72 matches found
SUSE: Security Advisory (SUSE-SU-2019:2736-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS 2.0 SP8 : ceph (EulerOS-SA-2021-1866)
According to the version of the ceph packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - A flaw was found in ceph in versions prior to 16.y.z where ceph stores mgr module passwords in clear text. This can be found by searching the mgr log...
Security Bulletin: Multiple vulnerabilities in WebSphere Application Server affect IBM Rational products based on IBM Jazz technology
Summary Multiple vulnerabilities in WebSphere Application Server traditional and Liberty bundled with IBM Jazz Team Server based Applications affect the following products: Collaborative Lifecycle Management CLM, Rational DOORS Next Generation RDNG, Rational Engineering Lifecycle Manager RELM,...
SUSE SLED15 / SLES15 Security Update : ceph (SUSE-SU-2021:1108-1)
This update for ceph fixes the following issues : ceph was updated to to 15.2.9 cephadm: fix 'inspect' and 'pull' bsc1182766 CVE-2020-27839: mgr/dashboard: Use secure cookies to store JWT Token bsc1179997 CVE-2020-25678: Do not add sensitive information in Ceph log files bsc1178905...
Information Disclosure
ceph is vulnerable to information disclosure. The vulnerability exists due to the password stored in mgr logs for gradana and dashboard...
Ubuntu 20.04 LTS : Ceph vulnerabilities (USN-4706-1)
The remote Ubuntu 20.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-4706-1 advisory. Olle Segerdahl found that ceph-mon and ceph-mgr daemons did not properly restrict access, resulting in gaining access to unauthorized resources. An...
Design/Logic Flaw
A flaw was found in ceph in versions prior to 16.y.z where ceph stores mgr module passwords in clear text. This can be found by searching the mgr logs for grafana and dashboard, with passwords visible...
CVE-2020-25678
A flaw was found in ceph in versions prior to 16.y.z where ceph stores mgr module passwords in clear text. This can be found by searching the mgr logs for grafana and dashboard, with passwords visible...
CVE-2020-25678
A flaw was found in ceph in versions prior to 16.y.z where ceph stores mgr module passwords in clear text. This can be found by searching the mgr logs for grafana and dashboard, with passwords visible...
CVE-2020-9647
CVE-2020-9647 affects Adobe Experience Manager versions 6.5 and earlier, with a DOM-based cross-site scripting vulnerability that could lead to arbitrary JavaScript execution in the browser. Connected sources confirm the affected product and the vulnerability class; no exploitation details are pr...
SUSE SLED15 / SLES15 Security Update : ceph, ceph-iscsi, ses-manual_en (SUSE-SU-2019:2736-1)
This update for ceph, ceph-iscsi and ses-manualen fixes the following issues : Security issues fixed : CVE-2019-10222: Fixed RGW crash caused by unauthenticated clients. bsc1145093 Non-security issues-fixed: ceph-volume: prints errors to stdout with --format json bsc1132767 mgr/dashboard: Changin...
Veeam Management Pack 8.0 Update 6 cumulative patch for Veeam Backup & Replication monitoring
Challenge Veeam Management Pack 8.0 Update 6 cumulative patch for Veeam Backup & Replication monitoring. Cause Veeam Support has received quite enough customer feedback on issues related to MP for Veeam Backup & Replication provided as part of Veeam Management Pack for System Center. For example,...
Security Bulletin: Security Vulnerabilities Addressed in Asset and Service Mgmt
Summary HTTP Response Splitting, Information Disclosure, SQL Injection, Security Bypass, Inadequate/Poor Input Control, Cross Site Scripting, and Gain Privileges vulnerabilities in Maximo Asset Mgmt, Tivoli Asset Mgmt for IT, Tivoli Service Request Mgr, Change and Configuration Mgmt Database, and...
RLE Wi-MGR/FDS-Wi Web Server Cross-Site Scripting Vulnerability
RLE Wi-MGR/FDS-Wi is a wireless monitoring device. web server is a web server used in it. A cross-site scripting vulnerability exists in the web server of the RLE Wi-MGR/FDS-Wi version 6.2. A remote attacker can exploit this vulnerability to inject malicious JavaScript code via the device's BACne...
CVE-2018-7277
An issue was discovered on RLE Wi-MGR/FDS-Wi 6.2 devices. Persistent XSS exists in the web server. Remote attackers can inject malicious JavaScript code using the device's BACnet implementation. This is similar to a Cross Protocol Injection with SNMP...
Cross site scripting
An issue was discovered on RLE Wi-MGR/FDS-Wi 6.2 devices. Persistent XSS exists in the web server. Remote attackers can inject malicious JavaScript code using the device's BACnet implementation. This is similar to a Cross Protocol Injection with SNMP...
CVE-2018-7277
An issue was discovered on RLE Wi-MGR/FDS-Wi 6.2 devices. Persistent XSS exists in the web server. Remote attackers can inject malicious JavaScript code using the device's BACnet implementation. This is similar to a Cross Protocol Injection with SNMP...
CVE-2018-7277
CVE-2018-7277 affects RLE Wi-MGR/FDS-Wi 6.2 devices. A persistent XSS in the device web server, exploited via the BACnet implementation, allows remote attackers to inject malicious JavaScript. The issue is described as similar to a Cross Protocol Injection with SNMP. No explicit remediation or pa...
Privilege escalation
Adobe Experience Manager 6.2 and earlier has a malicious file execution vulnerability...
Weak password vulnerability in the background management system of the website built by Luoyang Chancheng Network Technology Co.
Ltd. built website background management system is a website positioning analysis and recommendations, including website planning layout and structure of a complete set of solutions. There is a weak password vulnerability in the file /mgr/login.php of the background management system of the websi...