28 matches found
SAP Netweaver 授权问题漏洞
SAP Netweaver is the German SAP SAP company's set of service-oriented integrated application platform. The platform provides a development and runtime environment for SAP applications. An authorization issue vulnerability exists in SAP Netweaver AS JAVA P2P Cluster Communication versions 7.11,...
CVE-2020-3556
A vulnerability in the interprocess communication IPC channel of Cisco AnyConnect Secure Mobility Client Software could allow an authenticated, local attacker to cause a targeted AnyConnect user to execute a malicious script. The vulnerability is due to a lack of authentication to the IPC listene...
LPG Gas Company Leaked Details, Aadhaar Numbers of 6.7 Million Indian Customers
Why would someone bother to hack a so-called "ultra-secure encrypted database that is being protected behind 13 feet high and 5 feet thick walls," when one can simply fetch a copy of the same data from other sources. French security researcher Baptiste Robert, who goes by the pseudonym "Elliot...
GHSA-W4R4-65MG-45X2 org.apache.spark:spark-core_2.10 and org.apache.spark:spark-core_2.11 Improper Authentication vulnerability
From version 1.3.0 onward, Apache Spark's standalone master exposes a REST API for job submission, in addition to the submission mechanism used by spark-submit. In standalone, the config property 'spark.authenticate.secret' establishes a shared secret for authenticating requests to submit jobs vi...
openSUSE Security Update : gnutls (openSUSE-SU-2010:1025-1)
The SSL-renegotiation 'authentication gap' has been fixed in gnutls. CVE-2009-3555 has been assigned to this issue. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update gnutls-3388. The text...
SuSE9 Security Update : GnuTLS (YOU Patch Number 12705)
The SSL-renegotiation 'authentication gap' has been fixed in GnuTLS. CVE-2009-3555 Also a integer size issue was fixed which lead to incorrectly accepted certificates. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description of this plugin is C Novell, Inc...
SuSE 10 Security Update : GnuTLS (ZYPP Patch Number 7299)
The SSL-renegotiation 'authentication gap' has been fixed in GnuTLS. CVE-2009-3555 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description of this plugin is C Novell, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; if description scriptid51748; scriptversion"1.11";...
SuSE 11 / 11.1 Security Update : GnuTLS (SAT Patch Numbers 3650 / 3651)
The SSL-renegotiation 'authentication gap' has been fixed in GnuTLS. CVE-2009-3555 has been assigned to this issue. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from SuSE 11 update information. The text itself is...