Hitachi Energy RTU500

SUMMARY Hitachi Energy is aware of vulnerabilities that affect RTU500 product versions listed in this document. If exploited, these vulnerabilities primarily impact product availability, with potential secondary impacts on confidentiality and integrity. Please refer to the Recommended Immediate...

Veeam Backup & Replication 13.0.1 In-Place Upgrade Version Requirement

Challenge When attempting to upgrade an existing Veeam Backup & Replication deployment to version 13.0.1, the installer displays a message stating: Unable to upgrade Veeam Backup & Replication: you can upgrade from version 12.3.1.1139 or later only. Solution Before attempting an in-place upgrade ...

Siemens SIMATIC Virtualization as a Service (SIVaaS)

SUMMARY SIMATIC Virtualization as a Service SIVaaS is affected by a vulnerability which exposes a network share without any authentication. This could allow an attacker to access or alter sensitive data without proper authorization. Siemens recommends to contact technical support to fix the...

Unable to Login to Web UI After Enabling MFA

Article Applicability This article is regarding a issue that was discovered in Veeam Recovery Orchestrator build 7.2.1.286, which was available for download between 2025-07-08 and 2025-07-17. The issue documented in this article was discovered, confirmed, and patched and a new build was released...

ROS-2-347

2.347 Notification on the update of MIS OPERATION SYSTEM "RED OS" No. RU.29926343.02.01-01-24 RED SOFT LLC notifies about the completion of the testing procedure and release of the updated RED OS 7.3 distribution. In order to update your copy of RED OS to the current state, you need to perform a...

Qualys Updates Login Page to Improve User Experience and Highlight Latest Qualys News

With an eye to updating the overall user experience UI, continuing to fortify security, and keeping you informed of the latest Qualys news, were optimizing our login at the end of May 2024. This UI overhaul of sorts aims not only to refresh the aesthetic appeal but also to integrate robust...

Security Bulletin: Unauthorized Access to Table Vulnerability in DB2 (CVE-2013-4033)

Abstract A vulnerability in IBM DB2 could allow an authenticated user holding EXPLAIN authority to temporarily gain SELECT, INSERT, UPDATE or DELETE privilege on a table. Content VULNERABILITY DETAILS CVE ID: CVE-2013-4033 DESCRIPTION: The IBM DB2 products listed below contain a security...

ROS-2-2450

2.2450 Notification on the update of the Red OS OPERATING SYSTEM MIS Due to quality improvement and bug fixing, an updated version of the "RED OS" Operating System "RED OS" 7.3 antimalware protection system has been released. You can contact the technical support service within the framework of...

Security Bulletin: A cross-site scripting vulnerability in Angular.js affects IBM InfoSphere Information Server

Summary A cross-site scripting vulnerability in Angular.js used by IBM InfoSphere Information Server was addressed. Vulnerability Details CVEID: CVE-2020-7676 DESCRIPTION: angular.js is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote attacker cou...

CVE-2020-10374

A webserver component in Paessler PRTG Network Monitor 19.2.50 to PRTG 20.1.56 allows unauthenticated remote command execution via a crafted POST request or the what parameter of the screenshot function in the Contact Support form...

Command injection

A webserver component in Paessler PRTG Network Monitor 19.2.50 to PRTG 20.1.56 allows unauthenticated remote command execution via a crafted POST request or the what parameter of the screenshot function in the Contact Support form...

CVE-2020-10374

A webserver component in Paessler PRTG Network Monitor 19.2.50 to PRTG 20.1.56 allows unauthenticated remote command execution via a crafted POST request or the what parameter of the screenshot function in the Contact Support form...

Receiver for Android - Error Code 546 or 547

This article is intended for Citrix administrators and technical teams only. Non-admin users must contact their company’s Help Desk/IT support team and can refer to CTX297149 for more information. Users see one of the following error codes when trying to add a PNA or XenApp store to Receiver for...

Security Bulletin: IBM Disposal and Governance Management for IT and IBM Global Retention Policy and Schedule Management vulnerable to cross-site request forgery (CSRF)

Summary The "notice confirmation" functionality in IBM Disposal and Governance Management for IT and IBM Global Retention Policy and Schedule Management, components of IBM Atlas Policy Suite, is impacted by a vulnerability that allows cross-site request forgery. Both products have addressed this...

Security Bulletin: A vulnerability in XStream affects IBM InfoSphere Information Governance components

Summary A vulnerability in XStream was addressed by IBM InfoSphere Information Governance Catalog, IBM InfoSphere Information Server Business Glossary, and IBM InfoSphere Information Server Business Glossary Client for Eclipse. Vulnerability Details CVEID: CVE-2017-7957 DESCRIPTION: XStream is...

Security Bulletin: IBM® DB2® contains a file disclosure vulnerability in the database automated maintenance feature (CVE-2015-1883)

Summary IBM DB2 contains a file disclosure vulnerability in the database automated maintenance feature. A remote, authenticated DB2 user with elevated privilege could exploit this vulnerability by manipulating an automated maintenance policy stored procedure to view any files owned by the DB2...

Ethicon Endo-Surgery Generator G11 Vulnerability

OVERVIEW Johnson & Johnson, the parent company of Ethicon Endo-Surgery, LLC, reported an improper authentication vulnerability in the Ethicon Endo-Surgery Generator Gen11. EthiconEndo-Surgery, LLC has produced updates that mitigate this vulnerability in the affected product. AFFECTED PRODUCTS The...

SiT! Support Incident Tracker 3.64 XSS / XSRF / SQL Injection

Vulnerability ID: HTB23043 Reference: https://www.htbridge.ch/advisory/multiplevulnerabilitiesinsitsupportincidenttracker.html Product: SiT! Support Incident Tracker Vendor: The Support Incident Tracker Project http://sitracker.org/ Vulnerable Version: 3.64 and probably prior Tested Version: 3.64...

badblue.txt

BadBlue Arbitrary Administrative Actions Vulnerability I. Synopsis Author: Matthew Murphy [email protected] Release Date: April 20, 2003 Vendor References: http://www.badblue.com http://www.badblue.com/down.htm Affected Systems: BadBlue 2.15 and prior Risk: High Issue: A vulnerability enabling...

ROS-2-4618

2.4618 Notification on the update of the Red OS OPERATIONAL SYSTEM MIS Due to quality improvement and bug fixing, an updated version of the firewall Operating System "RED OS" 7.3 has been released. You can contact the technical support service within the framework of your existing technical suppo...