MiracleLinux 9 : ipa-4.12.2-1.el9_5.3 (AXSA:2025-9559:01)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2025-9559:01 advisory. freeipa: Administrative user data leaked through systemd journal CVE-2024-11029 Tenable has extracted the preceding description block directly from the...

CVE-2025-11029

A weakness has been identified in givanz Vvveb up to 1.0.7.2. This vulnerability affects unknown code. Executing manipulation can lead to cross-site request forgery. The attack can be executed remotely. The exploit has been made available to the public and could be exploited. Once again the proje...

Linux Distros Unpatched Vulnerability : CVE-2020-11029

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In affected versions of WordPress, a vulnerability in the stats method of class-wp-object-cache.php can be exploited to execute cross-site scripting XSS attacks...

Fedora: Security Advisory (FEDORA-2025-b21777d1b5)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora 41 : freeipa (2025-b21777d1b5)

The remote Fedora 41 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2025-b21777d1b5 advisory. CVE-2024-11029 Release note: https://www.freeipa.org/release-notes/4-12-3.html Tenable has extracted the preceding description block directly from the Fedora...

Fedora: Security Advisory (FEDORA-2025-6baf694c75)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora 40 : freeipa (2025-6baf694c75)

The remote Fedora 40 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2025-6baf694c75 advisory. CVE-2024-11029 Release note: https://www.freeipa.org/release-notes/4-12-3.html Tenable has extracted the preceding description block directly from the Fedora...

AlmaLinux 9 : ipa (ALSA-2025:0334)

The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2025:0334 advisory. freeipa: Administrative user data leaked through systemd journal CVE-2024-11029 Tenable has extracted the preceding description block directly from the AlmaLinux...

Oracle Linux 9 : ipa (ELSA-2025-0334)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-0334 advisory. 4.12.2-1.0.1.3 - Set IPAPLATFORM=rhel when build on Oracle Linux Orabug: 29516674 - Add bind to ipa-server-common Requires Orabug: 36518596 4.12.2-1.3 - Resolve...

CVE-2024-11029

A flaw was found in the FreeIPA API audit, where it sends the whole FreeIPA command line to journalctl. As a consequence, during the FreeIPA installation process, it inadvertently leaks the administrative user credentials, including the administrator password, to the journal database. In the...

CVE-2024-11029

A flaw was found in the FreeIPA API audit, where it sends the whole FreeIPA command line to journalctl. As a consequence, during the FreeIPA installation process, it inadvertently leaks the administrative user credentials, including the administrator password, to the journal database. In the...

CVE-2024-11029 Freeipa: administrative user data leaked through systemd journal

A flaw was found in the FreeIPA API audit, where it sends the whole FreeIPA command line to journalctl. As a consequence, during the FreeIPA installation process, it inadvertently leaks the administrative user credentials, including the administrator password, to the journal database. In the...

CVE-2024-11029 Freeipa: administrative user data leaked through systemd journal

A flaw was found in the FreeIPA API audit, where it sends the whole FreeIPA command line to journalctl. As a consequence, during the FreeIPA installation process, it inadvertently leaks the administrative user credentials, including the administrator password, to the journal database. In the...

RHEL 9 : ipa (RHSA-2025:0334)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:0334 advisory. Red Hat Identity Management IdM is a centralized authentication, identity management, and authorization solution for both traditional and cloud-based...

ALSA-2025:0334 Moderate: ipa security update

AlmaLinux Identity Management IdM is a centralized authentication, identity management, and authorization solution for both traditional and cloud-based enterprise environments. Security Fixes: freeipa: Administrative user data leaked through systemd journal CVE-2024-11029 For more details about t...

JVN#83440451: Multiple Safie products vulnerable to improper server certificate verification

Multiple Safie products are vulnerable to improper server certificate verification CWE-295. The product can be operated via port 11029/TCP and Bluetooth, and its communications are AES encrypted. The product user can obtain the encryption key from the cloud server based on the device-specific...

Debian: Security Advisory (DLA-2208-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] [DLA 2208-1] wordpress security update

Package : wordpress Version : 4.1.30+dfsg-0+deb8u1 CVE ID : CVE-2020-11026 CVE-2020-11027 CVE-2020-11028 CVE-2020-11029 Debian Bug : 959391 Multiple CVEs were discovered in the src:wordpress package. CVE-2020-11026 Files with a specially crafted name when uploaded to the Media section can lead to...

CVE-2020-11029

In affected versions of WordPress, a vulnerability in the stats method of class-wp-object-cache.php can be exploited to execute cross-site scripting XSS attacks. This has been patched in version 5.4.1, along with all the previously affected versions via a minor release 5.3.3, 5.2.6, 5.1.5, 5.0.9,...

CVE-2020-11029

CVE-2020-11029 affects WordPress; vulnerability in the stats() method of class-wp-object-cache.php allows cross-site scripting (XSS). Affected versions include 3.7.x through 5.3.x (and earlier releases) with a patch in WordPress 5.4.1 and via 5.3.3, 5.2.6, 5.1.5, 5.0.9, 4.9.14, 4.8.13, 4.7.17, 4....