RHEL 9 : munge (RHSA-2026:2949)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:2949 advisory. MUNGE MUNGE Uid 'N' Gid Emporium is an authentication service for creating and validating credentials. It is designed to be highly scalable for use i...

EUVD-2022-4425

Malicious code in bioql PyPI...

Error: "Unable to Create Deployment" on StoreFront

The installation of StoreFront fails and the error message “Unable to Create Deployment ” is displayed on the console: The following are the Event Viewer Errors: Source: Citrix Delivery Services AdminEvent ID: 1Description:...

Injection in Apache NiFi

In Apache NiFi before 0.7.2 and 1.x before 1.1.2 in a cluster environment, the proxy chain serialization/deserialization is vulnerable to an injection attack where a carefully crafted username could impersonate another user and gain their permissions on a replicated request to another node...

GHSA-JGJ9-6V78-6G8M Improper Authentication In Apache NiFi

In Apache NiFi before 0.7.2 and 1.x before 1.1.2 in a cluster environment, if an anonymous user request is replicated to another node, the originating node identity is used rather than the "anonymous" user...

SUSE-SU-2018:1079-1 Security update for apache2

This update for apache2 fixes the following issues: - security update: CVE-2018-1301: Specially crafted requests, in debug mode, could lead to denial of service. bsc1086817 CVE-2017-15710: failure in the language fallback handling could lead to denial of service. bsc1086776 CVE-2018-1312: Seed...

XXE Vulnerability in Hitachi Device Manager

Overview An XXE XML External Entity Vulnerability was found in Hitachi Device Manager. This vulnerability only affects the Linux cluster environment. Impact Regarding the impact of the vulnerability, please refer to the vendor advisory. Solution Please refer to the 'Vendor Information' section fo...

CVE-2017-5636

In Apache NiFi before 0.7.2 and 1.x before 1.1.2 in a cluster environment, the proxy chain serialization/deserialization is vulnerable to an injection attack where a carefully crafted username could impersonate another user and gain their permissions on a replicated request to another node...

CVE-2017-5635

In Apache NiFi before 0.7.2 and 1.x before 1.1.2 in a cluster environment, if an anonymous user request is replicated to another node, the originating node identity is used rather than the "anonymous" user...

CVE-2017-5636

In Apache NiFi before 0.7.2 and 1.x before 1.1.2 in a cluster environment, the proxy chain serialization/deserialization is vulnerable to an injection attack where a carefully crafted username could impersonate another user and gain their permissions on a replicated request to another node...

CVE-2017-5636

In Apache NiFi before 0.7.2 and 1.x before 1.1.2 in a cluster environment, the proxy chain serialization/deserialization is vulnerable to an injection attack where a carefully crafted username could impersonate another user and gain their permissions on a replicated request to another node...

Unauthorized Access Via User Impersonation

Apache nifi is vulnerable to unauthorized access via user impersonation attacks. The vulnerability exists due to a possible injection attack in a cluster environment, in the proxy chain's serialization/deserialization. A malicious user can inject in their username to impersonate another user to...

Unauthorized Data Access In Cluster

Apache nifi is vulnerable to unauthorized data accesses. The vulnerability exists in a cluster environment when an anonymous user request is replicated to another node. The replicated node identity will contain the originating node identity instead of the anonymous user's identity...

Denial of Service (DoS) Vulnerability in JP1/Desktop Navigation Built-in Database

Overview When JP1/Desktop Navigation used in a cluster environment receives unexpected data, the built-in database process and unit abend, which may cause the management server service to fall into a denial of service DoS condition. Impact A remote attacker could cause a denial of service DoS...

RedHat Update for squid RHSA-2010:0221-04

Check for the Version of squid OpenVAS Vulnerability Test RedHat Update for squid RHSA-2010:0221-04 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms...

How to use database control Serv-U-vulnerability warning-the black bar safety net

Serv-U ODBC Database using Serv-U 5.0 and above supports ODBCdatalibraries, can use thedatalibrary managementaccount, the permissions apply to the need to provide an FTP download of the BBS forums, music sites, software sites, movie sites, enterpriseweband the like, particularly in a multi-table...