openSUSE: Security Advisory for the Linux Kernel (Live Patch 10 for SLE 15 SP5) (SUSE-SU-2024:3694-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

openSUSE: Security Advisory for the Linux Kernel RT (Live Patch 10 for SLE 15 SP5) (SUSE-SU-2024:3631-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE-SU-2024:3631-1 Security update for the Linux Kernel RT (Live Patch 10 for SLE 15 SP5)

This update for the Linux Kernel 5.14.21-1505001335 fixes several issues. The following security issues were fixed: - CVE-2024-35861: Fixed potential UAF in cifssignalcifsdforreconnect bsc1225312. - CVE-2024-36899: gpiolib: cdev: Fix use after free in lineinfochangednotify bsc1225739. -...

SUSE-SU-2024:2850-1 Security update for the Linux Kernel (Live Patch 10 for SLE 15 SP5)

This update for the Linux Kernel 5.14.21-1505005549 fixes several issues. The following security issues were fixed: - CVE-2024-27398: Fixed use-after-free bug caused by scosocktimeout bsc1225013. - CVE-2024-35950: drm/client: Fully protect modes with dev-modeconfig.mutex bsc1225310. -...

SUSE SLES15 Security Update : kernel RT (Live Patch 10 for SLE 15 SP5) (SUSE-SU-2024:2092-1)

The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:2092-1 advisory. This update for the Linux Kernel 5.14.21-1505001335 fixes several issues. The following security issues were fixed: - CVE-2024-26852: Fixed...

SUSE SLES15 Security Update : kernel RT (Live Patch 10 for SLE 15 SP5) (SUSE-SU-2024:1273-1)

The remote SUSE Linux SLES15 host has a package installed that is affected by a vulnerability as referenced in the SUSE- SU-2024:1273-1 advisory. This update for the Linux Kernel 5.14.21-1505001335 fixes one issue. The following security issue was fixed: - CVE-2023-52340: Fixed ICMPv6 Packet Too...

CVE-2023-48365

Qlik Sense Enterprise for Windows before August 2023 Patch 2 allows unauthenticated remote code execution, aka QB-21683. Due to improper validation of HTTP headers, a remote attacker is able to elevate their privilege by tunneling HTTP requests, allowing them to execute HTTP requests on the backe...

CVE-2023-41265

An HTTP Request Tunneling vulnerability found in Qlik Sense Enterprise for Windows for versions May 2023 Patch 3 and earlier, February 2023 Patch 7 and earlier, November 2022 Patch 10 and earlier, and August 2022 Patch 12 and earlier allows a remote attacker to elevate their privilege by tunnelin...

PT-2023-14286 · Servicenow · Servicenow

Name of the Vulnerable Software and Affected Versions: ServiceNow versions Quebec prior to Patch 10 Hot Fix 8b ServiceNow versions Rome prior to Patch 10 Hot Fix 1 ServiceNow versions San Diego prior to Patch 7 ServiceNow versions Tokyo prior to Tokyo Patch 1 ServiceNow versions Utah prior to Uta...

SUSE SLES15 Security Update : kernel (Live Patch 10 for SLE 15 SP4) (SUSE-SU-2023:2459-1)

The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:2459-1 advisory. This update for the Linux Kernel 5.14.21-1504002455 fixes several issues. The following security issues were fixed: - CVE-2023-28464: Fixed...

SUSE SLES15 Security Update : kernel (Live Patch 10 for SLE 15 SP4) (SUSE-SU-2023:2032-1)

The remote SUSE Linux SLES15 host has a package installed that is affected by a vulnerability as referenced in the SUSE- SU-2023:2032-1 advisory. This update for the Linux Kernel 5.14.21-1504002455 fixes one issue. The following security issue was fixed: - CVE-2023-1652: Fixed use-after-free that...

SUSE SLES15 Security Update : kernel (Live Patch 10 for SLE 15 SP2) (SUSE-SU-2021:3737-1)

The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2021:3737-1 advisory. This update for the Linux Kernel 5.3.18-2449 fixes several issues. The following security issues were fixed: - CVE-2021-3752: Fixed vulnerabili...

SUSE: Security Advisory (SUSE-SU-2017:0247-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2016:2632-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2020-35123

In Zimbra Collaboration Suite Network Edition versions 9.0.0 P10 and 8.8.15 P17, there exists an XXE vulnerability in the saml consumer store extension, which is vulnerable to XXE attacks. This has been fixed in Zimbra Collaboration Suite Network edition 9.0.0 Patch 10 and 8.8.15 Patch 17...

Design/Logic Flaw

In Zimbra Collaboration Suite Network Edition versions 9.0.0 P10 and 8.8.15 P17, there exists an XXE vulnerability in the saml consumer store extension, which is vulnerable to XXE attacks. This has been fixed in Zimbra Collaboration Suite Network edition 9.0.0 Patch 10 and 8.8.15 Patch 17...

Zimbra Collaboration Suite ProxyServlet Server Side Request Forgery

Added: 06/06/2019 CVE: CVE-2019-9621 Background Zimbra Collaboration Suite is an email, calendar, and collaboration solution for enterprises. Problem The ProxyServlet component allows a remote attacker to upload arbitrary files, which can then be executed, using XML External Entity injection and...

OnSSI Ocularis Recorder 5.5 < Patch 10 / 5.4 < Patch 19 / 5.3 < Patch 19 Denial of Service (DoS) Vulnerability

The version of OnSSI Ocularis Recorder installed on the remote Windows host is 5.5 prior to Patch 10, 5.4 prior to Patch 19, or 5.3 prior to Patch 19. It is, therefore, affected by a denial of service vulnerability. C Tenable Network Security, Inc. include'compat.inc'; if description...

Security Bulletin: IBM QRadar SIEM is vulnerable to shell command injection vulnerability in the admin panel. (CVE-2015-4930, CVE-2015-2016 )

Summary IBM QRadar SIEM is vulnerable to a shell command injection the in admin panel if logged in as an admin user. Vulnerability Details CVE-ID: CVE-2015-4930 Description: IBM QRadar could allow a user authenticated with admin access, to execute commands on the server as root. CVSS Base Score:8...

CVE-2015-7610

Cross-site request forgery CSRF vulnerability in the login form in Zimbra Collaboration Suite aka ZCS before 8.6.0 Patch 10, 8.7.x before 8.7.11 Patch 2, and 8.8.x before 8.8.8 Patch 1 allows remote attackers to hijack the authentication of unspecified victims by leveraging failure to use a CSRF...