1072 matches found
CVE-2023-31459
A vulnerability in the Connect Mobility Router component of Mitel MiVoice Connect versions 9.6.2208.101 and earlier could allow an unauthenticated attacker with internal network access to authenticate with administrative privileges, because the initial installation does not enforce a password...
CVE-2023-31459
A vulnerability in the Connect Mobility Router component of Mitel MiVoice Connect versions 9.6.2208.101 and earlier could allow an unauthenticated attacker with internal network access to authenticate with administrative privileges, because the initial installation does not enforce a password...
CVE-2023-31458
Summary of CVE-2023-31458 (Mitel MiVoice Connect Edge Gateway) : The Edge Gateway component in MiVoice Connect versions 19.3 SP2 (22.24.1500.0) and earlier allows an unauthenticated attacker with internal network access to authenticate with administrative privileges because the initial installati...
CVE-2023-31459
CVE-2023-31459 affects Mitel MiVoice Connect’s Connect Mobility Router component, in versions 9.6.2208.101 and earlier. The root cause is that initial installation does not enforce a password change, allowing an unauthenticated attacker with internal network access to authenticate with administra...
USN-6073-9: os-brick regression
USN-6073-4 fixed a vulnerability in os-brick. Unfortunately the update introduced a regression with detaching volumes. The security fix has been removed pending further investigation. We apologize for the inconvenience. Original advisory details: Jan Wasilewski and Gorka Eguileor discovered that...
USN-6073-8: Nova regression
USN-6073-3 fixed a vulnerability in Nova. Unfortunately the update introduced a regression with detaching volumes. The security fix has been removed pending further investigation. We apologize for the inconvenience. Original advisory details: Jan Wasilewski and Gorka Eguileor discovered that Nova...
USN-6073-6: Cinder regression
USN-6073-1 fixed a vulnerability in Cinder. Unfortunately the update introduced a regression with detaching volumes. The security fix has been removed pending further investigation. We apologize for the inconvenience. Original advisory details: Jan Wasilewski and Gorka Eguileor discovered that...
CVE-2022-47320
The iBoot device’s basic discovery protocol assists in initial device configuration. The discovery protocol shows basic information about devices on the network and allows users to perform configuration changes...
CVE-2022-47320
The iBoot device’s basic discovery protocol assists in initial device configuration. The discovery protocol shows basic information about devices on the network and allows users to perform configuration changes...
CVE-2022-47320 CVE-2022-47320
The iBoot device’s basic discovery protocol assists in initial device configuration. The discovery protocol shows basic information about devices on the network and allows users to perform configuration changes...
CVE-2022-47320 CVE-2022-47320
The iBoot device’s basic discovery protocol assists in initial device configuration. The discovery protocol shows basic information about devices on the network and allows users to perform configuration changes...
PT-2023-15239 · Apple · Iboot
Name of the Vulnerable Software and Affected Versions: iBoot affected versions not specified Description: The issue concerns the iBoot device's basic discovery protocol, which is used for initial device configuration. This protocol displays basic information about devices on the network and allow...
USN-6073-5: Nova regression
USN-6073-3 fixed a vulnerability in Nova. The update introduced a regression causing Nova to be unable to detach volumes from instances. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Jan Wasilewski and Gorka Eguileor discovered that Nova incorrectly...
Ubuntu: Security Advisory (USN-6073-3)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
USN-6073-4: os-brick vulnerability
Jan Wasilewski and Gorka Eguileor discovered that os-brick incorrectly handled deleted volume attachments. An authenticated user or attacker could possibly use this issue to gain access to sensitive information. This update may require configuration changes to be completely effective, please see...
USN-6073-3: Nova vulnerability
Jan Wasilewski and Gorka Eguileor discovered that Nova incorrectly handled deleted volume attachments. An authenticated user or attacker could possibly use this issue to gain access to sensitive information. This update may require configuration changes to be completely effective, please see the...
USN-6073-2 python-glance-store vulnerability
Jan Wasilewski and Gorka Eguileor discovered that Glancestore incorrectly handled deleted volume attachments. An authenticated user or attacker could possibly use this issue to gain access to sensitive information. This update may require configuration changes to be completely effective, please s...
USN-6073-1: Cinder vulnerability
Jan Wasilewski and Gorka Eguileor discovered that Cinder incorrectly handled deleted volume attachments. An authenticated user or attacker could possibly use this issue to gain access to sensitive information. This update may require configuration changes to be completely effective, please see th...
Access bypass in Drupal core
The file download facility doesn't sufficiently sanitize file paths in certain situations. This may result in users gaining access to private files that they should not have access to. Some sites may require configuration changes following this security release. Review the release notes for your...
GHSA-8849-CV9F-VCCM Access bypass in Drupal core
The file download facility doesn't sufficiently sanitize file paths in certain situations. This may result in users gaining access to private files that they should not have access to. Some sites may require configuration changes following this security release. Review the release notes for your...