15 matches found
CVE-2021-41090
Grafana Agent is a telemetry collector for sending metrics, logs, and trace data to the opinionated Grafana observability stack. Prior to versions 0.20.1 and 0.21.2, inline secrets defined within a metrics instance config are exposed in plaintext over two endpoints: metrics instance configs defin...
EUVD-2016-0388
Malware in sbrugna...
EUVD-2019-3656
Malware in sbrugna...
EUVD-2021-21870
Malware in sbrugna...
CVE-2019-12000
HPE has found a potential Remote Access Restriction Bypass in HPE MSE Msg Gw application E-LTU prior to version 3.2 when HTTPS is used between the USSD and an external USSD service logic application. Update to version 3.2 and update the HTTPS configuration as described in the HPE MSE Messaging...
Session Recording 2402 - Sessions not getting recorded even though Session Recording is enabled
When the user logs on, users were not seeing the Session Recording notification and also the sessions did not get recorded. We can see some 0KB files on the server side. Session Recording policy was set to record sessions for all users with notification. Session Recording Agent was configured to...
How to configure Responder policy to redirect http request to https
This article provide a Responder policy sample to achieve of redirecting http traffic to https for Content Switching Virtual Server with Responder policy in NetScaler. Policy is both applicable for http/ssl type Load balance virtual server...
Security Bulletin: A security vulnerability has been identified in 10x shipped with IBM Standards Processing Engine and IBM Transformation Extender Advanced (CVE-2016-0341)
Summary A missing HTTP header has been addressed in IBM 10x, which is shipped in IBM Standards Processing Engine and IBM Transformation Extender Advanced. Vulnerability Details CVEID: CVE-2016-0341 DESCRIPTION: IBM 10x could allow a malicious user to obtain highly sensitive information due to...
Denial Of Service (DoS)
github.com/Dreamacro/clash is vulnerable to denial of service. The vulnerability exists because the library does not limit the http or https configuration files, allowing an attacker to crash the application by providing an embedded malicious iframe with a crafted URL...
CVE-2021-35227
The HTTP interface was enabled for RabbitMQ Plugin in ARM 2020.2.6 and the ability to configure HTTPS was not available...
CVE-2021-35227
CVE-2021-35227 affects SolarWinds ARM with RabbitMQ Plugin on version 2020.2.6, where the HTTP interface was enabled and HTTPS configuration was unavailable. The issue arises from exposing an HTTP management interface without HTTPS configuration. CVSS data in sources show a high impact (CVSS3.1 b...
CVE-2019-12000
HPE has found a potential Remote Access Restriction Bypass in HPE MSE Msg Gw application E-LTU prior to version 3.2 when HTTPS is used between the USSD and an external USSD service logic application. Update to version 3.2 and update the HTTPS configuration as described in the HPE MSE Messaging...
CVE-2019-12000
CVE-2019-12000 relates to the HPE MSE Msg Gw application E-LTU prior to version 3.2, where a potential Remote Access Restriction Bypass exists when HTTPS is used between the USSD and an external USSD service logic application. Affected component: HPE MSE Messaging Gateway (E-LTU); root cause: ins...
Making the Grade: Achieve SSL Labs A+ Grade with Imperva WAF
We all woke up to a new reality early last year. HTTPS adoption has reached the tipping point, meaning that more than half of web traffic is encrypted. The benefits of encrypting your traffic are obvious, right? It’s essentially about you securing data being transmitted by authenticating web...
DSA-2246-1 mahara - several vulnerabilities
Bulletin has no description...