EUVD-2017-9770

Malware in sbrugna...

EUVD-2015-8285

Malware in sbrugna...

SUSE CVE-2025-8285

Mattermost Confluence Plugin version 1.5.0 fails to check the access of the user to the channel which allows attackers to create channel subscription without proper access to the channel via API call to the create channel subscription endpoint...

MAL-2025-8285 Malicious code in @landmineaknpm2/officiis-iure-facilis (npm)

The package @landmineaknpm2/officiis-iure-facilis was found to contain malicious code...

CVE-2025-8285

creationtimestamp| type| source ---|---|--- 2025-08-11 19:18:18+00:00| seen| https://infosec.exchange/users/cR0w/statuses/115011741088255294...

Moderate: Red Hat Security Advisory: Streams for Apache Kafka 2.8.0 release and security update

Streams for Apache Kafka 2.8.0 is now available from the Red Hat Customer Portal. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

CVE-2024-8285

creationtimestamp| type| source ---|---|--- 2024-08-31 00:51:16+00:00| seen| https://t.me/cvedetector/4554...

CVE-2024-8285 Kroxylicious: missing upstream kafka tls hostname verification

A flaw was found in Kroxylicious. When establishing the connection with the upstream Kafka server using a TLS secured connection, Kroxylicious fails to properly verify the server's hostname, resulting in an insecure connection. For a successful attack to be performed, the attacker needs to perfor...

CVE-2024-8285

A flaw was found in Kroxylicious. When establishing the connection with the upstream Kafka server using a TLS secured connection, Kroxylicious fails to properly verify the server's hostname, resulting in an insecure connection. For a successful attack to be performed, the attacker needs to perfor...

Puppet Agent < 7.1.0 Vulnerability

On December 9, 2020, curl published security updates addressing CVE-2020-8284, CVE-2020-8285, and CVE-2020-8286. Previous releases of Puppet Agent contain a vulnerable version of curl. For more information about this vulnerability, refer to the security announcement. Note that Nessus has not test...

Siemens SINEC INS

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: SINEC INS Vulnerability: Using Components with Known Vulnerabilities 2. RISK EVALUATION Successful exploitation of this vulnerability in third-party components could allow an attacker...

F5 Networks BIG-IP : cURL vulnerability (K61186963)

The version of F5 Networks BIG-IP installed on the remote host is prior to 17.1.3 / 17.5.1.1. It is, therefore, affected by a vulnerability as referenced in the K61186963 advisory. curl 7.21.0 to and including 7.73.0 is vulnerable to uncontrolled recursion due to a stack overflow issue in FTP...

Juniper Junos OS Multiple Vulnerabilities (JSA11207)

The version of Junos OS installed on the remote host is affected by multiple vulnerabilities as referenced in the JSA11207 advisory. - A malicious server can use the FTP PASV response to trick curl 7.73.0 and earlier into connecting back to a given IP address and port, and this way potentially ma...

EulerOS Virtualization 3.0.2.2 : curl (EulerOS-SA-2021-2132)

According to the versions of the curl packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - Due to use of a dangling pointer, libcurl 7.29.0 through 7.71.1 can use the wrong connection when sending data.CVE-2020-8231 - curl...

Important: Red Hat Security Advisory: Red Hat JBoss Core Services Apache HTTP Server 2.4.37 SP8 security update

Updated packages that provide Red Hat JBoss Core Services Pack Apache Server 2.4.37 and fix several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 7 and Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of...

Important: Red Hat Security Advisory: Red Hat JBoss Core Services Apache HTTP Server 2.4.37 SP8 security update

Red Hat JBoss Core Services Pack Apache Server 2.4.37 Service Pack 8 zip release for RHEL 7, RHEL 8 and Microsoft Windows is available. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a...

RHEL 7 / 8 : Red Hat JBoss Core Services Apache HTTP Server 2.4.37 SP8 (RHSA-2021:2472)

The remote Redhat Enterprise Linux 7 / 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:2472 advisory. This release adds the new Apache HTTP Server 2.4.37 Service Pack 8 packages that are part of the JBoss Core Services offering. This...

SUSE: Security Advisory (SUSE-SU-2020:14585-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2021:1786-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Security Bulletin: cURL libcurl vulnerabilites impacting Aspera High-Speed Transfer Server and Aspera High-Speed Transfer Endpoint 4.0 and earlier (CVE-2020-8284, CVE-2020-8286, CVE-2020-8285)

Summary The cURL libcurl vulnerabilities CVE-2020-8284, CVE-2020-8286 and CVE-2020-8285 impacts Aspera High-Speed Transfer Server and Aspera High-Speed Transfer Endpoint 4.0.0 and earlier. The fix is delivered in Aspera High-Speed Transfer Server and Aspera High-Speed Transfer Endpoint 4.1.0...