CVE-2014-6274 – Git-Annex AWS S3 and Glacier Unencrypted Credentials Storage Vulnerability

June 26, 2025

CVE ID : CVE-2014-6274

Published : June 26, 2025, 9:15 p.m. | 4 hours, 19 minutes ago

Description : git-annex had a bug in the S3 and Glacier remotes where if embedcreds=yes
was set, and the remote used encryption=pubkey or encryption=hybrid,
the embedded AWS credentials were stored in the git repository
in (effectively) plaintext, not encrypted as they were supposed to be. This issue affects git-annex: from 3.20121126 before 5.20140919.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2014-7210 – Debian pdns MySQL Privilege Escalation

Next Article CVE-2014-0468 – FusionForge Apache Script Execution Vulnerability

Highlights

CVE-2025-4379 – DobryCMS Reflected Cross-Site Scripting (XSS) Vulnerability

May 23, 2025

CVE ID : CVE-2025-4379

Published : May 23, 2025, 10:15 a.m. | 2 hours, 24 minutes ago

Description : DobryCMS in versions 2.* and lower is vulnerable to Reflected Cross-Site Scripting (XSS). Improper input validation in szukaj parameter allows arbitrary JavaScript to be executed on victim’s browser when specially crafted URL is opened.

A hotfix for affected versions was released on 29.04.2025. It removes the vulnerability without incrementing the version.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE-2025-3905 – Siemens PLC Cross-site Scripting

June 10, 2025

SaVi simulates satellite orbits and coverage, in two and three dimensions

April 27, 2025

CodeSOD: A Unique Way to Primary Key

BrowserStack launches Figma plugin for detecting accessibility issues in design phase

Parasoft brings agentic AI to service virtualization in latest release

Node.js vs. Python for Backend: 7 Reasons C-Level Leaders Choose Node.js Talent

The best CRM software with email marketing in 2025: Expert tested and reviewed

This multi-port car charger can power 4 gadgets at once – and it’s surprisingly cheap

I’m a wearables editor and here are the 7 Pixel Watch 4 rumors I’m most curious about

8 ways I quickly leveled up my Linux skills – and you can too

The Intersection of Agile and Accessibility – A Series on Designing for Everyone

The Intersection of Agile and Accessibility – A Series on Designing for Everyone

Zero Trust & Cybersecurity Mesh: Your Org’s Survival Guide

Execute Ping Commands and Get Back Structured Data in PHP

A Tomb Raider composer has been jailed — His legacy overshadowed by $75k+ in loan fraud

A Tomb Raider composer has been jailed — His legacy overshadowed by $75k+ in loan fraud

“I don’t think I changed his mind” — NVIDIA CEO comments on H20 AI GPU sales resuming in China following a meeting with President Trump

Galaxy Z Fold 7 review: Six years later — Samsung finally cracks the foldable code

CVE-2014-6274 – Git-Annex AWS S3 and Glacier Unencrypted Credentials Storage Vulnerability

CVE-2025-44658 – Netgear RAX30 PHP-FPM Misconfigured Extension Bypass Vulnerability

CVE-2025-7393 – Drupal Mail Login Authentication Bypass

Shift Left Testing Principles: Catch Bugs Early, Deliver Faster

Microsoft pushes major firmware update for Surface Pro 11 and Laptop 7

Alert: Malicious RubyGems Impersonate Fastlane Plugins, Steal CI/CD Data

Is OpenAI’s new ChatGPT-4o image generator the end for graphic designers? — Weekend discussion 💬

CVE-2025-4379 – DobryCMS Reflected Cross-Site Scripting (XSS) Vulnerability

CVE-2025-3905 – Siemens PLC Cross-site Scripting

SaVi simulates satellite orbits and coverage, in two and three dimensions

Top 15 Kubernetes Interview Questions for Beginners

CVE-2014-6274 – Git-Annex AWS S3 and Glacier Unencrypted Credentials Storage Vulnerability

Related Posts