Lucene search
K

3406 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2024/06/28 12:43 p.m.32 views

Security Bulletin: A vulnerability in urllib3 affects Data Replication on Cloud Pak for Data

Summary A vulnerability in the urllib3 package has been addressed. Vulnerability Details CVEID:CVE-2019-11236 DESCRIPTION: Python urllib3 is vulnerable to CRLF injection, caused by improper validation of user-supplied input by the request parameter. By sending a specially-crafted HTTP response...

6.1CVSS6.8AI score0.02056EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/06/28 12:42 p.m.21 views

Security Bulletin: A vulnerability in containerd affects Data Replication on Cloud Pak for Data

Summary A vulnerability in the containerd package has been addressed. Vulnerability Details CVEID:CVE-2022-31030 DESCRIPTION: containerd is vulnerable to a denial of service, caused by a flaw in the CRI implementation. By sending a specially-crafted request using the ExecSync API, a local...

5.5CVSS5.7AI score0.00377EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/06/28 12:42 p.m.22 views

Security Bulletin: A vulnerability in containerd affects Data Replication on Cloud Pak for Data

Summary A vulnerability in the containerd package has been addressed. Vulnerability Details CVEID:CVE-2022-23471 DESCRIPTION: containerd is vulnerable to a denial of service, caused by a flaw in the CRI implementation. By sending a specially-crafted request, a remote authenticated attacker could...

6.5CVSS6.2AI score0.01022EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/06/28 12:41 p.m.32 views

Security Bulletin: A vulnerability in Go affects Data Replication on Cloud Pak for Data

Summary A vulnerability in the package Go has been addressed. Vulnerability Details CVEID:CVE-2022-41725 DESCRIPTION: Golang Go is vulnerable to a denial of service, caused by a flaw when perform multipart form parsing with mime/multipart.Reader.ReadForm. By sending a specially-crafted request, a...

7.5CVSS8.4AI score0.01231EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/06/28 12:40 p.m.18 views

Security Bulletin: InfoSphere Data Replication is affected by a guava package vulnerbility (CVE-2023-2976)

Summary InfoSphere Data Replication uses the guava package. This bulletin identifies the steps to take to address the vulnerability. Vulnerability Details CVEID:CVE-2023-2976 DESCRIPTION: Google Guava could allow a local authenticated attacker to obtain sensitive information, caused by a flaw wit...

7.1CVSS6AI score0.00248EPSS
Exploits0Affected Software1
RedHat Linux
RedHat Linux
added 2024/06/26 7:30 p.m.22 views

Moderate: Red Hat Security Advisory: VolSync 0.9.2 for RHEL 9

VolSync v0.9.2 general availability release images provide the following: enhancements, security fixes, and updated container images. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detail...

7.5CVSS6.7AI score0.01262EPSS
Exploits0References4
OSSF Malicious Packages
OSSF Malicious Packages
added 2024/06/25 1:48 p.m.6 views

Malicious code in ar_octopus-replication-tracking (RubyGems)

--- -= Per source details. Do not edit below this line.=-...

7AI score
Exploits0References1
OSV
OSV
added 2024/06/25 1:48 p.m.10 views

MAL-2024-6667 Malicious code in ar_octopus-replication-tracking (RubyGems)

--- -= Per source details. Do not edit below this line.=-...

7.1AI score
Exploits0References1
Fedora
Fedora
added 2024/06/18 1:14 a.m.25 views

[SECURITY] Fedora 39 Update: galera-26.4.18-1.fc39

Galera is a fast synchronous multimaster wsrep provider replication engine for transactional databases and similar applications. For more information about wsrep API see https://github.com/codership/wsrep-API repository. For a description of Galera replication engine see...

4.9CVSS5.5AI score0.00424EPSS
Exploits0
OpenVAS
OpenVAS
added 2024/06/18 12:0 a.m.19 views

Fedora: Security Advisory (FEDORA-2024-d61bffd77f)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

4.9CVSS5.6AI score0.00424EPSS
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2024/06/14 12:0 a.m.8 views

The vulnerability of the remote access and file replication server 12d Synergy Server, 12d Synergy File Replication Server, is related to the absence of quotation marks in the names of elements or search paths. This allows attackers to exploit this flaw to gain higher privileges.

The vulnerability of the remote access and file replication server 12d Synergy Server lies in the absence of quotation marks in the names of elements or search paths. Exploiting this vulnerability can allow a malicious actor to gain increased privileges...

9CVSS5.5AI score0.00609EPSS
Exploits0References5Affected Software2
CNVD
CNVD
added 2024/06/14 12:0 a.m.5 views

Unspecified Vulnerability in SAP Replication Server (CNVD-2024-27893)

SAP LT Replication Server is a solution from SAP Germany. A security vulnerability exists in SAP Replication Server, which can be exploited by an attacker to execute certain commands against RSSD using the gateway, potentially resulting in memory corruption...

4.9CVSS7.3AI score0.00538EPSS
Exploits0References1
Veeam
Veeam
added 2024/06/13 12:0 a.m.15 views

Option to Add Veeam Kasten for Kubernetes Does Not Appear in Veeam Backup & Replication

Challenge When attempting to add Veeam Kasten for Kubernetes to Veeam Backup & Replication, the option for Kasten does not appear in the Add Server options. Cause This issue may occur if: The Veeam Kubernetes Service is not running and needs to be started. The Kasten Plug-In is not installed. Thi...

6.8AI score
Exploits0Affected Software1
Github Security Blog
Github Security Blog
added 2024/06/12 3:31 p.m.43 views

Elasticsearch Remote Cluster Search Cross Cluster API Key insufficient restrictions

It was identified that if a cross-cluster API key https://www.elastic.co/guide/en/elasticsearch/reference/8.14/security-api-create-cross-cluster-api-key.htmlsecurity-api-create-cross-cluster-api-key-request-body restricts search for a given index using the query or the fieldsecurity parameter, an...

6.5CVSS7AI score0.00456EPSS
Exploits0References3Affected Software1
NVD
NVD
added 2024/06/12 2:15 p.m.42 views

CVE-2024-23445

It was identified that if a cross-cluster API key https://www.elastic.co/guide/en/elasticsearch/reference/8.14/security-api-create-cross-cluster-api-key.htmlsecurity-api-create-cross-cluster-api-key-request-body restricts search for a given index using the query or the fieldsecurity parameter, an...

6.5CVSS0.00456EPSS
Exploits0References1
OSV
OSV
added 2024/06/12 2:15 p.m.17 views

CVE-2024-23445

It was identified that if a cross-cluster API key https://www.elastic.co/guide/en/elasticsearch/reference/8.14/security-api-create-cross-cluster-api-key.htmlsecurity-api-create-cross-cluster-api-key-request-body restricts search for a given index using the query or the fieldsecurity parameter, an...

6.5CVSS6.6AI score
Exploits0References1
OSV
OSV
added 2024/06/12 2:15 p.m.2 views

UBUNTU-CVE-2024-23445

It was identified that if a cross-cluster API key https://www.elastic.co/guide/en/elasticsearch/reference/8.14/security-api-create-cross-cluster-api-key.htmlsecurity-api-create-cross-cluster-api-key-request-body restricts search for a given index using the query or the fieldsecurity parameter, an...

6.5CVSS7AI score0.00456EPSS
Exploits0References3
CVE
CVE
added 2024/06/12 1:58 p.m.328 views

CVE-2024-23445

CVE-2024-23445 affects Elasticsearch remote-cluster API key security model (GA 8.14.0). The issue: a cross-cluster API key that restricts index search via query or field_security and also grants replication for the same index may not enforce search restrictions during cross-cluster search, potent...

6.5CVSS6.5AI score0.00456EPSS
Exploits0References1Affected Software1
Fedora
Fedora
added 2024/06/10 1:28 a.m.26 views

[SECURITY] Fedora 40 Update: galera-26.4.18-1.fc40

Galera is a fast synchronous multimaster wsrep provider replication engine for transactional databases and similar applications. For more information about wsrep API see https://github.com/codership/wsrep-API repository. For a description of Galera replication engine see...

4.9CVSS5.5AI score0.00424EPSS
Exploits0
OpenVAS
OpenVAS
added 2024/06/10 12:0 a.m.19 views

Fedora: Security Advisory for galera (FEDORA-2024-6ea93e629b)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

4.9CVSS5.7AI score0.00424EPSS
Exploits0References2
Rows per page
Query Builder