267 matches found
IBM WebSphere HCL Digital Experience - Server-Side Request Forgery
IBM WebSphere HCL Digital Experience is vulnerable to server-side request forgery that impacts on-premise deployments and containers. id: CVE-2021-27748 info: name: IBM WebSphere HCL Digital Experience - Server-Side Request Forgery author: pdteam severity: high description: | IBM WebSphere HCL...
EUVD-2021-21073
Malware in sbrugna...
EUVD-2021-7093
Malicious code in bioql PyPI...
On-Premise vs SaaS Data Annotation Platforms Compared
Choosing a data annotation platform? Learn when to use SaaS or on premise based on speed, cost, data privacy, and project scope...
CVE-2024-11186 On affected versions of the CloudVision Portal, improper access controls could enable a malicious authenticated user to take broader actions on managed EOS devices than intended. This advisory impacts the Arista CloudVision Portal products when run on-prem
On affected versions of the CloudVision Portal, improper access controls could enable a malicious authenticated user to take broader actions on managed EOS devices than intended. This advisory impacts the Arista CloudVision Portal products when run on-premise. It does not impact CloudVision...
Moderate: Red Hat Security Advisory: OpenShift Container Platform 4.16.23 bug fix and security update
Red Hat OpenShift Container Platform release 4.16.23 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.16. Red Hat Product Security has rated this update as having a...
CVE-2024-9100
Zohocorp ManageEngine Analytics Plus versions before 5410 and Zoho Analytics On-Premise versions before 5410 are vulnerable to Path traversal...
CVE-2024-9100
CVE-2024-9100 affects Zohocorp ManageEngine Analytics Plus prior to 5410 and Zoho Analytics On-Premise prior to 5410. The issue is a Path Traversal vulnerability. Public details confirm the affected versions and the underlying vulnerability class; no exploitation details are provided in the docum...
Important: Red Hat Security Advisory: OpenShift Container Platform 4.14.37 bug fix and security update
Red Hat OpenShift Container Platform release 4.14.37 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.14. Red Hat Product Security has rated this update as having a...
Exploit for Observable Discrepancy in 42Gears Suremdm
CVE-2023-3897 Username enumeration is possible through Bypassi...
Moderate: Red Hat Security Advisory: OpenShift Container Platform 4.13.46 security update
Red Hat OpenShift Container Platform release 4.13.46 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.13. Red Hat Product Security has rated this update as having a...
Moderate: Red Hat Security Advisory: OpenShift Container Platform 4.12.58 CNF vRAN extras security update
An update for ztp-site-generate-container, topology-aware-lifecycle-manager and bare-metal-event-relay is now available for Red Hat OpenShift Container Platform 4.12. This release includes a security update for CVE-2023-30841 topology-aware-lifecycle-manager-operator-container: baremetal-operator...
Kiuwan Local Analyzer / SAST / SaaS XML Injection / XSS / IDOR
SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Multiple critical vulnerabilities product: Kiuwan SAST on-premise KOP & cloud/SaaS Kiuwan Local Analyzer KLA vulnerable version: Kiuwan SAST 2.8.2402.3 Kiuwan Local...
CVE-2024-4177 Host whitelist parser issue in GravityZone Console On-Premise (VA-11554)
A host whitelist parser issue in the proxy service implemented in the GravityZone Update Server allows an attacker to cause a server-side request forgery. This issue only affects GravityZone Console versions before 6.38.1-2 that are running only on premise...
Important: Red Hat Security Advisory: AMQ Broker 7.12.0.OPR.1.GA Container Images release and security update
This is the multiarch release of the AMQ Broker 7.12.0 aligned Operator and associated container images on Red Hat Enterprise Linux 8 for the OpenShift Container Platform. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring Syste...
Important: Red Hat Security Advisory: OpenShift Container Platform 4.12.56 security update
Red Hat OpenShift Container Platform release 4.12.56 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.12. Red Hat Product Security has rated this update as having a...
Important: Red Hat Security Advisory: OpenShift Container Platform 4.13.35 security update
Red Hat OpenShift Container Platform release 4.13.35 is now available with updates to packages and images that fix several bugs and add enhancements. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, whi...
Update now! ConnectWise ScreenConnect vulnerability needs your attention
ConnectWise is warning self-hosted and on-premise customers that they need to take immediate action to remediate a critical vulnerability in its ScreenConnect remote desktop software. This software is typically used in data-centers and for remote assistance. Together ConnectWise’s partners manage...
Important: Red Hat Security Advisory: OpenShift Container Platform 4.14.13 security update
Red Hat OpenShift Container Platform release 4.14.13 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.14. Red Hat Product Security has rated this update as having a...
SureMDM On-premise < 6.31 - CAPTCHA Bypass User Enumeration
Exploit Title: SureMDM On-premise 6.31 - CAPTCHA Bypass User Enumeration Date: 05/12/2023 Exploit Author: Jonas Benjamin Friedli Vendor Homepage: https://www.42gears.com/products/mobile-device-management/ Version: = 6.31 Tested on: 6.31 CVE : CVE-2023-3897 import requests import sys def printhelp...