Huawei HarmonyOS 安全漏洞

Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. A security vulnerability exists in Huawei HarmonyOS, which stems from a configuration flaw in a module. Successful exploitation of the vulnerability could...

CVE-2021-32402

Intelbras Router RF 301K Firmware 1.1.2 is vulnerable to Cross Site Request Forgery CSRF due to lack of validation and insecure configurations in inputs and modules...

Debian DLA-2583-1 : activemq security update

Multiple security issues were discovered in activemq, a message broker built around Java Message Service. CVE-2017-15709 When using the OpenWire protocol in activemq, it was found that certain system details such as the OS and kernel version are exposed as plain text. CVE-2018-11775 TLS hostname...

OESA-2021-1024 p11-kit security update

Provides a way to load and enumerate PKCS11 modules. Provides a standard configuration setup for installing PKCS11 modules in such a way that they're discoverable. Also solves problems with coordinating the use of PKCS11 by different components or libraries living in the same process.\r\n\r\n...

Atlassian Jira Gantt-Chart Information Disclosure Vulnerability

Atlassian Jira is a defect tracking management system from Atlassian Australia. Gantt-Chart is a project management module for tracking and managing all types of issues and defects in the workplace. A security vulnerability exists in Atlassian Jira Gantt-Chart prior to version 5.5.4, which stems...

CVE-2018-18246

Icinga Web 2 before 2.6.2 has CSRF via /icingaweb2/config/moduledisable?name=monitoring to disable the monitoring module, or via /icingaweb2/config/moduleenable?name=setup to enable the setup module...

CVE-2018-18246

Icinga Web 2 before 2.6.2 has CSRF via /icingaweb2/config/moduledisable?name=monitoring to disable the monitoring module, or via /icingaweb2/config/moduleenable?name=setup to enable the setup module...

Oracle Linux 6 : Unbreakable Enterprise kernel (ELSA-2011-2024)

The remote Oracle Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2011-2024 advisory. - inetdiag: fix inetdiagbcaudit Eric Dumazet CVE-2011-2213 - net gre: fix netns vs proto registration ordering CVE-2011-1767 - net tunnels: fix netns v...

WordPress Core 2.0 < 2.7.1 - 'admin.php' Module Configuration Security Bypass

An attacker can exploit this issue via a browser. The following example URIs are available: http://www.example.com/wp-admin/admin.php?page=/collapsing-archives/options.txt http://www.example.com/wp-admin/admin.php?page=akismet/readme.txt...