Lucene search
K

14 matches found

Tenable Nessus
Tenable Nessus
added 2021/10/27 12:0 a.m.58 views

NewStart CGSL CORE 5.05 / MAIN 5.05 : ipa Multiple Vulnerabilities (NS-SA-2021-0171)

The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has ipa packages installed that are affected by multiple vulnerabilities: - jQuery before 3.0.0 is vulnerable to Cross-site Scripting XSS attacks when a cross-domain Ajax request is performed without the dataType option, causin...

6.9CVSS6.6AI score0.99019EPSS
Exploits18References21
Tenable Nessus
Tenable Nessus
added 2021/02/01 12:0 a.m.62 views

CentOS 8 : idm:DL1 and idm:client (CESA-2020:4670)

The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2020:4670 advisory. - jquery: Cross-site scripting via cross-domain ajax requests CVE-2015-9251 - bootstrap: XSS in the data-target attribute CVE-2016-10735 - bootstrap:...

6.9CVSS7AI score0.99019EPSS
Exploits17References11
RedHat Linux
RedHat Linux
added 2020/11/04 1:31 a.m.267 views

Moderate: Red Hat Security Advisory: idm:DL1 and idm:client security, bug fix, and enhancement update

An update for the idm:DL1 and idm:client modules is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

6.9CVSS7.1AI score0.99019EPSS
Exploits17References62
Tenable Nessus
Tenable Nessus
added 2020/11/04 12:0 a.m.74 views

RHEL 8 : idm:DL1 and idm:client (RHSA-2020:4670)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:4670 advisory. Red Hat Identity Management IdM is a centralized authentication, identity management, and authorization solution for both traditional and...

6.9CVSS6.8AI score0.99019EPSS
Exploits17References74
OSV
OSV
added 2020/11/03 12:25 p.m.49 views

ALSA-2020:4670 Moderate: idm:DL1 and idm:client security, bug fix, and enhancement update

AlmaLinux Identity Management IdM is a centralized authentication, identity management, and authorization solution for both traditional and cloud-based enterprise environments. The following packages have been upgraded to a later upstream version: ipa 4.8.7, softhsm 2.6.0, opendnssec 2.1.6...

6.9CVSS8.2AI score0.99019EPSS
Exploits17References11
Tenable Nessus
Tenable Nessus
added 2020/10/28 12:0 a.m.49 views

Amazon Linux 2 : ipa (ALAS-2020-1519)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2020-1519 advisory. jQuery before 3.0.0 is vulnerable to Cross-site Scripting XSS attacks when a cross-domain Ajax request is performed without the dataType option, causing text/javascript responses to be executed...

6.9CVSS6.5AI score0.99019EPSS
Exploits18References21
Tenable Nessus
Tenable Nessus
added 2020/10/21 12:0 a.m.50 views

Scientific Linux Security Update : ipa on SL7.x x86_64 (20201001)

Security Fixes : - js-jquery: Cross-site scripting via cross-domain ajax requests CVE-2015-9251 - bootstrap: XSS in the data-target attribute CVE-2016-10735 - bootstrap: Cross-site Scripting XSS in the collapse data-parent attribute CVE-2018-14040 - bootstrap: Cross-site Scripting XSS in the...

6.9CVSS7.3AI score0.99019EPSS
Exploits17References11
Cent OS
Cent OS
added 2020/10/20 6:15 p.m.202 views

ipa, python2 security update

CentOS Errata and Security Advisory CESA-2020:3936 An update for ipa is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

6.9CVSS7.4AI score0.99019EPSS
Exploits17References7
Tenable Nessus
Tenable Nessus
added 2020/10/20 12:0 a.m.115 views

CentOS 7 : ipa (RHSA-2020:3936)

The remote CentOS Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:3936 advisory. - jQuery before 3.0.0 is vulnerable to Cross-site Scripting XSS attacks when a cross-domain Ajax request is performed without the dataType option,...

6.9CVSS6.7AI score0.99019EPSS
Exploits18References11
OpenVAS
OpenVAS
added 2020/09/29 12:0 a.m.22 views

Huawei EulerOS: Security Advisory for ipa (EulerOS-SA-2020-2073)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.4CVSS5.4AI score0.01047EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2020/09/02 12:0 a.m.25 views

EulerOS 2.0 SP5 : ipa (EulerOS-SA-2020-1918)

According to the version of the ipa packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - A flaw was found in all ipa versions 4.x.x through 4.8.0. When sending a very long password = 1,000,000 characters to the server, the password hashing...

5.4CVSS7.1AI score0.01047EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2020/06/17 12:0 a.m.35 views

EulerOS 2.0 SP2 : ipa (EulerOS-SA-2020-1679)

According to the version of the ipa packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - A flaw was found in all ipa versions 4.x.x through 4.8.0. When sending a very long password = 1,000,000 characters to the server, the password hashing...

5.4CVSS7.1AI score0.01047EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2020/06/16 12:0 a.m.31 views

Huawei EulerOS: Security Advisory for ipa (EulerOS-SA-2020-1679)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.4CVSS5.8AI score0.01047EPSS
Exploits0References2
CVE
CVE
added 2020/04/27 8:46 p.m.384 views

CVE-2020-1722

CVE-2020-1722 is confirmed in connected documents as a vulnerability affecting IPA (FreeIPA) in multiple Linux distributions. The issue occurs when a very long password (>= 1,000,000 characters) is processed by the server, causing memory and CPU exhaustion that can lead to a denial of service ...

5.4CVSS5.4AI score0.01047EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder