14 matches found
Important: Red Hat Security Advisory: OpenShift Container Platform 4.18.23 security and extras update
Red Hat OpenShift Container Platform release 4.18.23 is now available with updates to packages and images that fix several bugs. This release includes a security update for Red Hat OpenShift Container Platform 4.18. Red Hat Product Security has rated this update as having a security impact of...
Siemens SICAM Q100/Q200
SUMMARY SICAM Q100 and Q200 devices are affected by two information disclosure vulnerabilities that could allow an authenticated local attacker to extract the SMTP account password and use the configured SMTP service for arbitrary purposes. Siemens has released new versions for the affected...
PT-2025-31361 · Lenovo · Lenovo Firmware
Name of the Vulnerable Software and Affected Versions: Lenovo affected versions not specified Description: The issue was identified in Lenovo firmware code and enables unauthorized system access. Recommendations: At the moment, there is no information about a newer version that contains a fix for...
Johnson Controls Inc. Software House C●CURE 9000 (Update B)
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.5 ATTENTION : Exploitable remotely/Low attack complexity Vendor : Johnson Controls Inc. Equipment : Software House C●CURE 9000 Vulnerability : Incorrect Default Permissions 2. RISK EVALUATION Successful exploitation of this vulnerability may allow an...
Qolsys IQ Panel 4, IQ4 HUB
View CSAF 1. EXECUTIVE SUMMARY CVSS v3 7.3 ATTENTION : Low attack complexity Vendor : Qolsys, Inc. Equipment : IQ Panel 4, IQ4 Hub Vulnerability : Exposure of Sensitive Information to an Unauthorized Actor 2. RISK EVALUATION Successful exploitation of this vulnerability could allow the panel...
Johnson Controls Metasys and Facility Explorer Uncontrolled Resource Consumption (CVE-2023-4486)
Under certain circumstances, invalid authentication credentials could be sent to the login endpoint of Johnson Controls Metasys NAE55, SNE, and SNC engines prior to versions 11.0.6 and 12.0.4 and Facility Explorer F4-SNC engines prior to versions 11.0.6 and 12.0.4 to cause denial-of-service. This...
Intel PROSet Wireless WiFi Software Advisory - Lenovo Support US
No description provided...
ICSA-20-070-04_Johnson Controls Kantech EntraPass
1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Kantech, a subsidiary of Johnson Controls Equipment: EntraPass Vulnerability: Improper Input Validation 2. RISK EVALUATION Successful exploitation of this vulnerability could allow malicious code...
DUO-PSA-2018-004: Duo Product Security Advisory
Duo Product Security Advisory Advisory ID: DUO-PSA-2018-004 Publication Date: 2018-12-18 Revision Date: 2018-12-18 Status: Confirmed, Fixed Document Revision: 1 Overview Duo has identified and fixed an issue with the Duo Access Gateway DAG. This issue could have allowed for data exposure on the...
DUO-PSA-2020-002: Duo Product Security Advisory
Duo Product Security Advisory Advisory ID: DUO-PSA-2020-002 Publication Date: 2020-04-28 Revision Date: 2020-04-28 Status: Confirmed, Fixed Document Revision: 1 Overview Duo Engineering has identified and fixed an issue with directory sync for on-premises Microsoft Active Directory, OpenLDAP, and...
DUO-PSA-2017-001: Duo Product Security Advisory
Duo Product Security Advisory Advisory ID: DUO-PSA-2017-001 Publication Date: 2017-03-14 Revision Date: 2017-03-14 Status: Confirmed, Fixed Document Revision: 1 Overview Duo has identified and fixed an issue in our cloud service which, under certain configurations, could have enabled attackers wh...
DUO-PSA-2015-001: Duo Product Security Advisory
Duo Product Security Advisory Advisory ID: DUO-PSA-2015-001 Original Publication Date: 2015-02-03 Revision Date: 2015-02-10 Status: Confirmed, Fixed Document Revision: 3 Overview Duo Security has identified an issue in certain versions of the Duo Web SDK that could allow attackers to bypass prima...
DUO-PSA-2020-001: Duo Product Security Advisory
Duo Product Security Advisory Advisory ID: DUO-PSA-2020-001 Publication Date: 2020-03-19 Revision Date: 2020-03-19 Status: Confirmed, Fixed Document Revision: 1 Overview Duo has identified and fixed an issue with Directory Sync where enrollment emails were sent to users regardless of whether the...
DUO-PSA-2018-001: Duo Product Security Advisory
Duo Product Security Advisory Advisory ID: DUO-PSA-2018-001 Publication Date: 2018-03-06 Revision Date: 2018-03-06 Status: Confirmed, Fixed Document Revision: 1 Overview Duo has identified and fixed an issue with our public documentation on the Duo Unix integration. The suggested Pluggable...