3787 matches found
CVE-2023-37948
Jenkins Oracle Cloud Infrastructure Compute Plugin 1.0.16 and earlier does not validate SSH host keys when connecting OCI clouds, enabling man-in-the-middle attacks...
CVE-2023-37948
CVE-2023-37948 affects the Jenkins Oracle Cloud Infrastructure Compute Plugin (versions up to 1.0.16). The root cause is missing SSH host key validation when connecting to OCI clouds, enabling potential man-in-the-middle attacks. Impact is limited to the plugin’s inability to validate host keys; ...
CVE-2023-37948
Jenkins Oracle Cloud Infrastructure Compute Plugin 1.0.16 and earlier does not validate SSH host keys when connecting OCI clouds, enabling man-in-the-middle attacks...
PT-2023-26195 · Oracle +1 · Jenkins Oracle Cloud Infrastructure Compute Classic Plugin +1
Name of the Vulnerable Software and Affected Versions: Jenkins Oracle Cloud Infrastructure Compute Plugin versions 1.0.16 and earlier Description: The issue concerns the lack of SSH host key validation when connecting to OCI clouds, which could enable man-in-the-middle attacks. This allows for th...
Jenkins Plugin Oracle Cloud Infrastructure Compute 输入验证错误漏洞
Jenkins and Jenkins Plugin are both Jenkins open source products.Jenkins is a software application . An open source automation server Jenkins provides hundreds of plugins to support building, deploying, and automating any project.Jenkins Plugin is a software application. Jenkins Plugin Oracle Clo...
Intel® NUC Laptop Kit Advisory
Summary: Potential security vulnerabilities in some Intel® NUC Laptop Kits may allow escalation of privilege. Intel is releasing firmware updates to mitigate these potential vulnerabilities. Vulnerability Details: CVEID: CVE-2022-28858 Description: Improper buffer restriction in the firmware for...
Virtuozzo Hybrid Infrastructure 5.4 Update 3 (5.4.3-100)
In this release, Virtuozzo Hybrid Infrastructure provides a range of new features that cover core storage, the system configuration, updates, documentation, and the compute services. Additionally, this release delivers stability improvements and addresses issues found in previous releases...
Virtuozzo Hybrid Infrastructure 5.4 Update 2 Hotfix 1 (5.4.2-66)
This update provides important improvements for the core storage and compute services. Vulnerability id: VSTOR-69329 The compute networking service may get stuck after an update to version 5.4 Update 2. Vulnerability id: VSTOR-66925, VSTOR-68759, VSTOR-69819 Important stability improvements...
CVE-2023-34111
The Release PR Merged workflow in the github repo taosdata/grafanaplugin is subject to a command injection vulnerability which allows for arbitrary code execution within the github action context due to the insecure usage of $ github.event.pullrequest.title in a bash command within the GitHub...
Command injection
The Release PR Merged workflow in the github repo taosdata/grafanaplugin is subject to a command injection vulnerability which allows for arbitrary code execution within the github action context due to the insecure usage of $ github.event.pullrequest.title in a bash command within the GitHub...
CVE-2023-34111
The Release PR Merged workflow in the github repo taosdata/grafanaplugin is subject to a command injection vulnerability which allows for arbitrary code execution within the github action context due to the insecure usage of $ github.event.pullrequest.title in a bash command within the GitHub...
PT-2023-3692 · Hitachi · Hitachi Device Manager +4
Name of the Vulnerable Software and Affected Versions: Hitachi Device Manager versions prior to 8.8.5-02 Hitachi Tiered Storage Manager versions prior to 8.8.5-02 Hitachi Replication Manager versions prior to 8.8.5-02 Hitachi Tuning Manager versions prior to 8.8.5-02 Hitachi Compute Systems Manag...
Unleash Spring apps in a flex environment with Azure Spring Apps Consumption and Dedicated plans
In March, we introduced the Consumption pricing plan for Azure Spring Apps allowing you to start from zero and scale to zero vCPU. Today, we are thrilled to announce the public preview of the Standard Dedicated plan! The Standard Dedicated plan provides a fully managed, dedicated environment for...
freeradius: Information leakage in EAP-PWD
In freeradius, the EAP-PWD function computepasswordelement leaks information about the password which allows an attacker to substantially reduce the size of an offline dictionary attack...
USN-6073-5: Nova regression
USN-6073-3 fixed a vulnerability in Nova. The update introduced a regression causing Nova to be unable to detach volumes from instances. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Jan Wasilewski and Gorka Eguileor discovered that Nova incorrectly...
USN-6073-3: Nova vulnerability
Jan Wasilewski and Gorka Eguileor discovered that Nova incorrectly handled deleted volume attachments. An authenticated user or attacker could possibly use this issue to gain access to sensitive information. This update may require configuration changes to be completely effective, please see the...
CVE-2022-36339
Improper input validation in firmware for IntelR NUC 8 Compute Element, IntelR NUC 11 Compute Element, IntelR NUC 12 Compute Element may allow a privileged user to enable escalation of privilege via local access...
CVE-2022-32582
Improper access control in firmware for some IntelR NUC Boards, IntelR NUC 11 Performance Kit, IntelR NUC 11 Performance Mini PC, IntelR NUC Pro Compute Element may allow a privileged user to potentially enable denial of service via local access...
Input validation
Improper input validation in BIOS firmware for some IntelR NUC 9 Extreme Laptop Kits, IntelR NUC Performance Kits, IntelR NUC Performance Mini PC, IntelR NUC 8 Compute Element, IntelR NUC Pro Kit, IntelR NUC Pro Board, and IntelR NUC Compute Element may allow a privileged user to potentially enab...
Virtuozzo Hybrid Infrastructure 5.4 Update 2 (5.4.2-58)
In this release, Virtuozzo Hybrid Infrastructure provides a range of new features that cover the compute services, core and object storage, integrations, monitoring and alerts. Additionally, this release delivers stability improvements and addresses issues found in previous releases. Vulnerabilit...