Lucene search
K

737 matches found

RedHat Linux
RedHat Linux
added 2021/08/11 6:39 a.m.95 views

Moderate: Red Hat Security Advisory: OpenShift Container Platform 4.7.23 security update

Red Hat OpenShift Container Platform release 4.7.23 is now available with updates to packages and images that fix several bugs and add enhancements. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which...

8.6CVSS6.7AI score0.03478EPSS
Exploits0References12
RedHat Linux
RedHat Linux
added 2021/08/10 7:52 a.m.146 views

Moderate: Red Hat Security Advisory: OpenShift Container Platform 4.8.4 bug fix and security update

Red Hat OpenShift Container Platform release 4.8.4 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.8. Red Hat Product Security has rated this update as having a...

7.5CVSS6.7AI score0.07032EPSS
Exploits5References8
NVD
NVD
added 2021/08/03 11:15 p.m.13 views

CVE-2021-32813

Traefik is an HTTP reverse proxy and load balancer. Prior to version 2.4.13, there exists a potential header vulnerability in Traefik's handling of the Connection header. Active exploitation of this issue is unlikely, as it requires that a removed header would lead to a privilege escalation,...

8.1CVSS0.011EPSS
Exploits0References3
Cvelist
Cvelist
added 2021/08/02 11:45 p.m.18 views

CVE-2021-21553

Dell PowerScale OneFS versions 8.1.0-9.1.0 contain an Incorrect User Management vulnerability.under some specific conditions, this can allow the CompAdmin user to elevate privileges and break out of Compliance mode. This is a critical vulnerability and Dell recommends upgrading at the earliest...

7.3CVSS8.9AI score0.00222EPSS
Exploits0References1
OSV
OSV
added 2021/08/02 10:15 p.m.18 views

CVE-2021-32787

Sourcegraph is a code search and navigation engine. Sourcegraph before version 3.30.0 has two potential information leaks. The site-admin area can be accessed by regular users and all information and features are properly protected except for daily usage statistics and code intelligence uploads a...

4.3CVSS6.7AI score0.00649EPSS
Exploits0References2
CVE
CVE
added 2021/08/02 10:0 p.m.49 views

CVE-2021-32787

CVE-2021-32787 affects Sourcegraph before version 3.30.0. The vulnerability exposes information in the site-admin area to regular users, leaking daily usage statistics and code intelligence uploads/indexes while not allowing alteration of other features. The root cause is improper access to site-...

4.3CVSS4.3AI score0.00649EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2021/07/26 4:15 p.m.23 views

CVE-2021-32789

woocommerce-gutenberg-products-block is a feature plugin for WooCommerce Gutenberg Blocks. An SQL injection vulnerability impacts all WooCommerce sites running the WooCommerce Blocks feature plugin between version 2.5.0 and prior to version 2.5.16. Via a carefully crafted URL, an exploit can be...

7.5CVSS7.6AI score
Exploits0References5
Prion
Prion
added 2021/07/20 12:15 a.m.15 views

Design/Logic Flaw

Racket is a general-purpose programming language and an ecosystem for language-oriented programming. In versions prior to 8.2, code evaluated using the Racket sandbox could cause system modules to incorrectly use attacker-created modules instead of their intended dependencies. This could allow...

5CVSS7.6AI score0.00869EPSS
Exploits0References2Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2021/07/19 12:21 p.m.37 views

Security Bulletin: Vulnerabilities in Docker affect IBM Cloud Pak System

Summary Vulnerabilities were identified within Docker shipped as pType component with Cloud Pak System Software. IBM Cloud Pak System Software addressed these vulnerabilities. Vulnerability Details CVEID: CVE-2021-21285 DESCRIPTION: Docker is vulnerable to a denial of service, caused by improper...

6.8CVSS1.2AI score0.03287EPSS
Exploits0Affected Software1
OSV
OSV
added 2021/07/12 1:15 p.m.22 views

CVE-2021-32678

Nextcloud Server is a Nextcloud package that handles data storage. In versions prior to 19.0.13, 20.0.11, and 21.0.3, ratelimits are not applied to OCS API responses. This affects any OCS API controller OCSController using the @BruteForceProtection annotation. Risk depends on the installed...

5.3CVSS6.7AI score
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2021/07/06 12:0 a.m.62 views

RHEL 7 / 8 : OpenShift Container Platform 4.7.19 (RHSA-2021:2555)

The remote Redhat Enterprise Linux 7 / 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:2555 advisory. Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or...

7.8CVSS8.4AI score0.22193EPSS
Exploits38References7
NVD
NVD
added 2021/07/01 5:15 p.m.17 views

CVE-2021-32729

XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. A vulnerability exists in versions prior to 12.6.88, 12.10.4, and 13.0. The script service method used to reset the authentication failures record can be executed by any user with Script right...

5.5CVSS0.00499EPSS
Exploits0References2
IBM Security Bulletins
IBM Security Bulletins
added 2021/06/03 4:41 p.m.19 views

Security Bulletin: TLS padding vulnerability affects Informix Client Software Development Kit (CSDK) ( CVE-2014-8730)

Summary Informix Client Software Development Kit CSDK can be affected by a TLS Transport Layer Security padding vulnerability which can allow a remote attacker to obtain sensitive information. Vulnerability Details The following vulnerability affects IBM Informix Client Software Development Kit...

4.3CVSS4.4AI score0.1372EPSS
Exploits0Affected Software1
Cvelist
Cvelist
added 2021/05/28 5:0 p.m.20 views

CVE-2021-32637 Authentication bypassed with malformed request URI

Authelia is a a single sign-on multi-factor portal for web apps. This affects uses who are using nginx ngxhttpauthrequestmodule with Authelia, it allows a malicious individual who crafts a malformed HTTP request to bypass the authentication mechanism. It additionally could theoretically affect...

10CVSS9.9AI score0.01868EPSS
Exploits1References2
IBM Security Bulletins
IBM Security Bulletins
added 2021/05/24 12:8 p.m.35 views

Security Bulletin: Ansible vulnerability affects IBM Elastic Storage System (CVE-2021-20228)

Summary Ansible, which is used in IBM Elastic Storage System could allow a local authenticated attacker to obtain sensitive information. Vulnerability Details CVEID: CVE-2021-20228 DESCRIPTION: Ansible Engine could allow a local authenticated attacker to obtain sensitive information, caused by...

7.5CVSS2AI score0.02043EPSS
Exploits0Affected Software1
Veeam
Veeam
added 2021/05/18 12:0 a.m.118 views

Upgrading/Uninstalling Veeam Backup & Replication fails with "Error 1327. Invalid Drive: [a-z]:\" or "Warning 1327. Invalid Drive [a-z]:\"

Challenge While upgrading or uninstalling Veeam Backup & Replication, the installer stops and displays either of the following messages: Warning 1327. Invalid Drive: F:\ Copy Error 1327. Invalid Drive: F:\ Copy Note: The drive letter in the message may be any drive letter. Cause The settings in t...

6.8AI score
Exploits0Affected Software1
OSV
OSV
added 2021/04/20 7:15 p.m.22 views

CVE-2021-29459

XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. It is possible to persistently inject scripts in XWiki versions prior to 12.6.3 and 12.8. Unregistred users can fill simple text fields. Registered users can fill in their personal information...

6.1CVSS6.5AI score
Exploits0References1
RedHat Linux
RedHat Linux
added 2021/04/20 6:22 p.m.129 views

Moderate: Red Hat Security Advisory: OpenShift Container Platform 4.7.7 security update

Red Hat OpenShift Container Platform release 4.7.7 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.7. Red Hat Product Security has rated this update as having a...

7.1CVSS6.8AI score0.01587EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2021/04/20 12:0 a.m.81 views

RHEL 7 / 8 : OpenShift Container Platform 4.7.7 (RHSA-2021:1150)

The remote Redhat Enterprise Linux 7 / 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2021:1150 advisory. Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private clo...

7.1CVSS7.4AI score0.01587EPSS
Exploits1References6
RedHat Linux
RedHat Linux
added 2021/04/05 1:18 p.m.86 views

Moderate: Red Hat Security Advisory: OpenShift Container Platform 4.7.5 security and bug fix update

Red Hat OpenShift Container Platform release 4.7.5 is now available with updates to packages and images that fix several bugs and add enhancements. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which...

8.6CVSS6.6AI score0.03478EPSS
Exploits0References3
Rows per page
Query Builder