Lucene search
K

137 matches found

Tenable Nessus
Tenable Nessus
added 2023/08/03 12:0 a.m.18 views

SUSE SLES12 Security Update : SUSE Manager Client Tools (SUSE-SU-2023:3122-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2023:3122-1 advisory. python-tornado: - Security fixes: CVE-2023-28370: Fixed an open redirect issue in the static file handler bsc1211741 kiwi-desc-saltboot: -...

6.1CVSS6.6AI score0.01132EPSS
Exploits0References7
OpenVAS
OpenVAS
added 2023/08/03 12:0 a.m.14 views

SUSE: Security Advisory (SUSE-SU-2023:3144-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.1CVSS6.7AI score0.01132EPSS
Exploits0References6
OSV
OSV
added 2023/07/20 9:50 a.m.9 views

SUSE-SU-2023:2917-1 Security update for SUSE Manager Client Tools

This update fixes the following issues: grafana: - Update to version 9.5.5: CVE-2023-3128: Fix authentication bypass using Azure AD OAuth bsc1212641, jscPED-3694 Bug fixes: Auth: Show invite button if disable login form is set to false. Azure: Fix Kusto auto-completion for Azure datasources. RBAC...

9.8CVSS8.5AI score0.04094EPSS
Exploits1References7
OSV
OSV
added 2023/07/20 9:48 a.m.7 views

SUSE-SU-2023:2915-1 Security update for SUSE Manager Client Tools

This update fixes the following issues: grafana: - Update to version 9.5.5: CVE-2023-3128: Fix authentication bypass using Azure AD OAuth bsc1212641, jscPED-3694 Bug fixes: Auth: Show invite button if disable login form is set to false. Azure: Fix Kusto auto-completion for Azure datasources. RBAC...

9.8CVSS8.5AI score0.04094EPSS
Exploits1References7
OpenVAS
OpenVAS
added 2023/07/10 12:0 a.m.20 views

SUSE: Security Advisory (SUSE-SU-2023:2794-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.6AI score0.03776EPSS
Exploits0References4
vulnersOsv
vulnersOsv
added 2023/07/06 9:14 p.m.4 views

org.apache.inlong:manager-client (>=1.4.0 <=1.6.0), org.apache.inlong:manager-client-examples (>=1.4.0 <=1.6.0) +2 more potentially affected by CVE-2023-31058 via org.apache.inlong:manager-common (>=1.4.0 <=1.6.0)

org.apache.inlong:manager-common MAVEN version =1.4.0, =1.4.0, =1.4.0, =1.4.0, =1.4.0, =1.6.0 Source cves: CVE-2023-31058 Source advisory: OSV:GHSA-C3RH-F2W5-FGHM...

7.5CVSS7.1AI score0.01228EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2023/06/22 12:0 a.m.36 views

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : SUSE Manager Client Tools (SUSE-SU-2023:2575-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:2575-1 advisory. grafana: - Version update from 8.5.22 to 9.5.1 jscPED-3694: Security fixes: - CVE-2023-1410:...

9.8CVSS6.8AI score0.68603EPSS
Exploits8References38
OpenVAS
OpenVAS
added 2023/06/22 12:0 a.m.30 views

SUSE: Security Advisory (SUSE-SU-2023:2578-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS8.5AI score0.68603EPSS
Exploits9References19
OSV
OSV
added 2023/06/21 11:52 a.m.10 views

SUSE-SU-2023:2579-1 Security update for SUSE Manager Client Tools

This update fixes the following issues: grafana: - Version update from 8.5.22 to 9.5.1 jscPED-3694: Security fixes: - CVE-2023-1410: grafana: Stored XSS in Graphite FunctionDescription tooltip bsc1209645 - CVE-2023-1387: grafana: JWT URL-login flow leaks token to data sources through request...

9.8CVSS8AI score0.68603EPSS
Exploits9References34
OSV
OSV
added 2023/06/21 11:49 a.m.9 views

SUSE-SU-2023:2578-1 Security update for SUSE Manager Client Tools

This update fixes the following issues: bind: - Provide bind dependencies and solve installation issues on SUSE Linux Enterprise Micro - There are no source changes dracut-saltboot: - Update to version 0.1.1681904360.84ef141 Load network configuration even when missing protocol version bsc1210640...

9.8CVSS7.8AI score0.68603EPSS
Exploits9References32
OSV
OSV
added 2023/06/21 11:42 a.m.9 views

SUSE-SU-2023:2575-1 Security update for SUSE Manager Client Tools

This update fixes the following issues: grafana: - Version update from 8.5.22 to 9.5.1 jscPED-3694: Security fixes: - CVE-2023-1410: grafana: Stored XSS in Graphite FunctionDescription tooltip bsc1209645 - CVE-2023-1387: grafana: JWT URL-login flow leaks token to data sources through request...

9.8CVSS7.7AI score0.68603EPSS
Exploits8References25
OpenVAS
OpenVAS
added 2023/05/12 12:0 a.m.31 views

SUSE: Security Advisory (SUSE-SU-2023:2183-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS8.9AI score0.03931EPSS
Exploits1References15
OSV
OSV
added 2023/05/11 4:53 p.m.5 views

SUSE-SU-2023:2183-1 Security update for SUSE Manager Client Tools

This update fixes the following issues: golang-github-prometheus-alertmanager: - Security issues fixed: CVE-2022-46146: Fix authentication bypass via cache poisoning bsc1208051 prometheus-blackboxexporter: - Security issues fixed: CVE-2022-46146: Fix authentication bypass via cache poisoning...

8.8CVSS8.7AI score0.03931EPSS
Exploits1References17
OSV
OSV
added 2023/05/11 4:51 p.m.6 views

SUSE-SU-2023:2182-1 Security update for SUSE Manager Client Tools

This update fixes the following issues: prometheus-blackboxexporter: - Security issues fixed: CVE-2022-46146: Fix authentication bypass via cache poisoning bsc1208062 - Other non-security bugs fixed and changes: Add minversion parameter of tlsconfig to allow enabling TLS 1.0 and 1.1 bsc1209113 On...

8.8CVSS9AI score0.01339EPSS
Exploits1References10
OSV
OSV
added 2023/04/19 3:9 a.m.7 views

SUSE-SU-2023:1903-1 Security update for SUSE Manager Client Tools

This update fixes the following issues: grafana version update from 8.5.20 to 8.5.22: - Security issues fixed: CVE-2023-1410: Fix XSS in Graphite functions tooltip bsc1209645 CVE-2023-0507: Apply attribute sanitation to GeomapPanel bsc1208821 CVE-2023-0594: Avoid storing XSS in TraceView panel...

7.3CVSS6.3AI score0.1546EPSS
Exploits1References7
OSV
OSV
added 2023/04/19 3:8 a.m.6 views

SUSE-SU-2023:1902-1 Security update for SUSE Manager Client Tools

This update fixes the following issues: grafana version update from 8.5.20 to 8.5.22: - Security issues fixed: CVE-2023-1410: Fix XSS in Graphite functions tooltip bsc1209645 CVE-2023-0507: Apply attribute sanitation to GeomapPanel bsc1208821 CVE-2023-0594: Avoid storing XSS in TraceView panel...

7.3CVSS6.3AI score0.1546EPSS
Exploits1References7
OpenVAS
OpenVAS
added 2023/03/28 12:0 a.m.26 views

SUSE: Security Advisory (SUSE-SU-2023:0812-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS7.2AI score0.04561EPSS
Exploits1References11
OSV
OSV
added 2023/02/10 2:12 p.m.10 views

SUSE-SU-2023:0352-1 Security update for SUSE Manager Client Tools

This update fixes the following issues: grafana: - Update to version 8.5.15 jscPED-2617: CVE-2022-39306: Fix for privilege escalation bsc1205225 CVE-2022-39307: Omit error from http response when user does not exists bsc1205227 - Update to version 8.5.14: CVE-2022-39201: Fix do not forward login...

8.1CVSS6.7AI score0.01228EPSS
Exploits0References18
OSV
OSV
added 2023/01/30 10:11 a.m.16 views

MAL-2023-994 Malicious code in yandex-yt-transfer-manager-client (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware b5e8ad10f31088a063adf3ff93799c1850d56418c603e0af2e811977873b7ae6 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7.2AI score
Exploits0References1
Snyk
Snyk
added 2023/01/29 3:29 p.m.2 views

Malicious Package

Overview yandex-yt-transfer-manager-client is a malicious package. The package's name is based on existing repositories, namespaces, or components used by popular companies in an effort to trick employees into downloading it, also known as 'dependency confusion'. Therefore, you're only vulnerable...

9.8CVSS7.1AI score
Exploits0References3
Rows per page
Query Builder