6 matches found
Debezium UI 2.5 Credential Disclosure
Exploit Title: Debezium UI - Credential Leakage Google Dork: N/A Date: 2024-03-11 Exploit Author: Ihsan Cetin, Hamza Kaya Toprak Vendor Homepage: https://debezium.io/ Software Link: N/A Version: 2.5 REQUIRED Tested on: N/A CVE : CVE-2024-28736 Proof of concept: Details Debezium-ui version 2.5 is...
Important: Red Hat Security Advisory: RHACS 3.68 security update
Updated images are now available for Red Hat Advanced Cluster Security for Kubernetes RHACS. The updated image includes bug and security fixes. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which giv...
bouncycastle: TLS CBC padding timing attack
It was discovered that bouncycastle leaked timing information when decrypting TLS/SSL protocol encrypted records when CBC-mode cipher suites were used. A remote attacker could possibly use this flaw to retrieve plain text from the encrypted packets by using a TLS/SSL server as a padding oracle...
Medium: gnutls
Issue Overview: It was discovered that GnuTLS leaked timing information when decrypting TLS/SSL protocol encrypted records when CBC-mode cipher suites were used. A remote attacker could possibly use this flaw to retrieve plain text from the encrypted packets by using a TLS/SSL server as a padding...
Important: java-1.6.0-openjdk
Issue Overview: An improper permission check issue was discovered in the JMX component in OpenJDK. An untrusted Java application or applet could use this flaw to bypass Java sandbox restrictions. CVE-2013-1486 It was discovered that OpenJDK leaked timing information when decrypting TLS/SSL protoc...
RedHat Update for openssl RHSA-2012:0059-01
The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...