CVE-2020-15325

Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has a hardcoded Erlang cookie for ejabberd replication...

CVE-2020-15325

Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has a hardcoded Erlang cookie for ejabberd replication...

Hardcoded credentials

Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has a hardcoded Erlang cookie for ejabberd replication...

Improper Certificate Validation

Apache Pulsar is vulnerable to improper certificate validation. The vulnerability exists due to man in the middle attacks in intra-cluster connections and geo-replication connections which allows an attacker to take control of a machine between the client and the server...

Apache Pulsar Trust Management Issues Vulnerability

Apache Pulsar is the United States Apache Apache Foundation for cloud environments, set of messages, storage, lightweight functional computing as one of the distributed message flow platform. The software supports multi-tenancy, persistent storage, multi-machine room cross-region data replication...

Apache Pulsar Trust Management Issue Vulnerability

Apache Pulsar is an Apache Foundation distributed messaging platform for cloud environments that integrates messaging, storage, and lightweight functional computing. The software supports multi-tenancy, persistent storage, multi-room cross-regional data replication, and highly scalable streaming...

VMware Cloud Director 10.4 Compatibility Patches

Hotfix for Veeam Backup & Replication 11.0.1.1261 P20230227 The hotfix on this article has been rebuilt as of 2023-11-24 to be compatible only with Veeam Backup & Replication build 11.0.1.1261 P20230227. This is the second such rebuild; the last rebuild was on 2023-03-16. Note: If an older versio...

Security Bulletin: Directory listing vulnerability in IBM InfoSphere Data Replication Dashboard (CVE-2012-4861)

Abstract InfoSphere Data Replication Dashboard includes a web server that can be used to list specific directories under the dashboard web application. Content VULNERABILITY DETAILS: CVE ID: CVE-2012-4861 DESCRIPTION: It is possible to retrieve a directory listing by sending a request for specifi...

[SECURITY] Fedora 37 Update: redis-7.0.5-1.fc37

Redis is an advanced key-value store. It is often referred to as a data structure server since keys can contain strings, hashes, lists, sets and sorted sets. You can run atomic operations on these types, like appending to a string; incrementing the value in a hash; pushing to a list; computing se...

Security Bulletin: IBM InfoSphere Data Replication Dashboard Username Enumeration (CVE-2013-0584)

Abstract A remote, unauthenticated user can enumerate a list of InfoSphere Data Replication Dashboard user accounts including which accounts do not require a password. Content VULNERABILITY DETAILS: CVE ID: CVE-2013-0584 CVSS: CVSS Base Score: 5 CVSS Temporal Score: See for the current score CVSS...

Security Bulletin: Denial of service in IBM InfoSphere Data Replication Dashboard (CVE-2011-4461)

Abstract InfoSphere Data Replication Dashboard includes Jetty which has a known security vulnerability that can lead to a denial of service. Content VULNERABILITY DETAILS: CVE ID: CVE-2011-4461 DESCRIPTION: An attacker, using specially crafted HTTP requests, can cause up to 100% CPU usage,...

Security Bulletin: Multiple vulnerabilities in IBM JRE affect InfoSphere Data Replication Dashboard (CVE-2013-0440, CVE-2013-0443, CVE-2013-0169)

Abstract The IBM JRE embedded in the InfoSphere Data Replication Dashboard has security vulnerabilities that affect SSL connections to the dashboard web server. Content VULNERABILITY DETAILS: CVE ID: CVE-2013-0440 DESCRIPTION: An unspecified vulnerability allows remote attackers to affect...

Security Bulletin: InfoSphere Replication Dashboard is affected by a vulnerability in the IBM JRE (CVE-2013-5780)

Abstract An unspecified vulnerability in IBM Java related to the Libraries component could allow a remote attacker to obtain sensitive information. Content VULNERABILITY DETAILS: CVE ID: CVE-2013-5780 CVSS: CVSS Base Score: 4.3 CVSS Temporal Score: See...

Security Bulletin: InfoSphere Data Replication Dashboard is affected by a vulnerability in the IBM JRE (CVE-2013-0169)

Abstract The IBM JRE that is embedded in the InfoSphere Data Replication Dashboard has a security vulnerability that affects SSL connections to the dashboard web server. Content VULNERABILITY DETAILS: CVE ID: CVE-2013-0169 DESCRIPTION: The TLS protocol does not properly consider timing side-chann...

Security Bulletin: Multiple Vulnerabilities affect InfoSphere Data Replication Dashboard (CVE-2013-2999, CVE-2013-3001, CVE-2013-3000)

Abstract The InfoSphere Data Replication Dashboard has been affected by multiple vulnerabilities. See description of CVE-2013-2999, CVE-2013-3001, and CVE-2013-3000 below. Content VULNERABILITY DETAILS: CVE ID: CVE-2013-2999 DESCRIPTION: The Infosphere Data Replication Dashboard for mobile device...

GHSA-J3QW-G67Q-7M64 Apache Pulsar Brokers and Proxies vulnerable to Improper Certificate Validation

Apache Pulsar Brokers and Proxies create an internal Pulsar Admin Client that does not verify peer TLS certificates, even when tlsAllowInsecureConnection is disabled via configuration. The Pulsar Admin Client's intra-cluster and geo-replication HTTPS connections are vulnerable to man in the middl...

GHSA-JVF3-MFXV-JCQR Apache Pulsar Broker, Proxy, and WebSocket Proxy vulnerable to Improper Certificate Validation

TLS hostname verification cannot be enabled in the Pulsar Broker's Java Client, the Pulsar Broker's Java Admin Client, the Pulsar WebSocket Proxy's Java Client, and the Pulsar Proxy's Admin Client leaving intra-cluster connections and geo-replication connections vulnerable to man in the middle...

Design/Logic Flaw

TLS hostname verification cannot be enabled in the Pulsar Broker's Java Client, the Pulsar Broker's Java Admin Client, the Pulsar WebSocket Proxy's Java Client, and the Pulsar Proxy's Admin Client leaving intra-cluster connections and geo-replication connections vulnerable to man in the middle...

Virtuozzo Hybrid Infrastructure 5.2 Update 1 (5.2.1-57)

This update provides full support for Authorization Code Flow, as well as bug fixes and improvements. Vulnerability id: VSTOR-57337 It is impossible to set the disk role to "Unassigned" while joining a node to the cluster. Vulnerability id: VSTOR-57187 Unable to add an iSCSI target with multiple...

mysql: Server: Replication unspecified vulnerability (CPU Apr 2022)

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Replication. Supported versions that are affected are 8.0.28 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful...