4580 matches found
Creating coefficiency: DevOps, Security, and Compliance
Secure IaC Infrastructure-as-code IaC is a powerful partnership accelerator. As businesses and organizations scale into the cloud to realize its full production-enablement potential, security often struggles to keep up. The ultimate goal on the security horizon is, of course, to prevent risks and...
Emissary 注入漏洞
Emissary is a software application. A P2P-based data-driven workflow engine that runs across heterogeneous and potentially widely distributed multi-tier P2P network computing resources. Emissary suffers from a security vulnerability that makes it susceptible to post-authentication Remote Code...
openSUSE Security Update : qemu (openSUSE-2021-600)
This update for qemu fixes the following issues : - CVE-2020-12829: Fix OOB access in sm501 device emulation bsc1172385 - CVE-2020-25723: Fix use-after-free in usb xhci packet handling bsc1178934 - CVE-2020-25084: Fix use-after-free in usb ehci packet handling bsc1176673 - CVE-2020-25625: Fix...
DevOps Teams can meet NIST compliance standards with automation
Meet business compliance needs without interrupting your workflow...
@absolunet/nwayo-workflow (>=3.2.0 <=3.3.6), @londondevstudio/gush (>=0.9.0 <=0.10.0) +53 more potentially affected by CVE-2020-7601 via gulp-scss-lint (>=0.1.12 <=1.0.0)
gulp-scss-lint NPM version =0.1.12, =3.2.0, =0.9.0, =1.0.0, =1.1.1, =0.0.27, =0.0.33, =1.0.34, =1.1.54 - fear-core-dev =1.3.2 and more Source cves: CVE-2020-7601 Source advisory: OSV:GHSA-G4HJ-R7R3-9RWV...
Emissary 安全漏洞
Emissary is a software application. A P2P-based data-driven workflow engine that runs on heterogeneous and potentially widely distributed multi-tier P2P network computing resources. A security vulnerability exists in Emissary 5.9.0, which can be exploited by an attacker to delete arbitrary files...
Emissary 代码问题漏洞
Emissary is a software application. A P2P-based data-driven workflow engine that runs on heterogeneous and potentially widely distributed multi-tier P2P network computing resources. A security vulnerability exists in Emissary 5.9.0, which can be exploited by an attacker to upload arbitrary files...
Important: Red Hat Security Advisory: kernel security and bug fix update
An update for kernel is now available for Red Hat Enterprise Linux 7.3 Advanced Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...
CVE-2020-17542
Cross Site Scripting XSS in dotCMS v5.1.5 allows remote attackers to execute arbitrary code by injecting a malicious payload into the "Task Detail" comment window of the "/dotAdmin//c/workflow" component...
Cross site scripting
Cross Site Scripting XSS in dotCMS v5.1.5 allows remote attackers to execute arbitrary code by injecting a malicious payload into the "Task Detail" comment window of the "/dotAdmin//c/workflow" component...
CVE-2020-17542
Cross Site Scripting XSS in dotCMS v5.1.5 allows remote attackers to execute arbitrary code by injecting a malicious payload into the "Task Detail" comment window of the "/dotAdmin//c/workflow" component...
Security Bulletin: XML External Entity Injection vulnerability affects IBM Business Automation Workflow and IBM Business Process Manager (BPM) - CVE-2021-20482
Summary IBM Business Process Manager and IBM Business Automation Workflow are vulnerable to a XML External Entity Injection attack. Vulnerability Details CVEID: CVE-2021-20482 DESCRIPTION: IBM Business Automation Workflow is vulnerable to an XML External Entity Injection XXE attack when processin...
dotCMS 跨站脚本漏洞
Dotcms dotCMS is a content management system CMS from the American company dotCMS Dotcms. The system supports RSS feeds , blogs , forums and other modules , and is easy to extend and build features . A cross-site scripting vulnerability exists in dotCMS v5.1.5, which can be exploited by a remote...
Manage Linux Patching with Qualys VMDR
As attacks on infrastructure continue to increase, security teams are looking to go beyond detection and response by eliminating the root cause of the attacks -- unpatched vulnerabilities. With the majority of production systems running Linux, IT teams have been looking for a single, efficient...
Important: Red Hat Security Advisory: kernel security and bug fix update
An update for kernel is now available for Red Hat Enterprise Linux 7.2 Advanced Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...
Important: Red Hat Security Advisory: kernel security and bug fix update
An update for kernel is now available for Red Hat Enterprise Linux 6 Extended Lifecycle Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...
Important: Red Hat Security Advisory: kernel security and bug fix update
An update for kernel is now available for Red Hat Enterprise Linux 7.4 Advanced Update Support, Red Hat Enterprise Linux 7.4 Telco Extended Update Support, and Red Hat Enterprise Linux 7.4 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impac...
SUSE SLED15 / SLES15 Security Update : qemu (SUSE-SU-2021:1243-1)
This update for qemu fixes the following issues : CVE-2020-12829: Fix OOB access in sm501 device emulation bsc1172385 CVE-2020-25723: Fix use-after-free in usb xhci packet handling bsc1178934 CVE-2020-25084: Fix use-after-free in usb ehci packet handling bsc1176673 CVE-2020-25625: Fix infinite lo...
SAP NetWeaver AS ABAP Denial of Service Vulnerability (CNVD-2021-29099)
SAP Netweaver is the German SAP SAP company's set of service-oriented integrated application platform. The platform provides a development and runtime environment for SAP applications. A denial of service vulnerability exists in SAP NetWeaver AS ABAP versions 731, 740, and 750. The vulnerability...
SAP NetWeaver AS ABAP Business Server 安全漏洞
SAP Netweaver is the German SAP SAP company's set of service-oriented integrated application platform. The platform provides a development and runtime environment for SAP applications. A denial of service vulnerability exists in SAP NetWeaver AS ABAP versions 731, 740, and 750. The vulnerability...