.x before 2.3.1 expose an interface through which masking policies can be defined on tables or views, e.g., using Apache Ranger. When a view is created over a given table, the policy enforcement does not happen correctly on the table for masked columns.
APPLE-SA-2017-10-31-12 Additional information for APPLE-SA-2017-09-25-9 macOS Server 5.4
APPLE-SA-2017-10-31-11 Additional information for APPLE-SA-2017-09-20-3 tvOS 11
APPLE-SA-2017-10-31-10 Additional information for APPLE-SA-2017-09-20-2 watchOS 4
APPLE-SA-2017-10-31-9 Additional information for APPLE-SA-2017-09-19-1 iOS 11
News, Infocus, Columns, Vulnerabilities, Bugtraq ...
Apache Traffic Server CVE-2015-3249 Multiple Remote Code Execution Vulnerabilities
GNU Wget CVE-2016-7098 Security Bypass Vulnerability
Apache Traffic Server CVE-2014-3624 Access Bypass Vulnerability
HP ArcSight ESM and ArcSight ESM Express CVE-2017-14356 SQL Injection Vulnerability
A Use of Hard-coded Cryptographic Key issue was discovered in Korenix JetNet JetNet5018G version 1.4, JetNet5310G version 1.4a, JetNet5428G-2G-2FX version 1.4, JetNet5628G-R version 1.4, JetNet5628G version 1.4, JetNet5728G-24P version 1.4, JetNet5828G version 1.1d, JetNet6710G-HVDC version 1.1e, and JetNet6710G version 1.1. An attacker may gain access to hard-coded certificates and private keys allowing the attacker to perform man-in-the-middle attacks.
A Use of Hard-coded Credentials issue was discovered in Korenix JetNet JetNet5018G version 1.4, JetNet5310G version 1.4a, JetNet5428G-2G-2FX version 1.4, JetNet5628G-R version 1.4, JetNet5628G version 1.4, JetNet5728G-24P version 1.4, JetNet5828G version 1.1d, JetNet6710G-HVDC version 1.1e, and JetNet6710G version 1.1. The software uses undocumented hard-coded credentials that may allow an attacker to gain remote access.
The Catalyst-Plugin-Static-Simple module before 0.34 for Perl allows remote attackers to read arbitrary files if there is a '.' character anywhere in the pathname, which differs from the intended policy of allowing access only when the filename itself has a '.' character.
EMC Unisphere for VMAX Virtual Appliance (vApp) versions prior to 220.127.116.11, EMC Solutions Enabler Virtual Appliance versions prior to 18.104.22.168, EMC VASA Virtual Appliance versions prior to 22.214.171.1242, and EMC VMAX Embedded Management (eManagement) versions prior to and including 1.4 (Enginuity Release 5977.1125.1125 and earlier) contain an authentication bypass vulnerability that may potentially be exploited by malicious users to compromise the affected system.
EMC AppSync Server prior to 126.96.36.199 contains database accounts with hardcoded passwords that could potentially be exploited by malicious users to compromise the affected system.
MongoDB 3.4.x before 3.4.10, and 3.5.x-development, has a disabled-by-default configuration setting, networkMessageCompressors (aka wire protocol compression), which exposes a vulnerability when enabled that could be exploited by a malicious attacker to deny service or modify memory.
Cross-Site Request Forgery exists in OctoberCMS 1.0.426 (aka Build 426) due to improper validation of CSRF tokens for postback handling, allowing an attacker to successfully take over the victim's account. The attack bypasses a protection mechanism involving X-CSRF headers and CSRF tokens via a certain _handler postback variable.
An IMAP FETCH response line indicates the size of the returned data, in number of bytes. When that response says the data is zero bytes, libcurl would pass on that (non-existing) data with a pointer and the size (zero) to the deliver-data function. libcurl's deliver-data function treats zero as a magic number and invokes strlen() on the data to figure out the length. The strlen() is called on a heap based buffer that might not be zero terminated so libcurl might read beyond the end of it into whatever memory lies after (or just crash) and then deliver that to the application as if it was actually downloaded.
VIM version 8.0.1187 (and other versions most likely) ignores umask when creating a swap file ("[ORIGINAL_FILENAME].swp") resulting in files that may be world readable or otherwise accessible in ways not intended by the user running the vi binary.