CVE-2021-25324

MISP 2.4.136 has Stored XSS in the galaxy cluster view via a cluster name to app/View/GalaxyClusters/view.ctp...

Improper Ownership Management

Overview Affected versions of this package are vulnerable to Improper Ownership Management for projects, whose namespace defaults to being the project name, regardless of cluster. A user with permission to create a project can escalate privileges to those of a user who owns a project by the same...

DEBIAN-CVE-2021-47458

In the Linux kernel, the following vulnerability has been resolved: ocfs2: mount fails with buffer overflow in strlen Starting with kernel 5.11 built with CONFIGFORTIFYSOURCE mouting an ocfs2 filesystem with either o2cb or pcmk cluster stack fails with the trace below. Problem seems to be that...

Exposure Of Resources To Wrong Sphere

org.apache.inlong is vulnerable to Exposure of Resources to Wrong Sphere. The vulnerability exists due to a lack of validation for unmodifiable datanodename and clustername, which allows an attacker to change the immutable name and type of the cluster...

CVE-2023-31103 Apache InLong: Attackers can change the immutable name and type of cluster

Exposure of Resource to Wrong Sphere Vulnerability in Apache Software Foundation Apache InLong.This issue affects Apache InLong: from 1.4.0 through 1.6.0. Attackers can change the immutable name and type of cluster of InLong. Users are advised to upgrade to Apache InLong's 1.7.0 or cherry-pick...

Apache InLong 安全漏洞

Apache InLong is the United States Apache Apache Foundation's one-stop massive data integration framework. A security bypass vulnerability exists in Apache InLong versions 1.4.0 through 1.6.0. An attacker can exploit the vulnerability to change the immutable name and type of an InLong cluster...

PT-2023-23157 · Apache · Apache Inlong

Name of the Vulnerable Software and Affected Versions: Apache InLong versions 1.4.0 through 1.6.0 Description: The issue affects Apache InLong, allowing attackers to change the immutable name and type of cluster of InLong. Recommendations: For Apache InLong versions 1.4.0 through 1.6.0, upgrade t...

Moderate: Red Hat Security Advisory: Red Hat Storage Console 2 security and bug fix update

An update is now available for Red Hat Storage Console 2 for Red Hat Enteprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

CVE-2015-0862

Multiple cross-site scripting XSS vulnerabilities in the management web UI in the RabbitMQ management plugin before 3.4.3 allow remote authenticated users to inject arbitrary web script or HTML via 1 message details when a message is unqueued, such as headers or arguments; 2 policy names, which a...

DEBIAN-CVE-2015-0862

Multiple cross-site scripting XSS vulnerabilities in the management web UI in the RabbitMQ management plugin before 3.4.3 allow remote authenticated users to inject arbitrary web script or HTML via 1 message details when a message is unqueued, such as headers or arguments; 2 policy names, which a...

CVE-2015-0862

Multiple cross-site scripting XSS vulnerabilities in the management web UI in the RabbitMQ management plugin before 3.4.3 allow remote authenticated users to inject arbitrary web script or HTML via 1 message details when a message is unqueued, such as headers or arguments; 2 policy names, which a...

CVE-2015-0862

Multiple cross-site scripting XSS vulnerabilities in the management web UI in the RabbitMQ management plugin before 3.4.3 allow remote authenticated users to inject arbitrary web script or HTML via 1 message details when a message is unqueued, such as headers or arguments; 2 policy names, which a...

UBUNTU-CVE-2015-0862

Multiple cross-site scripting XSS vulnerabilities in the management web UI in the RabbitMQ management plugin before 3.4.3 allow remote authenticated users to inject arbitrary web script or HTML via 1 message details when a message is unqueued, such as headers or arguments; 2 policy names, which a...

CVE-2015-0862

Multiple cross-site scripting XSS vulnerabilities in the management web UI in the RabbitMQ management plugin before 3.4.3 allow remote authenticated users to inject arbitrary web script or HTML via 1 message details when a message is unqueued, such as headers or arguments; 2 policy names, which a...

CVE-2015-0862

Multiple cross-site scripting XSS vulnerabilities in the management web UI in the RabbitMQ management plugin before 3.4.3 allow remote authenticated users to inject arbitrary web script or HTML via 1 message details when a message is unqueued, such as headers or arguments; 2 policy names, which a...

rabbitmq -- Security issues in management plugin

The RabbitMQ project reports: Some user-controllable content was not properly HTML-escaped before being presented to a user in the management web UI: When a user unqueued a message from the management UI, message details header names, arguments, etc. were displayed unescaped. An attacker could...

cassandra-info NSE Script

Attempts to get basic info and server status from a Cassandra database. For more information about Cassandra, see: Script Arguments creds.service, creds.global See the documentation for the creds library. Example Usage nmap -p 9160 --script=cassandra-info Script Output PORT STATE SERVICE REASON...

Cluster does not appear in nworks Enterprise Manager Web UI due to unsupported naming

Challenge When a name of a cluster contains unsupported characters, the following error can occur in the Enterprise Manager log server.txt file: INFO IMon Error: System.ArgumentException: An item with the same key has already been added. at System.ThrowHelper.ThrowArgumentExceptionExceptionResour...

Low: Red Hat Bug Fix Advisory: conga bug fix update

Updated conga packages that provide critical bug fixes are now available. The Conga package is a web-based administration tool for remote cluster and storage management. This erratum applies the following bug fixes: - The borrowed Zope packages used by Conga have been patched to eliminate a...