Important: Red Hat Security Advisory: OpenShift Container Platform 4.21 CNF vRAN extras topology aware lifecycle manager update

An update for topology-aware-lifecycle manager is available for Red Hat OpenShift Container Platform 4.21. Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the...

Important: Red Hat Security Advisory: OpenShift Virtualization v4.21 Images

Red Hat OpenShift Virtualization release v4.21 is now available with updates to packages and images that fix several bugs and add enhancements. OpenShift Virtualization is Red Hat's virtualization solution designed for Red Hat OpenShift Container Platform. This advisory contains OpenShift...

Important: Red Hat Security Advisory: RHTAS 1.3.4 - Red Hat Trusted Artifact Signer Release

The 1.3.4 release of Red Hat Trusted Artifact Signer OpenShift Operator. For more details please visit the product documentation at https://access.redhat.com/documentation/en-us/redhattrustedartifactsigner/1.3 The RHTAS Operator can be used with OpenShift Container Platform 4.16, 4.17, 4.18, 4.19...

Important: Red Hat Security Advisory: RHTAS 1.3.4 - Red Hat Trusted Artifact Signer Release

The 1.3.4 release of Red Hat Trusted Artifact Signer OpenShift Operator. For more details please visit the product documentation at https://access.redhat.com/documentation/en-us/redhattrustedartifactsigner/1.3 The RHTAS Operator can be used with OpenShift Container Platform 4.16, 4.17, 4.18, 4.19...

Important: Red Hat Security Advisory: RHTAS 1.3.3 - Red Hat Trusted Artifact Signer Release

The 1.3.3 release of Red Hat Trusted Artifact Signer OpenShift Operator. For more details please visit the product documentation at https://access.redhat.com/documentation/en-us/redhattrustedartifactsigner/1.3 The RHTAS Operator can be used with OpenShift Container Platform 4.16, 4.17, 4.18, 4.19...

Important: Red Hat Security Advisory: RHTAS 1.3.3 - Red Hat Trusted Artifact Signer Release

The 1.3.3 release of Red Hat Trusted Artifact Signer OpenShift Operator. For more details please visit the product documentation at https://access.redhat.com/documentation/en-us/redhattrustedartifactsigner/1.3 The RHTAS Operator can be used with OpenShift Container Platform 4.16, 4.17, 4.18, 4.19...

Important: Red Hat Security Advisory: RHTAS 1.3.3 - Red Hat Trusted Artifact Signer Release

The 1.3.3 release of Red Hat Trusted Artifact Signer OpenShift Operator. For more details please visit the product documentation at https://access.redhat.com/documentation/en-us/redhattrustedartifactsigner/1.3 The RHTAS Operator can be used with OpenShift Container Platform 4.16, 4.17, 4.18, 4.19...

Important: Red Hat Security Advisory: RHTAS 1.3.3 - Red Hat Trusted Artifact Signer Release

The 1.3.3 release of Red Hat Trusted Artifact Signer OpenShift Operator. For more details please visit the product documentation at https://access.redhat.com/documentation/en-us/redhattrustedartifactsigner/1.3 The RHTAS Operator can be used with OpenShift Container Platform 4.16, 4.17, 4.18, 4.19...

CVE-2023-38422

Walchem Intuition 9 firmware versions prior to v4.21 are missing authentication for some of the API routes of the management web server. This could allow an attacker to download and export sensitive data...

BoxBilling 跨站脚本漏洞

BoxBilling is open source billing and customer management software for BoxBilling individual developers. A cross-site scripting vulnerability exists in BoxBilling versions 4.19,4.19.1,4.20,4.21, which stems from arbitrary code that can be run via a form for submitting a new ticket. An attacker ca...

CVE-2020-23647

CVE-2020-23647 is a documented XSS vulnerability affecting BoxBilling versions 4.19, 4.19.1, 4.20, and 4.21. The issue arises from the message field on the “submit new ticket” form, allowing remote attackers to execute arbitrary code in some contexts. The available connected sources consistently ...

CKEditor 4.x < 4.21 XSS Vulnerability - Linux

CKEditor 4 is prone to a cross-site scripting XSS vulnerability. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

CKEditor 4.x < 4.21 XSS Vulnerability - Windows

CKEditor 4 is prone to a cross-site scripting XSS vulnerability. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

CVE-2022-1941

CVE-2022-1941 affects Protocol Buffers parsing for protobuf-cpp and protobuf-python, causing out-of-memory and DoS on parsing malformed MessageSet inputs. Affected versions include protobuf-cpp up to 3.16.1, 3.17.3, 3.18.2, 3.19.4, 3.20.1, 3.21.5 and protobuf-python up to 4.21.5, with 3.16/3.17 n...

Eclipse Equinox 安全漏洞

Eclipse Equinox is a sub-project of the Eclipse Foundation that provides a certified implementation of the OSGi R4.x core framework specification. versions prior to Eclipse Equinox 4.21 have a security vulnerability that stems from the fact that if a p2 repository with HTTP is used, an attacker...

CVE-2020-15898

In Arista EOS malformed packets can be incorrectly forwarded across VLAN boundaries in one direction. This vulnerability is only susceptible to exploitation by unidirectional traffic ex. UDP and not bidirectional traffic ex. TCP. This affects: EOS 7170 platforms version 4.21.4.1F and below releas...

CVE-2020-15898

In Arista EOS malformed packets can be incorrectly forwarded across VLAN boundaries in one direction. This vulnerability is only susceptible to exploitation by unidirectional traffic ex. UDP and not bidirectional traffic ex. TCP. This affects: EOS 7170 platforms version 4.21.4.1F and below releas...

Arista EOS Security Breach

Arista Networks Arista EOS is a scalable operating system for data centers and cloud network centers from Arista Networks, Inc. Arista EOS builds cloud architectures that scale to hundreds of thousands of compute and storage nodes with management and provisioning capabilities for large-scale jobs...

Security Advisory 0054

Security Advisory 0054 PDF Date: October 7th, 2020 Version: 1.0 Revision | Date | Changes ---|---|--- 1.0 | October 7th, 2020 | Initial Release The CVE-ID tracking this issue is: CVE-2020-15897 CVSSv3.1 Base Score: 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Description This advisory documen...

CVE-2019-14810

A vulnerability has been found in the implementation of the Label Distribution Protocol LDP protocol in EOS. Under race conditions, the LDP agent can establish an LDP session with a malicious peer potentially allowing the possibility of a Denial of Service DoS attack on route updates and in turn...