In Docker Notary before 0.1, the checkRoot function in gotuf/client/client.go does not check expiry of root.json files, despite a comment stating that it does. Even if a user creates a new…
Link: http://feeds.security-database.com/~r/Last100Alerts/~3/HK5PxrW4JAg/detail.php
In Docker Notary before 0.1, gotuf/signed/verify.go has a Signature Algorithm Not Matched to Key vulnerability. Because an attacker controls the field specifying the signature algorithm, they might…
Link: http://feeds.security-database.com/~r/Last100Alerts/~3/6ywP47oxz9k/detail.php
In Spark before 2.7.2, a remote attacker can read unintended static files via various representations of absolute or relative pathnames, as demonstrated by file: URLs and directory traversal…
Link: http://feeds.security-database.com/~r/Last100Alerts/~3/gUB4RtLmIno/detail.php
SickRage before v2018.03.09-1 includes cleartext credentials in HTTP responses.
Link: http://feeds.security-database.com/~r/Last100Alerts/~3/GHcs8YAXcjI/detail.php
In Android before 2018-01-05 on Qualcomm Snapdragon IoT, Snapdragon Mobile MDM9206, MDM9607, MSM8909W, SD 210/SD 212/SD 205, SD 410/12, PKCS7 padding is not supported by the crypto storage APIs.
Link: http://feeds.security-database.com/~r/Last100Alerts/~3/nQBGPMpjiIk/detail.php
In Android before 2018-01-05 on Qualcomm Snapdragon IoT, Snapdragon Mobile MDM9206, MDM9650, SD 210/SD 212/SD 205, SD 625, SD 650/52, SD 835, access control left a configuration space unprotected.
Link: http://feeds.security-database.com/~r/Last100Alerts/~3/Tz4Aa6RKxAk/detail.php
In Android before 2018-01-05 on Qualcomm Snapdragon IoT, Snapdragon Mobile, Snapdragon Automobile APQ8096AU, MDM9206, MDM9650, MSM8996AU, SD 210/SD 212/SD 205, SD 425, SD 430, SD 625, SD 650/52, SD…
Link: http://feeds.security-database.com/~r/Last100Alerts/~3/1ox7Teiu2So/detail.php
In Android before 2018-01-05 on Qualcomm Snapdragon IoT, Snapdragon Mobile [VERSION]: MDM9206, MDM9607, MDM9650, MSM8909W, SD 200, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD…
Link: http://feeds.security-database.com/~r/Last100Alerts/~3/0YhU61aNcus/detail.php
In Android before 2018-01-05 on Qualcomm Snapdragon IoT, Snapdragon Mobile MDM9206, SD 625, SD 650/52, SD 835, SD 845, DDR address input validation is being improperly truncated.
Link: http://feeds.security-database.com/~r/Last100Alerts/~3/2lC5X2-Qg0s/detail.php
IBM Security Privileged Identity Manager 2.1.0 contains left-over, sensitive information in page comments. While this information is not visible at first it can be obtained by viewing the page…
Link: http://feeds.security-database.com/~r/Last100Alerts/~3/930eOTnmOPU/detail.php