Lucene search
K

72 matches found

openvas
openvas
added 2021/06/09 12:0 a.m.16 views

SUSE: Security Advisory (SUSE-SU-2019:2736-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7AI score0.0461EPSS
Exploits0References2
nessus
nessus
added 2021/05/18 12:0 a.m.36 views

EulerOS 2.0 SP8 : ceph (EulerOS-SA-2021-1866)

According to the version of the ceph packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - A flaw was found in ceph in versions prior to 16.y.z where ceph stores mgr module passwords in clear text. This can be found by searching the mgr log...

4.4CVSS6.1AI score0.00269EPSS
Exploits0References2
ibm
ibm
added 2021/04/28 6:35 p.m.22 views

Security Bulletin: Multiple vulnerabilities in WebSphere Application Server affect IBM Rational products based on IBM Jazz technology

Summary Multiple vulnerabilities in WebSphere Application Server traditional and Liberty bundled with IBM Jazz Team Server based Applications affect the following products: Collaborative Lifecycle Management CLM, Rational DOORS Next Generation RDNG, Rational Engineering Lifecycle Manager RELM,...

5.3CVSS0.5AI score0.02396EPSS
Exploits0Affected Software7
nessus
nessus
added 2021/04/09 12:0 a.m.55 views

SUSE SLED15 / SLES15 Security Update : ceph (SUSE-SU-2021:1108-1)

This update for ceph fixes the following issues : ceph was updated to to 15.2.9 cephadm: fix 'inspect' and 'pull' bsc1182766 CVE-2020-27839: mgr/dashboard: Use secure cookies to store JWT Token bsc1179997 CVE-2020-25678: Do not add sensitive information in Ceph log files bsc1178905...

5.4CVSS6AI score0.02449EPSS
Exploits0References19
veracode
veracode
added 2021/03/11 10:54 p.m.37 views

Information Disclosure

ceph is vulnerable to information disclosure. The vulnerability exists due to the password stored in mgr logs for gradana and dashboard...

4.4CVSS1.2AI score0.00269EPSS
Exploits0References9Affected Software5
nessus
nessus
added 2021/01/28 12:0 a.m.195 views

Ubuntu 20.04 LTS : Ceph vulnerabilities (USN-4706-1)

The remote Ubuntu 20.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-4706-1 advisory. Olle Segerdahl found that ceph-mon and ceph-mgr daemons did not properly restrict access, resulting in gaining access to unauthorized resources. An...

8.8CVSS7AI score0.01619EPSS
Exploits0References4
prion
prion
added 2021/01/08 6:15 p.m.34 views

Design/Logic Flaw

A flaw was found in ceph in versions prior to 16.y.z where ceph stores mgr module passwords in clear text. This can be found by searching the mgr logs for grafana and dashboard, with passwords visible...

2.1CVSS4.9AI score0.00269EPSS
Exploits0References5Affected Software3
ubuntucve
ubuntucve
added 2021/01/08 6:15 p.m.41 views

CVE-2020-25678

A flaw was found in ceph in versions prior to 16.y.z where ceph stores mgr module passwords in clear text. This can be found by searching the mgr logs for grafana and dashboard, with passwords visible...

4.4CVSS6.7AI score0.00269EPSS
Exploits0References5
cvelist
cvelist
added 2021/01/08 5:59 p.m.30 views

CVE-2020-25678

A flaw was found in ceph in versions prior to 16.y.z where ceph stores mgr module passwords in clear text. This can be found by searching the mgr logs for grafana and dashboard, with passwords visible...

5AI score0.00269EPSS
Exploits0References5
cve
cve
added 2020/06/12 1:14 p.m.50 views

CVE-2020-9647

CVE-2020-9647 affects Adobe Experience Manager versions 6.5 and earlier, with a DOM-based cross-site scripting vulnerability that could lead to arbitrary JavaScript execution in the browser. Connected sources confirm the affected product and the vulnerability class; no exploitation details are pr...

6.1CVSS5.9AI score0.02441EPSS
Exploits0References1Affected Software1
nessus
nessus
added 2019/10/23 12:0 a.m.42 views

SUSE SLED15 / SLES15 Security Update : ceph, ceph-iscsi, ses-manual_en (SUSE-SU-2019:2736-1)

This update for ceph, ceph-iscsi and ses-manualen fixes the following issues : Security issues fixed : CVE-2019-10222: Fixed RGW crash caused by unauthenticated clients. bsc1145093 Non-security issues-fixed: ceph-volume: prints errors to stdout with --format json bsc1132767 mgr/dashboard: Changin...

7.5CVSS7.3AI score0.0461EPSS
Exploits0References25
veeam
veeam
added 2019/04/30 12:0 a.m.25 views

Veeam Management Pack 8.0 Update 6 cumulative patch for Veeam Backup & Replication monitoring

Challenge Veeam Management Pack 8.0 Update 6 cumulative patch for Veeam Backup & Replication monitoring. Cause Veeam Support has received quite enough customer feedback on issues related to MP for Veeam Backup & Replication provided as part of Veeam Management Pack for System Center. For example,...

6.8AI score
Exploits0
ibm
ibm
added 2018/06/17 2:40 p.m.43 views

Security Bulletin: Security Vulnerabilities Addressed in Asset and Service Mgmt

Summary HTTP Response Splitting, Information Disclosure, SQL Injection, Security Bypass, Inadequate/Poor Input Control, Cross Site Scripting, and Gain Privileges vulnerabilities in Maximo Asset Mgmt, Tivoli Asset Mgmt for IT, Tivoli Service Request Mgr, Change and Configuration Mgmt Database, and...

6.5CVSS0.1AI score0.01803EPSS
Exploits0Affected Software12
cnvd
cnvd
added 2018/03/02 12:0 a.m.3 views

RLE Wi-MGR/FDS-Wi Web Server Cross-Site Scripting Vulnerability

RLE Wi-MGR/FDS-Wi is a wireless monitoring device. web server is a web server used in it. A cross-site scripting vulnerability exists in the web server of the RLE Wi-MGR/FDS-Wi version 6.2. A remote attacker can exploit this vulnerability to inject malicious JavaScript code via the device's BACne...

6.1CVSS6.5AI score0.0078EPSS
Exploits1References1
nvd
nvd
added 2018/02/21 1:29 a.m.20 views

CVE-2018-7277

An issue was discovered on RLE Wi-MGR/FDS-Wi 6.2 devices. Persistent XSS exists in the web server. Remote attackers can inject malicious JavaScript code using the device's BACnet implementation. This is similar to a Cross Protocol Injection with SNMP...

6.1CVSS6.3AI score0.0078EPSS
Exploits1References1
prion
prion
added 2018/02/21 1:29 a.m.15 views

Cross site scripting

An issue was discovered on RLE Wi-MGR/FDS-Wi 6.2 devices. Persistent XSS exists in the web server. Remote attackers can inject malicious JavaScript code using the device's BACnet implementation. This is similar to a Cross Protocol Injection with SNMP...

4.3CVSS6.2AI score0.0078EPSS
Exploits1References1Affected Software2
cvelist
cvelist
added 2018/02/21 1:0 a.m.19 views

CVE-2018-7277

An issue was discovered on RLE Wi-MGR/FDS-Wi 6.2 devices. Persistent XSS exists in the web server. Remote attackers can inject malicious JavaScript code using the device's BACnet implementation. This is similar to a Cross Protocol Injection with SNMP...

6.3AI score0.0078EPSS
Exploits1References1
cve
cve
added 2018/02/21 1:0 a.m.32 views

CVE-2018-7277

CVE-2018-7277 affects RLE Wi-MGR/FDS-Wi 6.2 devices. A persistent XSS in the device web server, exploited via the BACnet implementation, allows remote attackers to inject malicious JavaScript. The issue is described as similar to a Cross Protocol Injection with SNMP. No explicit remediation or pa...

6.1CVSS6.2AI score0.0078EPSS
Exploits1References1Affected Software1
prion
prion
added 2017/08/11 7:29 p.m.18 views

Privilege escalation

Adobe Experience Manager 6.2 and earlier has a malicious file execution vulnerability...

7.5CVSS9.4AI score0.08624EPSS
Exploits0References3Affected Software1
cnvd
cnvd
added 2016/06/02 12:0 a.m.2 views

Weak password vulnerability in the background management system of the website built by Luoyang Chancheng Network Technology Co.

Ltd. built website background management system is a website positioning analysis and recommendations, including website planning layout and structure of a complete set of solutions. There is a weak password vulnerability in the file /mgr/login.php of the background management system of the websi...

6.8AI score
Exploits0
Rows per page
Query Builder