PT-2020-7566 · D Link · D-Link Dir-100

Name of the Vulnerable Software and Affected Versions: D-Link DIR-100 version 4.03B07 Description: The issue concerns a CSRF vulnerability in the cli.cgi endpoint. Recommendations: For D-Link DIR-100 version 4.03B07, consider restricting access to the cli.cgi endpoint as a temporary workaround...

Scale-out Backup Repository offload job to Quantum DXI used as S3 storage fails with "Failed to retrieve SSL certificate. Underlying error: PRNG not seeded" error

Challenge Veeam Backup & Replication fails to perform an S3 offload task if targeted to Quantum DXI storage. The error retrieved in UI says: "Failed to retrieve SSL certificate. Underlying error: PRNG not seeded" 06.01.2020 13:38:21 Info PublicCloudCertificateLoader Loading certificate for...

blogger-cli (>=1.2.0 <=1.2.1), canonicalwebteam-blog (>=2.4.0 <=5.0.0) +3 more potentially affected by CVE-2020-5227 via feedgen (>=0.6.1 <=0.8.0)

feedgen PYPI version =0.6.1, =1.2.0, =2.4.0, =1.0.0.dev37, =2.0.2, =2.0.3 Source cves: CVE-2020-5227 Source advisory: OSV:PYSEC-2020-231...

blogger-cli (>=1.2.0 <=1.2.1), canonicalwebteam-blog (>=2.4.0 <=5.0.0) +3 more potentially affected by CVE-2020-5227 via feedgen (>=0.6.1 <=0.8.0)

feedgen PYPI version =0.6.1, =1.2.0, =2.4.0, =1.0.0.dev37, =2.0.2, =2.0.3 Source cves: CVE-2020-5227 Source advisory: OSV:GHSA-G8Q7-XV52-HF9F...

SUSE-SU-2020:0251-1 Security update for aws-cli

This update for aws-cli to version 1.16.297 fixes the following issues: Security issue fixed: - CVE-2018-15869: Fixed an permission handling issue where an unexpected AMI could potentially be used bsc1105988. Non-security issues fixed: - Fixed an issue with the CLI client, where a...

Socialscan - Check Email Address And Username Availability On Online Platforms With 100% Accuracy

socialscan offers accurate and fast checks for email address and username usage on online platforms. Given an email address or username, socialscan returns whether it is available, taken or invalid on online platforms. Features that differentiate socialscan from similar tools e.g. knowem.com,...

Input validation

A vulnerability in the CLI of the Cisco SD-WAN Solution vManage software could allow an authenticated, local attacker to elevate privileges to root-level privileges on the underlying operating system. The vulnerability is due to insufficient input validation. An attacker could exploit this...

BSA-2020-905

Security Advisory ID : BSA-2020-905 Component : authentication Revision : 1.0: Final Brocade Fabric OS Versions before v7.4.2f, v8.2.2a, v8.1.2j and v8.2.1d could expose external passwords, common secrets or authentication keys used between the switch and an external server. When using certain CL...

Design/Logic Flaw

A flaw was found in the JBoss EAP Vault system in all versions before 7.2.6.GA. Confidential information of the system property's security attribute value is revealed in the JBoss EAP log file when executing a JBoss CLI 'reload' command. This flaw can lead to the exposure of confidential...

CVE-2019-5593

Improper permission or value checking in the CLI console may allow a non-privileged user to obtain Fortinet FortiOS plaint text private keys of system's builtin local certificates via unsetting the keys encryption password in FortiOS 6.2.0, 6.0.0 to 6.0.6, 5.6.10 and below or for user uploaded...

CVE-2019-5593

Fortinet FortiOS is affected by CVE-2019-5593. The flaw arises from improper permission/value checking in the CLI console, allowing a non-privileged local attacker to obtain plaintext private keys of system certificates by unsetting the encryption password for built‑in certificates (FortiOS 6.2.0...

Huawei EulerOS: Security Advisory for quagga (EulerOS-SA-2018-1065)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for php (EulerOS-SA-2018-1224)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2019-19834

CVE-2019-19834 concerns a directory traversal in the ruckus_cli2 component of Ruckus Wireless Unleashed firmware (affected version range up to 200.7.10.102.64). The vulnerability allows a remote attacker to jailbreak the CLI by supplying a crafted argument through enable-&gt;debug-&gt;script-&gt;...

Cisco SD-WAN Solution Local Privilege Escalation Vulnerability

A vulnerability in the CLI of the Cisco SD-WAN Solution vManage software could allow an authenticated, local attacker to elevate privileges to root-level privileges on the underlying operating system. The vulnerability is due to insufficient input validation. An attacker could exploit this...

RHEL 6 : Red Hat JBoss Enterprise Application Platform 7.2.6 on RHEL 6 (RHSA-2020:0159)

The remote Redhat Enterprise Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:0159 advisory. Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release o...

RHEL 8 : Red Hat JBoss Enterprise Application Platform 7.2.6 on RHEL 8 (RHSA-2020:0161)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:0161 advisory. Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release o...

Important: Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.2.6 on RHEL 7 security update

An update is now available for Red Hat JBoss Enterprise Application Platform 7.2 for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, ...

Important: Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.2.6 on RHEL 8 security update

An update is now available for Red Hat JBoss Enterprise Application Platform 7.2 for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, ...

Important: Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.2.6 on RHEL 6 security update

An update is now available for Red Hat JBoss Enterprise Application Platform 7.2 for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, ...