76 matches found
EUVD-2024-40458
In JetBrains TeamCity before 2024.07.1 multiple stored XSS was possible on Clouds page...
CVE-2024-43807
In JetBrains TeamCity before 2024.07.1 multiple stored XSS was possible on Clouds page...
CVE-2024-43807
JetBrains TeamCity before 2024.07.1 is affected by multiple stored XSS on the Clouds page (CVE-2024-43807). The issue is discussed across sources (Red Hat CVE entry and Nessus plugin) with remediation implied as updating to 2024.07.1 or newer. There are no explicit exploitation details in the pro...
JetBrains TeamCity 安全漏洞
JetBrains TeamCity is a set of distributed build management and continuous integration tools from the Czech company JetBrains. The tool provides continuous unit testing, code quality analysis and build problem analysis reports and other features. JetBrains TeamCity suffers from a cross-site...
BIT-SOLR-2023-50290 Apache Solr: Host environment variables are published via the Metrics API
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Apache Solr. The Solr Metrics API publishes all unprotected environment variables available to each Apache Solr instance. Users are able to specify which environment variables to hide, however, the default list is designe...
February 29, 2024—KB5034843 (OS Build 19045.4123) Preview
February 29, 2024—KB5034843 OS Build 19045.4123 Preview 11/17/20 For information about Windows update terminology, see the article about the types of Windows updates and the monthly quality update types. For an overview of Windows 10, version 22H2, see its update history page. Note Follow...
GHSA-XRJ7-X7GP-WWQR Apache Solr's Streaming Expressions allow users to extract data from other Solr Clouds
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Apache Solr. This issue affects Apache Solr from 6.0.0 through 8.11.2, from 9.0.0 before 9.4.1. Solr Streaming Expressions allows users to extract data from other Solr Clouds, using a "zkHost" parameter. When original...
Apache Solr's Streaming Expressions allow users to extract data from other Solr Clouds
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Apache Solr. This issue affects Apache Solr from 6.0.0 through 8.11.2, from 9.0.0 before 9.4.1. Solr Streaming Expressions allows users to extract data from other Solr Clouds, using a "zkHost" parameter. When original...
CVE-2023-50291 Apache Solr: System Property redaction logic inconsistency can lead to leaked passwords
Insufficiently Protected Credentials vulnerability in Apache Solr. This issue affects Apache Solr: from 6.0.0 through 8.11.2, from 9.0.0 before 9.3.0. One of the two endpoints that publishes the Solr process' Java system properties, /admin/info/properties, was only setup to hide system properties...
IBM Cloud Pak System Information Disclosure Vulnerability (CNVD-2024-07607)
IBM Cloud Pak System is a full-stack, converged infrastructure with configurable, pre-integrated software from International Business Machines IBM. The product supports deploying, managing and moving application environments across hybrid clouds. An information disclosure vulnerability exists in...
CVE-2023-50290 Apache Solr: Host environment variables are published via the Metrics API
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Apache Solr. The Solr Metrics API publishes all unprotected environment variables available to each Apache Solr instance. Users are able to specify which environment variables to hide, however, the default list is designe...
Important: Red Hat Security Advisory: Multicluster Engine for Kubernetes 2.3.3 security updates and bug fixes
Multicluster Engine for Kubernetes 2.3.3 General Availability release images, which contain security updates and fix bugs. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severit...
The vulnerability of Acronis Cloud Manager, a platform for managing hybrid clouds, stems from insufficient validation of input data. This allows attackers to gain access to confidential information.
The vulnerability of Acronis Cloud Manager, a platform for managing hybrid clouds, is related to insufficient validation of input data. Exploiting this vulnerability could allow an attacker operating remotely to access confidential information...
GHSA-J54R-W587-95Q7 Jenkins Oracle Cloud Infrastructure Compute Plugin missing SSH host key validation
Jenkins Oracle Cloud Infrastructure Compute Plugin 1.0.16 and earlier does not perform SSH host key validation when connecting to OCI clouds. This lack of validation could be abused using a man-in-the-middle attack to intercept these connections to OCI clouds. Oracle Cloud Infrastructure Compute...
Jenkins Oracle Cloud Infrastructure Compute Plugin missing SSH host key validation
Jenkins Oracle Cloud Infrastructure Compute Plugin 1.0.16 and earlier does not perform SSH host key validation when connecting to OCI clouds. This lack of validation could be abused using a man-in-the-middle attack to intercept these connections to OCI clouds. Oracle Cloud Infrastructure Compute...
Critical: Red Hat Security Advisory: Multicluster Engine for Kubernetes 2.0.9 security fixes and container updates
Multicluster Engine for Kubernetes 2.0.9 General Availability release images, which fix security issues and update container images. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System CVSS base score, which gives a detaile...
Critical: Red Hat Security Advisory: Multicluster Engine for Kubernetes 2.2.3 security updates and bug fixes
Multicluster Engine for Kubernetes 2.2.3 General Availability release images, which fix bugs and security updates container images. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System CVSS base score, which gives a detailed...
Fedora: Security Advisory for cloudcompare (FEDORA-2022-9cbdf39a5a)
The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
[SECURITY] Fedora 37 Update: cloudcompare-2.11.3-4.fc37
CloudCompare is a 3D point cloud and triangular mesh processing software. It has been originally designed to perform comparison between two 3D points clouds such as the ones obtained with a laser scanner or between a point cloud and a triangular mesh. It relies on a specific octree structure that...
[SECURITY] Fedora 35 Update: cloudcompare-2.9.1-16.fc35
CloudCompare is a 3D point cloud and triangular mesh processing software. It has been originally designed to perform comparison between two 3D points clouds such as the ones obtained with a laser scanner or between a point cloud and a triangular mesh. It relies on a specific octree structure that...