SUSE: Security Advisory (SUSE-SU-2020:0836-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Security Bulletin: Vulnerabilities in IBM Java SE affect IBM InfoSphere Identity Insight (CVE-2020-14782)

Summary In the Java used in IBM InfoSphere Identity Insight 9.0 and 9.1, an unspecified vulnerability related to the Libraries component could allow an unauthenticated attacker to cause low integrity impact. This vulnerability has no confidentiality impact or availability impact. Vulnerability...

SSL/TLS: BREACH attack against HTTP compression

SSL/TLS connections are vulnerable to the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.117414"...

What’s New in InsightVM: Q1 2021 in Review

Are you ready to return to the office? At many companies around the world, plans are being put into place for a phased workforce return to physical offices. With big moves come big changes, which inevitably reveal new vulnerabilities. For many across the security landscape, it’s as if hundreds of...

SUSE: Security Advisory (SUSE-SU-2017:3048-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2018:1076-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2016:2248-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2019:3092-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2015:0281-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2016:2387-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

openSUSE: Security Advisory for open-iscsi (openSUSE-SU-2021:0089-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Security Bulletin: Vulnerabilities in IBM Java SDK affect IBM InfoSphere Identity Insight (CVE-2020-27221)

Summary Eclipse OpenJ9 used as part of IBM InfoSphere Identity Insight running on Linux or AIX is vulnerable to a stack-based buffer overflow when the virtual machine or JNI natives are converting from UTF-8 characters to platform encoding. By sending an overly long string, a remote attacker coul...

Security Bulletin: IBM Network Performance Insight 1.3.1 was affected by CVE-2020-17516 in Apache Cassandra.

Summary IBM Network Performance Insight 1.3.1 was affected by CVE-2020-17516 in Apache Cassandra. Vulnerability Details CVEID: CVE-2020-17516 DESCRIPTION: Apache Cassandra could allow a remote attacker to bypass security restrictions, caused by not enforcing encryption setting on inbound internod...

Security Bulletin: Network Performance Insight 1.3.1 was affected by jackson-databind vulnerability (CVE-2020-35728)

Summary Network Performance Insight 1.3.1 was affected by jackson-databind vulnerability CVE-2020-35728 Vulnerability Details CVEID: CVE-2020-35728 DESCRIPTION: FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization...

Security Bulletin: IBM Network Performance Insight 1.3.1 was affected by CVE-2021-20190 because using older jackson-databind

Summary IBM Network Performance Insight 1.3.1 was affected by CVE-2021-20190 because using older jackson-databind Vulnerability Details CVEID: CVE-2021-20190 DESCRIPTION: FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe...

HPE Systems Insight Manager RCE (CVE-2020-7200)

Binary data hpesimcve-2020-7200.nbin...

Privilege Context Switching Error in Elasticsearch

Elasticsearch versions before 6.8.13 and 7.9.2 contain a document disclosure flaw when Document or Field Level Security is used. Search queries do not properly preserve security permissions when executing certain complex queries. This could result in the search disclosing the existence of documen...

Trend Micro 2020 Annual Cybersecurity Report

Reviewing the most important cybersecurity stories, issues, and trends that occurred over 2020, this annual report aims to equip security leaders with valuable insight and tools so they can focus on both protecting and enabling the organization...

Web vulnerabilities exploit weekly digest #1. March 8-15th 2021. VMware vCenter and Apache OFBiz RCE.

Welcome to the Wallarm weekly web exploits digest! Since this week, we will publish our weekly digests consists of web exploits with CVSS scores higher than 5. It will be followed by explanations, risks analysis, related stories and news. So, here we go! The most sophisticated and interesting...

Security Bulletin: Netcool Operations Insights - akora_config.json page caching header not set

Summary It was observed that the Netcool Operations Insights akoraconfig.json page caching header was not set in the node server. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section Affected Products and Versions Affected Products| Versions ---|--- Netcoo...