EUVD-2020-7513

Malware in sbrugna...

Linux Distros Unpatched Vulnerability : CVE-2024-11941

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability in Drupal Core allows Excessive Allocation.This issue affects Drupal Core: from 10.2.0 before 10.2.2, from 10.1.0 before 10.1.8. CVE-2024-11941...

eslint-config-prettier 安全漏洞

eslint-config-prettier is a Prettier open source application. A security vulnerability exists in eslint-config-prettier version 8.10.1, 9.1.1, 10.1.6, and 10.1.7, which stems from embedded malicious code that could lead to a supply chain attack...

Information disclosure

IBM QRadar WinCollect Agent 10.0 through 10.1.7 could allow a privileged user to obtain sensitive information due to missing best practices. IBM X-Force ID: 213551...

Security Bulletin: IBM QRadar WinCollect Agent is vulnerable to a local escalation of privilege attack in some configurations (CVE-2023-38736)

Summary IBM QRadar WinCollect Agent when installed to run as Admin or System, or with Admin or System privileges, is vulnerable to a local escalation of privilege attack that a non-privileged user could utilize to gain System permissions. IBM has addressed the relevant vulnerability. Vulnerabilit...

Atlassian Confluence 7.13.15 < 7.13.19 / 7.19.7 < 7.19.11 / 8.1.1 < 8.4.1 DoS (CONFSERVER-90185)

The version of Atlassian Confluence Server running on the remote host is affected by a vulnerability as referenced in the CONFSERVER-90185 advisory. - The fix for CVE-2023-24998 was incomplete for Apache Tomcat 11.0.0-M2 to 11.0.0-M4, 10.1.5 to 10.1.7, 9.0.71 to 9.0.73 and 8.5.85 to 8.5.87. If...

Apache Tomcat DoS Vulnerability (May 2023) - Linux

Apache Tomcat is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:apache:tomcat"; ...

SUSE CVE-2013-3338

Adobe Reader and Acrobat 9.x before 9.5.5, 10.x before 10.1.7, and 11.x before 11.0.03 allow attackers to execute arbitrary code or cause a denial of service memory corruption via unspecified vectors, a different vulnerability than CVE-2013-2718, CVE-2013-2719, CVE-2013-2720, CVE-2013-2721,...

CVE-2021-20432

IBM Spectrum Protect Plus 10.1.0 through 10.1.7 uses Cross-Origin Resource Sharing CORS which could allow an attacker to carry out privileged actions and retrieve sensitive information as the domain name is not being limited to only trusted domains. IBM X-Force ID: 196344...

CVE-2021-20536

The vulnerability CVE-2021-20536 affects IBM Spectrum Protect Plus File Systems Agent versions 10.1.6 and 10.1.7, where potentially sensitive information could be stored in and read from local log files. The root cause is an information disclosure in the logging of file-system backup/restore acti...

Security Bulletin: Static Credential Vulnerability in IBM Spectrum Protect Plus (CVE-2020-4854)

Summary IBM Spectrum Protect Plus contains hard-coded credentials which could allow a remote attacker to gain elevated privileges. UPDATED: 24 February 2021 - Remediation/Fixes section updated with additional vSnap requirements for upgrading to 10.1.7. UPDATED: 23 April 2021 - Added 10.1.8 fix...

Security Bulletin: Cross-Origin Resource Sharing (CORS) vulnerability in IBM Spectrum Protect Plus (CVE-2021-20432)

Summary Cross-Origin Resource Sharing CORS vulnerability in IBM Spectrum Protect Plus may allow privileged actions and retrieval of sensitive information. Vulnerability Details CVEID: CVE-2021-20432 DESCRIPTION: IBM Spectrum Protect Plus uses Cross-Origin Resource Sharing CORS which could allow a...

CVE-2020-5023

IBM Spectrum Protect Plus 10.1.0 through 10.1.7 could allow a remote user to inject arbitrary data iwhich could cause the serivce to crash due to excess resource consumption. IBM X-Force ID: 193659...

IBM Spectrum Protect Plus 资源管理错误漏洞

IBM Spectrum Protect Plus is a data protection and availability solution for virtualized environments that can be deployed in minutes and protect your environment in less than an hour. A denial of service vulnerability exists in IBM Spectrum Protect Plus 10.1.0 - 10.1.7. A remote user can exploit...

CVE-2020-15526

In Redgate SQL Monitor 7.1.4 through 10.1.6 inclusive, the scope for disabling some TLS security certificate checks can extend beyond that defined by various options on the Configuration Notifications pages to disable certificate checking for alert notifications. These TLS security checks are als...

CVE-2020-15526

In Redgate SQL Monitor 7.1.4 through 10.1.6 inclusive, the scope for disabling some TLS security certificate checks can extend beyond that defined by various options on the Configuration Notifications pages to disable certificate checking for alert notifications. These TLS security checks are als...

acroread: multiple code execution flaws (APSB13-15)

Adobe Reader and Acrobat 9.x before 9.5.5, 10.x before 10.1.7, and 11.x before 11.0.03 allow attackers to execute arbitrary code or cause a denial of service memory corruption via unspecified vectors, a different vulnerability than CVE-2013-2718, CVE-2013-2720, CVE-2013-2721, CVE-2013-2722,...

acroread: multiple code execution flaws (APSB13-15)

Integer overflow in Adobe Reader and Acrobat 9.x before 9.5.5, 10.x before 10.1.7, and 11.x before 11.0.03 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2013-2729...