44 matches found
CVE-2022-43916 IBM App Connect Enterprise Certified Container improper communications restriction
IBM App Connect Enterprise Certified Container 7.1, 7.2, 8.0, 8.1, 8.2, 9.0, 9.1, 9.2, 10.0, 10.1, 11.0, 11.1, 11.2, 11.3, 11.4, 11.5, 11.6, 12.0, 12.1, 12.2, 12.3, 12.4, 12.5, 12.6, and 12.7 Pods do not restrict network egress for Pods that are used for internal infrastructure...
PT-2025-1368 · Ibm · Ibm App Connect Enterprise Certified Container
Name of the Vulnerable Software and Affected Versions: IBM App Connect Enterprise Certified Container versions 7.1 through 12.7 Description: The issue concerns the IBM App Connect Enterprise Certified Container, where Pods used for internal infrastructure do not restrict network egress. This coul...
IBM App Connect Enterprise Certified Container 安全漏洞
IBM App Connect Enterprise Certified Container is an image based on the IBM App Connect Enterprise software product from International Business Machines IBM. The package is provided as an executable file that can be deployed and run in a containerized environment. A security vulnerability exists ...
Kali Linux 2023.4 - Penetration Testing and Ethical Hacking Linux Distribution
Time for another Kali Linux release! – Kali Linux 2023.4. This release has various impressive updates. The summary of the changelog since the 2023.3 release from August is: Cloud ARM64 - Now marketplaces on Amazon AWS and Microsoft Azure have ARM64 option Vagrant Hyper-V - Our Vagrant offering...
Kali Linux 2023.3 - Penetration Testing and Ethical Hacking Linux Distribution
Time for another Kali Linux release! – Kali Linux 2023.3. This release has various impressive updates. The highlights of the changelog since the 2023.2 release from May: Internal Infrastructure - Major stack changes is under way Kali Autopilot - The automation attack framework has had an major...
SUSE CVE-2021-21273
Synapse is a Matrix reference homeserver written in python pypi package matrix-synapse. Matrix is an ecosystem for open federated Instant Messaging and VoIP. In Synapse before version 1.25.0, requests to user provided domains were not restricted to external IP addresses when calculating the key...
SUSE CVE-2021-21392
Synapse is a Matrix reference homeserver written in python pypi package matrix-synapse. Matrix is an ecosystem for open federated Instant Messaging and VoIP. In Synapse before version 1.28.0 requests to user provided domains were not restricted to external IP addresses when transitional IPv6...
CVE-2022-29564
Jamf Private Access before 2022-05-16 has Incorrect Access Control, in which an unauthorized user can reach a system in the internal infrastructure, aka WND-44801...
CVE-2022-29564
Jamf Private Access before 2022-05-16 has Incorrect Access Control, in which an unauthorized user can reach a system in the internal infrastructure, aka WND-44801...
Design/Logic Flaw
Jamf Private Access before 2022-05-16 has Incorrect Access Control, in which an unauthorized user can reach a system in the internal infrastructure, aka WND-44801...
CVE-2022-29564
Jamf Private Access before 2022-05-16 has Incorrect Access Control, in which an unauthorized user can reach a system in the internal infrastructure, aka WND-44801...
CVE-2021-20025: SonicWall Email Security Appliance Backdoor Credential
The virtual, on-premises version of the SonicWall Email Security Appliance ships with an undocumented, static credential, which can be used by an attacker to gain root privileges on the device. This is an instance of CWE-798: Use of Hard-coded Credentials, and has an estimated CVSSv3 score of 9.1...
Open redirect via transitional IPv6 addresses on dual-stack networks
Impact Requests to user provided domains were not restricted to external IP addresses when transitional IPv6 addresses were used. Outbound requests to federation, identity servers, when calculating the key validity for third-party invite events, sending push notifications, and generating URL...
DEBIAN-CVE-2021-21392
Synapse is a Matrix reference homeserver written in python pypi package matrix-synapse. Matrix is an ecosystem for open federated Instant Messaging and VoIP. In Synapse before version 1.28.0 requests to user provided domains were not restricted to external IP addresses when transitional IPv6...
PYSEC-2021-25
Synapse is a Matrix reference homeserver written in python pypi package matrix-synapse. Matrix is an ecosystem for open federated Instant Messaging and VoIP. In Synapse before version 1.28.0 requests to user provided domains were not restricted to external IP addresses when transitional IPv6...
Insecure Access Controls
matrix-synapse is vulnerable to authorization bypass. Requests to user provided domains were not restricted to external IP addresses when calculating the key validity for third-party invite events and sending push notifications, potentially resulting in Synapse to make requests to the internal...
DEBIAN-CVE-2021-21273
Synapse is a Matrix reference homeserver written in python pypi package matrix-synapse. Matrix is an ecosystem for open federated Instant Messaging and VoIP. In Synapse before version 1.25.0, requests to user provided domains were not restricted to external IP addresses when calculating the key...
CVE-2021-21273
Synapse is a Matrix reference homeserver written in python pypi package matrix-synapse. Matrix is an ecosystem for open federated Instant Messaging and VoIP. In Synapse before version 1.25.0, requests to user provided domains were not restricted to external IP addresses when calculating the key...
CVE-2021-21273
Synapse (matrix-synapse, Python/pypi) contains a vulnerability in versions before 1.25.0 where requests to user-provided domains were not restricted to external IPs when computing the key validity for third-party invite events and push notifications. This could allow requests to internal infrastr...
Server-Side Request Forgery (SSRF)
Overview Affected versions of this package are vulnerable to Server-Side Request Forgery SSRF via the download feature. This allows attackers to provide DNS entries or IP addresses that are intended for internal use and gather information about the Intranet infrastructure of the platform...