IBM Cloud App Management Cross-Site Request Forgery Vulnerability

IBM Cloud App Management is a set of infrastructure monitoring solutions based on microservices architecture from IBM, USA. The product is able to provide application-aware and infrastructure monitoring, analytics and more. A cross-site request forgery vulnerability exists in IBM Cloud App...

IBM Cloud App Management Information Disclosure Vulnerability

IBM Cloud App Management is a set of infrastructure monitoring solutions based on microservices architecture from IBM, USA. The product is able to provide application-aware and infrastructure monitoring, analytics and more. An information disclosure vulnerability exists in IBM Cloud App Managemen...

Information disclosure

IBM Cloud App Management 2019.3.0 and 2019.4.0 reveals a stack trace on certain API requests which can allow an attacker further information about the implementation of the offering. IBM X-Force ID: 173311...

CVE-2019-4751

CVE-2019-4751 affects IBM Cloud App Management 2019.3.0 and 2019.4.0, where API requests reveal a stack trace that can disclose implementation details. This is an information-disclosure vulnerability stemming from stack traces exposed by the service. Affected versions: IBM Cloud App Management V2...

FreeBSD : puppetserver and puppetdb -- Puppet Server and PuppetDB may leak sensitive information via metrics API (36def7ba-6d2b-11ea-b115-643150d3111d)

Puppetlabs reports : Puppet Server and PuppetDB provide useful performance and debugging information via their metrics API endpoints. For PuppetDB this may contain things like hostnames. Puppet Server reports resource names and titles for defined types which may contain sensitive information as...

puppetserver and puppetdb -- Puppet Server and PuppetDB may leak sensitive information via metrics API

Puppetlabs reports: Puppet Server and PuppetDB provide useful performance and debugging information via their metrics API endpoints. For PuppetDB this may contain things like hostnames. Puppet Server reports resource names and titles for defined types which may contain sensitive information as we...

Security Bulletin: Multiple vulnerabilities of Mozzila Firefox (less than Firefox 68.3 ESR) have affected Synthetic Playback Agent 8.1.4.0 - 8.1.4 IF10 + ICAM 3.0 - 4.0

Summary Synthetic Playback Agent has addressed the following vulnerabilities: CVE-2019-17010, CVE-2019-17008, CVE-2019-17012 Vulnerability Details CVEID: CVE-2019-17010 DESCRIPTION: Mozilla Firefox could allow a remote attacker to execute arbitrary code on the system, caused by a use-after-free...

CVE-2019-14525

In Octopus Deploy 2019.4.0 through 2019.6.x before 2019.6.6, and 2019.7.x before 2019.7.6, an authenticated system administrator is able to view sensitive values by visiting a server configuration page or making an API call...