IBM HTTP Server 6.1.0.0 <= 6.1.0.47 / 7.0.0.0 < 7.0.0.39 / 8.0.0.0 < 8.0.0.12 / 8.5.0.0 < 8.5.5.7 HTTP Request Smuggling (533835)

The version of IBM HTTP Server running on the remote host is affected by an HTTP request smuggling vulnerability related to Apache HTTP Server. The chunked transfer coding implementation in the Apache HTTP Server before 2.4.14 does not properly parse chunk headers, which allows remote attackers t...

CVE-2018-16243

SolarWinds Database Performance Analyzer DPA 11.1.468 and 12.0.3074 have several persistent XSS vulnerabilities, related to logViewer.iwc, centralManage.cen, userAdministration.iwc, database.iwc, alertManagement.iwc, eventAnnotations.iwc, and central.cen...

Fedora: Security Advisory for pam (FEDORA-2020-bd83344365)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

OPENSUSE-SU-2020:2232-1 Security update for rpmlint

This update for rpmlint fixes the following issues: - Whitelist PAM modules and DBUS rules for cockpit bsc1169614 This update was imported from the SUSE:SLE-15:Update update project. This update was imported from the openSUSE:Leap:15.2:Update update project...

CVE-2020-7549

A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists in the Web Server on Modicon M340, Legacy Offers Modicon Quantum and Modicon Premium and associated Communication Modules see security notification for affected versions, that could cause denial of HTTP and FTP...

CVE-2020-7539

A CWE-754 Improper Check for Unusual or Exceptional Conditions vulnerability exists in the Web Server on Modicon M340, Legacy Offers Modicon Quantum and Modicon Premium and associated Communication Modules see security notification for affected versions, that could cause a denial of service...

CVE-2020-7540

A CWE-306: Missing Authentication for Critical Function vulnerability exists in the Web Server on Modicon M340, Legacy Offers Modicon Quantum and Modicon Premium and associated Communication Modules see security notification for affected versions, that could cause unauthenticated command executio...

CVE-2020-7541

A CWE-425: Direct Request 'Forced Browsing' vulnerability exists in the Web Server on Modicon M340, Legacy Offers Modicon Quantum and Modicon Premium and associated Communication Modules see security notification for affected versions, that could cause disclosure of sensitive data when sending a...

Spoofing

A CWE-425: Direct Request 'Forced Browsing' vulnerability exists in the Web Server on Modicon M340, Legacy Offers Modicon Quantum and Modicon Premium and associated Communication Modules see security notification for affected versions, that could cause disclosure of sensitive data when sending a...

Design/Logic Flaw

A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists in the Web Server on Modicon M340, Legacy Offers Modicon Quantum and Modicon Premium and associated Communication Modules see security notification for affected versions, that could cause denial of HTTP and FTP...

Authentication flaw

A CWE-306: Missing Authentication for Critical Function vulnerability exists in the Web Server on Modicon M340, Legacy Offers Modicon Quantum and Modicon Premium and associated Communication Modules see security notification for affected versions, that could cause unauthenticated command executio...

CVE-2020-7541

A CWE-425: Direct Request 'Forced Browsing' vulnerability exists in the Web Server on Modicon M340, Legacy Offers Modicon Quantum and Modicon Premium and associated Communication Modules see security notification for affected versions, that could cause disclosure of sensitive data when sending a...

CVE-2020-7536

A CWE-754:Improper Check for Unusual or Exceptional Conditions vulnerability exists in Modicon M340 CPUs BMXP34 versions prior to V3.30 Modicon M340 Communication Ethernet modules BMXNOE0100 H versions prior to V3.4 BMXNOE0110 H versions prior to V6.6 BMXNOR0200H all versions, that could cause th...

CVE-2020-7536

CVE-2020-7536 affects Schneider Electric Modicon M340: CPUs (BMXP34* pre-V3.30) and Ethernet modules BMXNOE0100(H) pre-V3.4, BMXNOE0110(H) pre-V6.6, BMXNOR0200H all versions. Root cause: CWE-754 Improper Check for Unusual or Exceptional Conditions, leading to device unreachability when SNMP param...

Security update for rpmlint (moderate)

openSUSE Security Update: Security update for rpmlint Announcement ID: openSUSE-SU-2020:2232-1 Rating: moderate References: 1169614 Affected Products: openSUSE Backports SLE-15-SP2 An update that contains security fixes can now be installed. Description: This update for rpmlint fixes the followin...

azureml-designer-recommender-modules (>=0.0.1 <=0.0.9), koncept (=0.2.1) +10 more potentially affected by CVE-2020-26266 via tensorflow-gpu (>=2.0.0 <=2.0.3)

tensorflow-gpu PYPI version =2.0.0, =0.0.1, =0.0.9 - koncept =0.2.1 - monk-cuda100 =0.0.1 - monk-cuda100-test =0.0.1 - monk-cuda101 =0.0.1 - monk-cuda101-test =0.0.1 - monk-keras-cuda100 =0.0.1 - monk-keras-cuda100-test =0.0.1 - monk-keras-cuda101 =0.0.1 - monk-keras-cuda101-test =0.0.1 -...

azureml-designer-recommender-modules (>=0.0.1 <=0.0.9), koncept (=0.2.1) +10 more potentially affected by CVE-2020-26270 via tensorflow-gpu (>=2.0.0 <=2.0.3)

tensorflow-gpu PYPI version =2.0.0, =0.0.1, =0.0.9 - koncept =0.2.1 - monk-cuda100 =0.0.1 - monk-cuda100-test =0.0.1 - monk-cuda101 =0.0.1 - monk-cuda101-test =0.0.1 - monk-keras-cuda100 =0.0.1 - monk-keras-cuda100-test =0.0.1 - monk-keras-cuda101 =0.0.1 - monk-keras-cuda101-test =0.0.1 -...

azureml-designer-recommender-modules (>=0.0.1 <=0.0.9), koncept (=0.2.1) +10 more potentially affected by CVE-2020-26271 via tensorflow-gpu (>=2.0.0 <=2.0.3)

tensorflow-gpu PYPI version =2.0.0, =0.0.1, =0.0.9 - koncept =0.2.1 - monk-cuda100 =0.0.1 - monk-cuda100-test =0.0.1 - monk-cuda101 =0.0.1 - monk-cuda101-test =0.0.1 - monk-keras-cuda100 =0.0.1 - monk-keras-cuda100-test =0.0.1 - monk-keras-cuda101 =0.0.1 - monk-keras-cuda101-test =0.0.1 -...

azureml-designer-recommender-modules (>=0.0.1 <=0.0.9), koncept (=0.2.1) +10 more potentially affected by CVE-2020-26267 via tensorflow-gpu (>=2.0.0 <=2.0.3)

tensorflow-gpu PYPI version =2.0.0, =0.0.1, =0.0.9 - koncept =0.2.1 - monk-cuda100 =0.0.1 - monk-cuda100-test =0.0.1 - monk-cuda101 =0.0.1 - monk-cuda101-test =0.0.1 - monk-keras-cuda100 =0.0.1 - monk-keras-cuda100-test =0.0.1 - monk-keras-cuda101 =0.0.1 - monk-keras-cuda101-test =0.0.1 -...

SUSE SLED15 / SLES15 Security Update : go1.15 (SUSE-SU-2020:2776-1)

go1.15 released 2020-08-11 Go 1.15 is a major release of Go. go1.15.x minor releases will be provided through August 2021. https://github.com/golang/go/wiki/Go-Release-Cycle Most changes are in the implementation of the toolchain, runtime, and libraries. As always, the release maintains the Go 1...