EUVD-2022-32381

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2019-3871

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability was found in PowerDNS Authoritative Server before 4.0.7 and before 4.1.7. An insufficient validation of data coming from the user when building ...

Linux Distros Unpatched Vulnerability : CVE-2016-8745

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A bug in the error handling of the send file code for the NIO HTTP connector in Apache Tomcat 9.0.0.M1 to 9.0.0.M13, 8.5.0 to 8.5.8, 8.0.0.RC1 to 8.0.39, 7.0.0 ...

CVE-2022-27893

The Foundry Magritte plugin osisoft-pi-web-connector versions 0.15.0 - 0.43.0 was found to be logging in a manner that captured authentication requests. This vulnerability is resolved in osisoft-pi-web-connector version 0.44.0...

CVE-2022-27893

The Foundry Magritte plugin osisoft-pi-web-connector versions 0.15.0 - 0.43.0 was found to be logging in a manner that captured authentication requests. This vulnerability is resolved in osisoft-pi-web-connector version 0.44.0...

Authentication flaw

The Foundry Magritte plugin osisoft-pi-web-connector versions 0.15.0 - 0.43.0 was found to be logging in a manner that captured authentication requests. This vulnerability is resolved in osisoft-pi-web-connector version 0.44.0...

CVE-2022-27893 The Foundry Magritte plugin osisoft-pi-web-connector was found to be logging in a manner that captured authentication requests.

The Foundry Magritte plugin osisoft-pi-web-connector versions 0.15.0 - 0.43.0 was found to be logging in a manner that captured authentication requests. This vulnerability is resolved in osisoft-pi-web-connector version 0.44.0...

CVE-2022-27893

The CVE-2022-27893 issue affects the Foundry Magritte plugin osisoft-pi-web-connector, specifically versions 0.15.0 through 0.43.0. The root cause involves logging that captured authentication requests, impacting confidentiality (per CVSS data), with a reported base score of 4.2 (Medium). The vul...

CVE-2022-27893 The Foundry Magritte plugin osisoft-pi-web-connector was found to be logging in a manner that captured authentication requests.

The Foundry Magritte plugin osisoft-pi-web-connector versions 0.15.0 - 0.43.0 was found to be logging in a manner that captured authentication requests. This vulnerability is resolved in osisoft-pi-web-connector version 0.44.0...

PT-2022-18672 · Osisoft · Osisoft-Pi-Web-Connector

Name of the Vulnerable Software and Affected Versions: osisoft-pi-web-connector versions 0.15.0 through 0.43.0 Description: The Foundry Magritte plugin osisoft-pi-web-connector was found to be logging in a manner that captured authentication requests. Recommendations: For osisoft-pi-web-connector...

Palantir 日志信息泄露漏洞

Palantir is a data platform from US-based Palantir that reimagines how people use data by removing the barriers between back-end data management and front-end data analysis. A security vulnerability exists in Palantir Foundry Magritte plugin osisoft-pi-web-connector prior to version 0.44.0, which...

tomcat: Apache Tomcat AJP File Read/Inclusion Vulnerability

CVE-2020-1938 is a file read/inclusion vulnerability in the AJP connector in Apache Tomcat. This is enabled by default with a default configuration port of 8009. A remote, unauthenticated attacker could exploit this vulnerability to read web application files from a vulnerable server. In instance...

UBUNTU-CVE-2019-3871

A vulnerability was found in PowerDNS Authoritative Server before 4.0.7 and before 4.1.7. An insufficient validation of data coming from the user when building a HTTP request from a DNS query in the HTTP Connector of the Remote backend, allowing a remote user to cause a denial of service by makin...

tomcat: information disclosure due to incorrect Processor sharing

A bug was discovered in the error handling of the send file code for the NIO HTTP connector. This led to the current Processor object being added to the Processor cache multiple times allowing information leakage between requests including, and not limited to, session ID and the response body...

tomcat: information disclosure due to incorrect Processor sharing

A bug was discovered in the error handling of the send file code for the NIO HTTP connector. This led to the current Processor object being added to the Processor cache multiple times allowing information leakage between requests including, and not limited to, session ID and the response body...

PT-2017-9778 · Apache · Apache Tomcat

Name of the Vulnerable Software and Affected Versions: Apache Tomcat versions 8.5.7 through 8.5.9 Apache Tomcat versions 9.0.0.M11 through 9.0.0.M15 Description: An information disclosure issue was discovered in Apache Tomcat in reverse-proxy configurations, allowing remote attackers to read data...