4200 matches found
CLSA-2024-1722527236 Fix CVE(s): CVE-2021-3733
SECURITY UPDATE: Regular Expression Denial of Service - debian/patches/CVE-2021-3733.patch: Fix ReDoS vulnerability in AbstractBasicAuthHandler class of Lib/urllib2.py - CVE-2021-3733...
CVE-2024-41693
Mashov - CWE-80: Improper Neutralization of Script-Related HTML Tags in a Web Page Basic XSS...
CVE-2024-41693
Mashov (an Israeli instructional management system) has a Cross-Site Scripting (XSS) flaw: CWE-80 due to improper neutralization of script-related HTML tags in web pages. The CVE-2024-41693 entry notes a basic XSS risk with CVSSv3.1 base score 6.1 (NETWORK, UI required, no privileges, changed sco...
CVE-2024-41693 Mashov - CWE-80: Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS)
Mashov - CWE-80: Improper Neutralization of Script-Related HTML Tags in a Web Page Basic XSS...
CVE-2024-41693 Mashov - CWE-80: Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS)
Mashov - CWE-80: Improper Neutralization of Script-Related HTML Tags in a Web Page Basic XSS...
DEBIAN-CVE-2024-42111
In the Linux kernel, the following vulnerability has been resolved: btrfs: always do the basic checks for btrfsqgroupinherit structure BUG Syzbot reports the following regression detected by KASAN: BUG: KASAN: slab-out-of-bounds in btrfsqgroupinherit+0x42e/0x2e20 fs/btrfs/qgroup.c:3277 Read of si...
CVE-2024-42111
In the Linux kernel, the following vulnerability has been resolved: btrfs: always do the basic checks for btrfsqgroupinherit structure BUG Syzbot reports the following regression detected by KASAN: BUG: KASAN: slab-out-of-bounds in btrfsqgroupinherit+0x42e/0x2e20 fs/btrfs/qgroup.c:3277 Read of si...
Malicious code in hello-world-installer-test (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 aef5897e3e41898c7d14d6acf00254f63adbd159b1a9cc9adba26603edee668c Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
Malicious code in manoj3121pip (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 ca36f3207b39f83d096054f521bd3dbbedf899c5f9d9e0fa494b6c216b56d481 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
CVE-2024-40636 Basic Auth Credential Leakage to Logs After Fetch Registry Error in Steeltoe.Discovery.Eureka with Peer Awareness
Steeltoe is an open source project that provides a collection of libraries that helps users build production-grade cloud-native applications using externalized configuration, service discovery, distributed tracing, application management, and more. When utilizing multiple Eureka server service UR...
CVE-2024-40636 Basic Auth Credential Leakage to Logs After Fetch Registry Error in Steeltoe.Discovery.Eureka with Peer Awareness
Steeltoe is an open source project that provides a collection of libraries that helps users build production-grade cloud-native applications using externalized configuration, service discovery, distributed tracing, application management, and more. When utilizing multiple Eureka server service UR...
CVE-2024-40636 Basic Auth Credential Leakage to Logs After Fetch Registry Error in Steeltoe.Discovery.Eureka with Peer Awareness
Steeltoe is an open source project that provides a collection of libraries that helps users build production-grade cloud-native applications using externalized configuration, service discovery, distributed tracing, application management, and more. When utilizing multiple Eureka server service UR...
Insertion of Sensitive Information into Log File
Overview Affected versions of this package are vulnerable to Insertion of Sensitive Information into Log File when utilizing multiple Eureka server service URLs with basic auth and encountering an issue with fetching the service registry. An attacker can gain access to credentials by examining th...
Insertion of Sensitive Information into Log File
Overview Affected versions of this package are vulnerable to Insertion of Sensitive Information into Log File when utilizing multiple Eureka server service URLs with basic auth and encountering an issue with fetching the service registry. An attacker can gain access to credentials by examining th...
Insertion of Sensitive Information into Log File
Overview Affected versions of this package are vulnerable to Insertion of Sensitive Information into Log File when utilizing multiple Eureka server service URLs with basic auth and encountering an issue with fetching the service registry. An attacker can gain access to credentials by examining th...
CVE-2024-6435
A privilege escalation vulnerability exists in the affected products which could allow a malicious user with basic privileges to access functions which should only be available to users with administrative level privileges. If exploited, an attacker could read sensitive data, and create users. Fo...
CVE-2024-6435
A privilege escalation vulnerability exists in the affected products which could allow a malicious user with basic privileges to access functions which should only be available to users with administrative level privileges. If exploited, an attacker could read sensitive data, and create users. Fo...
Void Banshee APT Exploits Microsoft MHTML Flaw to Spread Atlantida Stealer
An advanced persistent threat APT group called Void Banshee has been observed exploiting a recently disclosed security flaw in the Microsoft MHTML browser engine as a zero-day to deliver an information stealer called Atlantida. Cybersecurity firm Trend Micro, which observed the activity in mid-Ma...
PT-2024-37624 · Rockwell Automation · Pavilion8
Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided descriptions. Description: A privilege escalation issue exists in the affected products, allowing a malicious user with basic privileges to access functions that should only be...
Xenserver Configuration: Comprehensive Guide
Introduction This article will direct you to resources that provide guidance on configuring basic pools for XenServer Top Knowledge Content Basic Configuration guide for a XenServer Pool CTX128391 - How to Remove a Server from a XenServer Pool that Contains Only One Host CTX216127 - How to change...