1848 matches found
PT-2020-8619 · Ingenico · Ingenico Telium 2
Name of the Vulnerable Software and Affected Versions: Ingenico Telium 2 POS terminals versions prior to Telium 2 SDK v9.32.03 patch N Description: The issue concerns undeclared TRACE protocol commands in Ingenico Telium 2 POS terminals. This problem is resolved in Telium 2 SDK v9.32.03 patch N...
GHSA-J5QG-46P9-W2RP Malicious Package in jekyll-for-github-projects
Version 0.2.12 of jekyll-for-github-projects contained malicious code. The code when executed in the browser would enumerate password, cvc and cardnumber fields from forms and send the extracted values to https://js-metrics.com/minjs.php?pl= Recommendation Remove the package from your environment...
openSUSE: Security Advisory for go1.13 (openSUSE-SU-2020:1178-1)
The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
PXC Release update for April 2020 MySQL security patches | Cloud Foundry
Severity Critical Vendor Cloud Foundry Foundation Description Cloud Foundry Deployment, through its consumption of Percona XtraDB Cluster Release, is vulnerable to various MySQL vulnerabilities patched in the April 2020 Critical Patch Update, including the following high and critical issues:...
Security Bulletin: CVE-2019-2949 may affect IBM® SDK, Java™ Technology Edition
Summary CVE-2019-2949 was disclosed in the Oracle October 2019 Critical Patch Update Vulnerability Details CVEID: CVE-2019-2949 DESCRIPTION: An unspecified vulnerability in Java SE related to the Kerberos component could allow an unauthenticated attacker to obtain sensitive information resulting ...
Security Bulletin: Multiple vulnerabilities in current releases of the IBM® SDK, Java™ Technology Edition affect IBM Tivoli Network Manager.
Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 8, which is used by IBM Tivoli Network Manager IP Edition v4.1.1 and v4.2, which were disclosed in the Oracle April 2020 Critical Patch Update. Vulnerability Details Refer to the security bulletins listed in...
Security Bulletin: Multiple vulnerabilities may affect IBM® SDK, Java™ Technology Edition
Summary Java SE issues disclosed in the Oracle April 2020 Critical Patch Update minus CVE-2020-2773. The fix for CVE-2020-2773 is targeted for a future release and will be covered by an additional bulletin. Vulnerability Details CVEID: CVE-2020-2805 DESCRIPTION: An unspecified vulnerability in Ja...
Security Bulletin: CVE-2020-2654 may affect IBM® SDK, Java™ Technology Edition
Summary CVE-2020-2654 was disclosed as part of the Oracle January 2020 Critical Patch Update. Vulnerability Details CVEID: CVE-2020-2654 DESCRIPTION: An unspecified vulnerability in Java SE related to the Java SE Libraries component could allow an unauthenticated attacker to cause a denial of...
MySQL 5.7.x < 5.7.31 Multiple Vulnerabilities (Jul 2020 CPU)
The version of MySQL running on the remote host is 5.7.x prior to and including 5.7.30. It is, therefore, affected by multiple vulnerabilities, as noted in the July 2020 Critical Patch Update advisory: - Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer...
MySQL 5.6.x < 5.6.49 Multiple Vulnerabilities (Jul 2020 CPU)
The version of MySQL running on the remote host is 5.6.x prior to and including 5.6.48. It is, therefore, affected by multiple vulnerabilities, including the following, as noted in the July 2020 Critical Patch Update advisory: - A vulnerability in the MySQL Server product of Oracle MySQL componen...
Oracle Critical Patch Update Advisory - July 2020
A Critical Patch Update is a collection of patches for multiple security vulnerabilities. These patches are usually cumulative, but each advisory describes only the security patches added since the previous Critical Patch Update Advisory. Thus, prior Critical Patch Update advisories should be...
Oracle Releases July 2020 Security Bulletin
Oracle has released its Critical Patch Update for July 2020 to address 433 vulnerabilities across multiple products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. The Cybersecurity and Infrastructure Security Agency CISA encourages users and...
KLA11866 Multiple vulnerabilities in Oracle Virtualbox
Multiple vulnerabilities were found in Oracle Virtualbox. Malicious users can exploit these vulnerabilities to obtain sensitive information, cause denial of service. Below is a complete list of vulnerabilities: 1. Vulnerability in Core component of Oracle VM VirtualBox can be exploited to obtain...
PT-2020-12522 · Bareos +1 · Bareos Director +1
Name of the Vulnerable Software and Affected Versions: Bareos Director versions prior to 16.2.11 Bareos Director versions prior to 17.2.10 Bareos Director versions prior to 18.2.9 Bareos Director versions prior to 19.2.8 Description: A heap overflow in the Bareos Director allows a malicious clien...
openSUSE: Security Advisory for ntp (openSUSE-SU-2020:0934-1)
The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
MySQL Security Updates - January 2020 | Cloud Foundry
Severity Medium Vendor Cloud Foundry Foundation Description Cloud Foundry Deployment, through its consumption of Percona XtraDB Cluster Release, is vulnerable to various MySQL vulnerabilites patched in the January 2020 Critical Patch Update, including: CVE-2020-2572 CVE-2020-2577 CVE-2020-2579...
Security Bulletin: CVE-2019-2949 was disclosed in the Oracle October 2019 Critical Patch Update
Summary CVE-2019-2949 was disclosed in the Oracle October 2019 Critical Patch Update. Java is used by Maximo Asset Management, Maximo Asset Management Essentials, Maximo Asset Management for Energy Optimization, Maximo Asset Management Essentials, Maximo Industry Solutions including Maximo for...
Security Bulletin: Multiple vulnerabilities in current releases of the IBM® SDK, Java™ Technology Edition affect IBM Tivoli Netcool Configuration Manager.
Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 8, which is used by IBM Tivoli Netcool Configuration Manager IP Edition v6.4.1 and v6.4.2, which were disclosed in the Oracle January 2020 Critical Patch Update. Vulnerability Details Refer to the security...
Oracle WebLogic Server BadAttributeValueExpException deserialization
Added: 05/27/2020 CVE: CVE-2020-2555 Background Oracle WebLogic Server formerly BEA WebLogic Server is a Java web application platform. Problem A Java object deserialization vulnerability in WebLogic allows unauthenticated remote code execution by sending a serialized BadAttributeValueExpExceptio...
Micro Focus Enterprise Server and Enterprise Developer Cross-Site Scripting Vulnerability
Micro Focus Enterprise Server and Micro Focus Enterprise Developer are both products of Micro Focus, a British company.Micro Focus Enterprise Server is an enterprise server. Micro Focus Enterprise Server is an enterprise server that provides a deployment environment for mainframe applications.Mic...