Author: Cyberthreat Blog

Pulp before 2.8.5 uses bash’s $RANDOM in an unsafe way to generate passwords.

KDE kmail before 5.5.2 and messagelib before 5.5.2, as distributed in KDE Applications before 17.04.2, do not ensure that a plugin’s sign/encrypt action occurs during use of the Send Later feature, which allows remote...

A design flaw in authentication in Synology Photo Station 6.0-2528 through 6.7.1-3419 allows local users to obtain credentials via cmdline. Synology Photo Station employs the synophoto_dsm_user program to authenticate username...

A vulnerability in the Fibre Channel over Ethernet (FCoE) protocol implementation in Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition when an FCoE-related...

An issue was discovered in Cloud Foundry Foundation cf-release v255 and Staticfile buildpack versions v1.4.0 – v1.4.3. A regression introduced in the Static file build pack causes the Staticfile.auth configuration to be...