14 matches found
Security Bulletin: Kafka client library upgraded to kafka-clients-3.9.1
Summary Kafka client library upgraded to kafka-clients-3.9.1. Vulnerability Details CVEID:CVE-2025-27818 DESCRIPTION: A possible security vulnerability has been identified in Apache Kafka. This requires access to a alterConfig to the cluster resource, or Kafka Connect worker, and the ability to...
APSB25-61 : Security update available for Adobe Connect
Adobe has released a security update for Adobe Connect. This update resolves a critical vulnerability that could lead to arbitrary code execution...
CVE-2025-43567
Adobe Connect 12.8 and earlier are affected by a reflected XSS vulnerability in vulnerable form fields. The issue allows an attacker to inject malicious JavaScript which can be executed in a victim’s browser, potentially enabling session takeover and raising confidentiality and integrity impact. ...
Adobe Connect Cross-Site Scripting Vulnerability (CNVD-2025-02098)
Adobe Connect is a software for creating meeting environments from the American company Audobee Adobe. A cross-site scripting vulnerability exists in Adobe Connect version 12.6 and earlier and version 11.4.7 and earlier, which can be exploited by an attacker to inject malicious script into...
Adobe Connect Input Validation Error Vulnerability (CNVD-2025-02845)
Adobe Connect is a software for creating meeting environments from the American company Audobee Adobe. An input validation error vulnerability exists in Adobe Connect, which stems from the system's failure to appropriately handle target jumps, and can be exploited by an attacker to redirect a use...
Adobe Connect Cross-Site Scripting Vulnerability (CNVD-2024-48908)
Adobe Connect is a software for creating meeting environments from the American company Audobee Adobe. A cross-site scripting vulnerability exists in Adobe Connect, which can be exploited by an attacker to inject malicious script into vulnerable form fields...
CVE-2024-54037
Adobe Connect is affected by a DOM-based XSS vulnerability in versions 12.6, 11.4.7 and earlier. Exploitation requires user interaction (crafted URL or input) and can lead to arbitrary code execution in the victim’s browser, with potential session takeover and high confidentiality/integrity impac...
CVE-2024-49550 Adobe Connect | Cross-site Scripting (Reflected XSS) (CWE-79)
Adobe Connect versions 12.6, 11.4.7 and earlier are affected by a reflected Cross-Site Scripting XSS vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser...
APSB24-99 : Security update available for Adobe Connect
Adobe has released a security update for Adobe Connect. This update resolves critical, important and moderate vulnerabilities. Successful exploitation could lead to arbitrary code execution, privilege escalation and security feature bypass...
PT-2023-19973
Name of the Vulnerable Software and Affected Versions Apache Kafka Connect versions prior to 3.4.0 Apache Kafka versions 2.3.0 through 3.3.x Bitbucket Data Center and Server versions 7.21.0 through 8.12.0 Description A possible security vulnerability has been identified in Apache Kafka Connect AP...
OESA-2022-2062 kafka security update
Apache Kafka is an open-source distributed event streaming platform used by thousands of companies for high-performance data pipelines, streaming analytics, data integration, and mission-critical applications. Security Fixes: When Connect workers in Apache Kafka 2.0.0, 2.0.1, 2.1.0, 2.1.1, 2.2.0,...
Consul’s Envoy TLS Configuration Did Not Validate Destination Service Subject Alternative Names
Summary A vulnerability was identified in Consul and Consul Enterprise “Consul” such that the Envoy proxy configuration for Consul Connect does not mutually verify the destination service identity. This vulnerability, CVE-2021-32574, affects Consul versions 1.3.0 up to 1.10.0, and is fixed in the...
Fedora 28 : kde-connect (2018-0741f1ca08)
Security fix release, Changes since 1.3.1 : - Security fix Don't disable all modern SSH encryption algorithms. - Remote media player info didn't update under some circumstances. - Remove characters from commands UUIDs that aren't legal in URLs. - New notifications now appear on top and not in the...
Authentication flaw
Adobe Connect versions 9.7.5 and earlier have an exploitable Authentication Bypass vulnerability. Successful exploitation could lead to sensitive information disclosure...