Huawei EulerOS: Security Advisory for dhcp (EulerOS-SA-2021-2578)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Redmine Information Disclosure Vulnerability (CNVD-2022-10738)

Redmine is an open source web-based project management and defect tracking tool. The product provides project management, issue tracking, and role-based access control, among other features.A security vulnerability exists in Redmine, which stems from a configuration or other error in the operatio...

The vulnerability of the Apache HTTP Server’s web server, related to defects in pathname restriction, allows attackers to execute arbitrary code or read arbitrary files on the target system.

The vulnerability of the Apache HTTP Server is related to deficiencies in pathname restriction. Exploiting this vulnerability allows a malicious actor to execute arbitrary code or read arbitrary files on the target system...

bugs 跨站脚本漏洞

Bugs is a branch of the open source Tinyissue defect tracking system by Alexandre Plennevaux, a personal developer in Belgium. bugs 1.8 and earlier versions of install/index.php are vulnerable to cross-site scripting, which can be exploited by remote attackers to inject arbitrary Web script or HT...

Security Bulletin: IBM Cloud Private is vulnerable to Helm vulnerabilities ( CVE-2021-21303)

Summary IBM Cloud Private is vulnerable to Helm vulnerabilities Vulnerability Details CVEID: CVE-2021-21303 DESCRIPTION: Helm could allow a local authenticated attacker to bypass security restrictions, caused by the failure to sanitized multiple fields in various .yaml files. By sending a...

Security Bulletin: IBM Cloud Private is vulnerable to a Go vulnerability (CVE-2021-3121)

Summary IBM Cloud Private is vulnerable to a Go vulnerability Vulnerability Details CVEID: CVE-2021-3121 DESCRIPTION: An unspecified error with the lack of certain index validation, aka the skippy peanut butter issue in GoGo Protobuf has an unknown impact and attack vector. CVSS Base score: 5.3...

Security Bulletin: IBM Cloud Private is vulnerable to OpenSSL vulnerabilities (CVE-2020-1971 )

Summary IBM Cloud Private is vulnerable to OpenSSL vulnerabilities Vulnerability Details CVEID: CVE-2020-1971 DESCRIPTION: OpenSSL is vulnerable to a denial of service, caused by a NULL pointer dereference. If the GENERALNAMEcmp function contain an EDIPARTYNAME, an attacker could exploit this...

CVE-2021-22435

There is a Configuration Defect Vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may affect service integrity and availability...

CVE-2021-22435

There is a Configuration Defect Vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may affect service integrity and availability...

Design/Logic Flaw

There is a Configuration Defect Vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may affect service integrity and availability...

CVE-2021-22435

There is a Configuration Defect Vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may affect service integrity and availability...

CVE-2021-22435

Technical details about CVE-2021-22435 are not publicly available in the provided documents. Monitor for updates from Huawei and other sources for affected products, components, and remediations.

Atlassian JIRA Server Cross-Site Scripting Vulnerability (CNVD-2021-55939)

Atlassian JIRA Server is the server version of a defect tracking management system from Atlassian Australia. The system is mainly used for tracking and managing various types of issues and defects in work. A cross-site scripting vulnerability exists in Atlassian Jira Server, which can be exploite...

Atlassian JIRA Server Cross-Site Scripting Vulnerability (CNVD-2021-55940)

Atlassian JIRA Server is the server version of a defect tracking management system from Atlassian Australia. The system is mainly used for tracking and managing various types of problems and defects in work. A cross-site scripting vulnerability exists in Atlassian JIRA Server, which can be...

CVE-2021-22343

There is a Configuration Defect vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may affect service integrity and availability...

CVE-2021-22343

There is a Configuration Defect vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may affect service integrity and availability...

Design/Logic Flaw

There is a Configuration Defect vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may affect service integrity and availability...

CVE-2021-22343

There is a Configuration Defect vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may affect service integrity and availability...

CVE-2021-22343

Technical details about CVE-2021-22343 (affected Huawei Smartphone) are not publicly provided in the supplied documents. Monitor for updates from official vendors and national/European feeds for confirmed impact, affected versions, and fixes.

CVE-2021-22352

There is a Configuration Defect Vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may allow attackers to hijack the device and forge UIs to induce users to execute malicious commands...