Lucene search
K

4580 matches found

Rapid7 Blog
Rapid7 Blog
added 2021/06/01 1:32 p.m.37 views

Creating coefficiency: DevOps, Security, and Compliance

Secure IaC Infrastructure-as-code IaC is a powerful partnership accelerator. As businesses and organizations scale into the cloud to realize its full production-enablement potential, security often struggles to keep up. The ultimate goal on the security horizon is, of course, to prevent risks and...

0.1AI score
Exploits0
CNNVD
CNNVD
added 2021/06/01 12:0 a.m.6 views

Emissary 注入漏洞

Emissary is a software application. A P2P-based data-driven workflow engine that runs across heterogeneous and potentially widely distributed multi-tier P2P network computing resources. Emissary suffers from a security vulnerability that makes it susceptible to post-authentication Remote Code...

9.1CVSS8.4AI score0.0285EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2021/05/18 12:0 a.m.62 views

openSUSE Security Update : qemu (openSUSE-2021-600)

This update for qemu fixes the following issues : - CVE-2020-12829: Fix OOB access in sm501 device emulation bsc1172385 - CVE-2020-25723: Fix use-after-free in usb xhci packet handling bsc1178934 - CVE-2020-25084: Fix use-after-free in usb ehci packet handling bsc1176673 - CVE-2020-25625: Fix...

6.5CVSS6.3AI score0.02515EPSS
Exploits3References32
Trend Micro Simply Security
Trend Micro Simply Security
added 2021/05/11 12:0 a.m.10 views

DevOps Teams can meet NIST compliance standards with automation

Meet business compliance needs without interrupting your workflow...

3.4AI score
Exploits0
vulnersOsv
vulnersOsv
added 2021/05/07 4:15 p.m.6 views

@absolunet/nwayo-workflow (>=3.2.0 <=3.3.6), @londondevstudio/gush (>=0.9.0 <=0.10.0) +53 more potentially affected by CVE-2020-7601 via gulp-scss-lint (>=0.1.12 <=1.0.0)

gulp-scss-lint NPM version =0.1.12, =3.2.0, =0.9.0, =1.0.0, =1.1.1, =0.0.27, =0.0.33, =1.0.34, =1.1.54 - fear-core-dev =1.3.2 and more Source cves: CVE-2020-7601 Source advisory: OSV:GHSA-G4HJ-R7R3-9RWV...

9.8CVSS7.2AI score0.02644EPSS
Exploits1
CNNVD
CNNVD
added 2021/05/07 12:0 a.m.3 views

Emissary 安全漏洞

Emissary is a software application. A P2P-based data-driven workflow engine that runs on heterogeneous and potentially widely distributed multi-tier P2P network computing resources. A security vulnerability exists in Emissary 5.9.0, which can be exploited by an attacker to delete arbitrary files...

8.1CVSS5.8AI score0.00891EPSS
Exploits0References3
CNNVD
CNNVD
added 2021/05/07 12:0 a.m.6 views

Emissary 代码问题漏洞

Emissary is a software application. A P2P-based data-driven workflow engine that runs on heterogeneous and potentially widely distributed multi-tier P2P network computing resources. A security vulnerability exists in Emissary 5.9.0, which can be exploited by an attacker to upload arbitrary files...

8.8CVSS5.8AI score0.01185EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2021/04/27 6:55 a.m.124 views

Important: Red Hat Security Advisory: kernel security and bug fix update

An update for kernel is now available for Red Hat Enterprise Linux 7.3 Advanced Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

7.8CVSS6.8AI score0.02079EPSS
Exploits3References4
OSV
OSV
added 2021/04/23 9:15 p.m.14 views

CVE-2020-17542

Cross Site Scripting XSS in dotCMS v5.1.5 allows remote attackers to execute arbitrary code by injecting a malicious payload into the "Task Detail" comment window of the "/dotAdmin//c/workflow" component...

5.4CVSS6.7AI score
Exploits0References1
Prion
Prion
added 2021/04/23 9:15 p.m.13 views

Cross site scripting

Cross Site Scripting XSS in dotCMS v5.1.5 allows remote attackers to execute arbitrary code by injecting a malicious payload into the "Task Detail" comment window of the "/dotAdmin//c/workflow" component...

3.5CVSS5.7AI score0.00837EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2021/04/23 8:23 p.m.14 views

CVE-2020-17542

Cross Site Scripting XSS in dotCMS v5.1.5 allows remote attackers to execute arbitrary code by injecting a malicious payload into the "Task Detail" comment window of the "/dotAdmin//c/workflow" component...

5.7AI score0.00837EPSS
Exploits1References1
IBM Security Bulletins
IBM Security Bulletins
added 2021/04/23 5:2 p.m.16 views

Security Bulletin: XML External Entity Injection vulnerability affects IBM Business Automation Workflow and IBM Business Process Manager (BPM) - CVE-2021-20482

Summary IBM Business Process Manager and IBM Business Automation Workflow are vulnerable to a XML External Entity Injection attack. Vulnerability Details CVEID: CVE-2021-20482 DESCRIPTION: IBM Business Automation Workflow is vulnerable to an XML External Entity Injection XXE attack when processin...

7.1CVSS0.6AI score0.01398EPSS
Exploits0Affected Software4
CNNVD
CNNVD
added 2021/04/23 12:0 a.m.4 views

dotCMS 跨站脚本漏洞

Dotcms dotCMS is a content management system CMS from the American company dotCMS Dotcms. The system supports RSS feeds , blogs , forums and other modules , and is easy to extend and build features . A cross-site scripting vulnerability exists in dotCMS v5.1.5, which can be exploited by a remote...

5.4CVSS5.7AI score0.00837EPSS
Exploits1References2
Qualys Blog
Qualys Blog
added 2021/04/21 12:55 p.m.62 views

Manage Linux Patching with Qualys VMDR

As attacks on infrastructure continue to increase, security teams are looking to go beyond detection and response by eliminating the root cause of the attacks -- unpatched vulnerabilities. With the majority of production systems running Linux, IT teams have been looking for a single, efficient...

Exploits0
RedHat Linux
RedHat Linux
added 2021/04/20 3:36 p.m.98 views

Important: Red Hat Security Advisory: kernel security and bug fix update

An update for kernel is now available for Red Hat Enterprise Linux 7.2 Advanced Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

7.8CVSS6.8AI score0.02079EPSS
Exploits3References4
RedHat Linux
RedHat Linux
added 2021/04/20 3:19 p.m.168 views

Important: Red Hat Security Advisory: kernel security and bug fix update

An update for kernel is now available for Red Hat Enterprise Linux 6 Extended Lifecycle Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

7.8CVSS6.7AI score0.02079EPSS
Exploits4References5
RedHat Linux
RedHat Linux
added 2021/04/20 12:59 p.m.76 views

Important: Red Hat Security Advisory: kernel security and bug fix update

An update for kernel is now available for Red Hat Enterprise Linux 7.4 Advanced Update Support, Red Hat Enterprise Linux 7.4 Telco Extended Update Support, and Red Hat Enterprise Linux 7.4 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impac...

7.8CVSS6.7AI score0.02079EPSS
Exploits3References5
Tenable Nessus
Tenable Nessus
added 2021/04/19 12:0 a.m.51 views

SUSE SLED15 / SLES15 Security Update : qemu (SUSE-SU-2021:1243-1)

This update for qemu fixes the following issues : CVE-2020-12829: Fix OOB access in sm501 device emulation bsc1172385 CVE-2020-25723: Fix use-after-free in usb xhci packet handling bsc1178934 CVE-2020-25084: Fix use-after-free in usb ehci packet handling bsc1176673 CVE-2020-25625: Fix infinite lo...

6.5CVSS6.4AI score0.02515EPSS
Exploits3References48
CNVD
CNVD
added 2021/04/16 12:0 a.m.9 views

SAP NetWeaver AS ABAP Denial of Service Vulnerability (CNVD-2021-29099)

SAP Netweaver is the German SAP SAP company's set of service-oriented integrated application platform. The platform provides a development and runtime environment for SAP applications. A denial of service vulnerability exists in SAP NetWeaver AS ABAP versions 731, 740, and 750. The vulnerability...

6.5CVSS6.7AI score0.00862EPSS
Exploits0References1
CNNVD
CNNVD
added 2021/04/13 12:0 a.m.6 views

SAP NetWeaver AS ABAP Business Server 安全漏洞

SAP Netweaver is the German SAP SAP company's set of service-oriented integrated application platform. The platform provides a development and runtime environment for SAP applications. A denial of service vulnerability exists in SAP NetWeaver AS ABAP versions 731, 740, and 750. The vulnerability...

6.5CVSS5.6AI score0.00862EPSS
Exploits0References4
Rows per page
Query Builder