Important: Red Hat Security Advisory: Red Hat Ceph Storage 4.2 Security and Bug Fix update

An update is now available for Red Hat Ceph Storage 4.2. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links i...

CMS Made Simple 2.2.15 Remote Command Execution

Exploit Title: CMS Made Simple 2.2.15 - RCE Authenticated Author: Andrey Stoykov Vendor Homepage: https://www.cmsmadesimple.org/ Software Link: https://www.cmsmadesimple.org/downloads/cmsms Version: 2.2.15 Tested on: Debian 10 LAMPP Exploit and Detailed Info:...

CMS Made Simple 2.2.15 - RCE (Authenticated)

Exploit Title: CMS Made Simple 2.2.15 - RCE Authenticated Author: Andrey Stoykov Vendor Homepage: https://www.cmsmadesimple.org/ Software Link: https://www.cmsmadesimple.org/downloads/cmsms Version: 2.2.15 Tested on: Debian 10 LAMPP Exploit and Detailed Info:...

Moderate: Red Hat Security Advisory: Red Hat OpenShift Container Storage 4.6.0 security, bug fix, enhancement update

Updated images are now available for Red Hat OpenShift Container Storage 4.6.0 on Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

Moderate: Red Hat Security Advisory: Red Hat OpenShift Container Storage 4.6 bug fix and enhancement update

An update for mcg is now available for Red Hat OpenShift Container Storage 4.6.0 on RHEL-8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

CVE-2020-25234

A vulnerability has been identified in LOGO! 8 BM incl. SIPLUS variants All versions V8.3, LOGO! Soft Comfort All versions V8.3. The LOGO! program files generated and used by the affected components offer the possibility to save user-defined functions UDF in a password protected way. This...

CVE-2020-25234

A vulnerability has been identified in LOGO! 8 BM incl. SIPLUS variants All versions V8.3, LOGO! Soft Comfort All versions V8.3. The LOGO! program files generated and used by the affected components offer the possibility to save user-defined functions UDF in a password protected way. This...

Information disclosure

A vulnerability has been identified in LOGO! 8 BM incl. SIPLUS variants All versions V8.3, LOGO! Soft Comfort All versions V8.3. The LOGO! program files generated and used by the affected components offer the possibility to save user-defined functions UDF in a password protected way. This...

CVE-2020-25234

A vulnerability has been identified in LOGO! 8 BM incl. SIPLUS variants All versions V8.3, LOGO! Soft Comfort All versions V8.3. The LOGO! program files generated and used by the affected components offer the possibility to save user-defined functions UDF in a password protected way. This...

Aruba Networks ArubaOS Security Vulnerabilities

Aruba Networks ArubaOS is an operating system for Aruba Mobility-Defined Networks including Mobility Controllers and Mobility Access Switches from Aruba Networks, Inc. A security vulnerability exists in ArubaOS. No information about this vulnerability is available at this time, so please stay tun...

Aruba Networks ArubaOS Command Injection Vulnerability

Aruba Networks ArubaOS is an operating system for Aruba Mobility-Defined Networks including Mobility Controllers and Mobility Access Switches from Aruba Networks, Inc. A security vulnerability exists in ArubaOS. No information about this vulnerability is available at this time, so please stay tun...

OPENSUSE-SU-2020:2127-1 Security update for neomutt

This update for neomutt fixes the following issues: Update neomutt to 20201120. Address boo1179035, CVE-2020-28896. Security - imap: close connection on all failures Features - alias: add function to Alias/Query dialogs - config: add validators for imap,smtp,popauthenticators - config: warn when...

Cisco SD-WAN Software Elevation of Privilege Vulnerability

Cisco SD-WAN vManage is software from Cisco that provides software-defined networking capabilities. The software is a way to virtualize the network.Cisco SD-WAN vEdge is a router from Cisco. The device provides basic WAN, security and multi-cloud capabilities for Cisco SD-WAN solutions. An...

Vmware VMWare SD-WAN Orchestrator Authorization Issues Vulnerability

Vmware VMWare SD-WAN Orchestrator is a software from Vmware that orchestrates network data flows in a software-defined network architecture. The software provides Web pages to visually manage users, gateways, and authentication. An authorization issue vulnerability exists in VMware SD-WAN...

The vulnerability of the Snort intrusion detection system, which includes Cisco Firepower Threat Defense (FTD) for microprogramming network firewalls, Cisco SD-WAN for programmatically defined networks, Cisco IOS XE for network operating systems, and Cisco Meraki for networking devices, allows attackers to bypass security measures and execute malicious activities.

The vulnerability of the Snort intrusion detection system, the microprogramming software for Cisco Firepower Threat Defense FTD, the program-defined network Cisco SD-WAN, the Cisco IOS XE network operating system, and the microprogramming software for Cisco Meraki devices is related to a flaw in...

The vulnerability in the vManage web interface of the software-defined Cisco SD-WAN network allows a malicious individual to gain unauthorized access to protected information.

The vulnerability in the vManage web interface of the Cisco SD-WAN programmatically defined network is related to an incorrect path name limitation for accessing the directory. Exploiting this vulnerability could allow a malicious actor to gain unauthorized access to protected information...

The vulnerability in the vManage web interface of the software-defined Cisco SD-WAN network allows a malicious actor to gain unauthorized access to protected information and to modify, add, or delete data.

The vulnerability in the vManage web interface of the Cisco SD-WAN programmatically defined network is related to errors in restricting XML links to external objects. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information and to modify, add, or...

The vulnerability in the vManage web interface of the software-defined Cisco SD-WAN network allows a malicious actor to gain unauthorized access to protected information and to modify, add, or delete data.

The vulnerability in the vManage web interface of the Cisco SD-WAN program-defined network is related to errors in restricting XML links to external objects. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information and to modify, add, or delete data...

The vulnerability of the command-line interface (CLI) of the programmatically defined Cisco SD-WAN network allows a attacker to trigger a service failure.

The vulnerability of the command-line interface CLI of the programmatically defined Cisco SD-WAN network is related to an incorrect path name limitation for the directory. Exploiting this vulnerability could allow a attacker to cause service failures...

The vulnerability in the web-based management interface of Cisco SD-WAN allows a attacker to execute cross-site attacks.

The vulnerability in the Cisco SD-WAN programmatically-defined network management web interface is related to the lack of protective measures for the web page structure. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting attacks...