PT-2021-6437 · Oracle +8 · Mysql Server +7

Name of the Vulnerable Software and Affected Versions: MySQL Server versions 5.7.36 and prior MySQL Server versions 8.0.27 and prior Description: The issue is related to errors in resource release in the MySQL Server product, specifically in the Server: Replication component. It allows a...

PT-2021-6984 · Oracle +8 · Mysql Server +7

Name of the Vulnerable Software and Affected Versions: MySQL Server versions 5.7.37 and prior MySQL Server versions 8.0.28 and prior Description: The issue is related to insufficient input validation in the Server: Group Replication Plugin component of MySQL Server. This allows an attacker with...

CVE-2021-37842

metakv in Couchbase Server 7.0.0 uses Cleartext for Storage of Sensitive Information. Remote Cluster XDCR credentials can get leaked in debug logs. Config key tombstone purging was added in Couchbase Server 7.0.0. This issue happens when a config key, which is being logged, has a tombstone purger...

Couchbase Server 安全漏洞

Couchbase Server is a distributed, open source NoSQL non-relational database from Couchbase, Inc. that supports data querying, full-text searching, and active global replication. Couchbase Server has a security vulnerability that originates from improper design or implementation during code...

Replication job fails with "Cannot replicate disk because its capacity was reduced"

Challenge After a VM's disks have been resized to be smaller, the Replication job within Veeam Backup & Replication fails with the following error: Processing Error: Cannot replicate disk Datastore vmfolder/vmname.vmdk because its capacity was reduced Copy Cause This error occurs when Veeam Backu...

Fedora: Security Advisory for redis (FEDORA-2021-aa94492a09)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

[SECURITY] Fedora 35 Update: redis-6.2.6-1.fc35

Redis is an advanced key-value store. It is often referred to as a data structure server since keys can contain strings, hashes, lists, sets and sorted sets. You can run atomic operations on these types, like appending to a string; incrementing the value in a hash; pushing to a list; computing se...

How we took part in MLSEC and (almost) won

This summer Kaspersky experts took part in the Machine Learning Security Evasion Competition MLSEC — a series of trials testing contestants ability to create and attack machine learning models. The event is comprised of two main challenges — one for attackers, and the other for defenders. The...

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Replication). Supported versions that are affected are 8.0.26 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

...

CVE-2021-41308

Affected versions of Atlassian Jira Server and Data Center allow authenticated yet non-administrator remote attackers to edit the File Replication settings via a Broken Access Control vulnerability in the ReplicationSettings!default.jspa endpoint. The affected versions are before version 8.6.0,...

Improper access control

Affected versions of Atlassian Jira Server and Data Center allow authenticated yet non-administrator remote attackers to edit the File Replication settings via a Broken Access Control vulnerability in the ReplicationSettings!default.jspa endpoint. The affected versions are before version 8.6.0,...

CVE-2021-41308

CVE-2021-41308 affects Atlassian Jira Server/Data Center where authenticated non-administrators can edit File Replication settings via Broken Access Control on ReplicationSettings!default.jspa. Affected: Jira versions before 8.6.0; 8.7.0 before 8.13.12; 8.14.0 before 8.20.1. Connected documents c...

CVE-2021-41308

Affected versions of Atlassian Jira Server and Data Center allow authenticated yet non-administrator remote attackers to edit the File Replication settings via a Broken Access Control vulnerability in the ReplicationSettings!default.jspa endpoint. The affected versions are before version 8.6.0,...

CVE-2021-41308

Affected versions of Atlassian Jira Server and Data Center allow authenticated yet non-administrator remote attackers to edit the File Replication settings via a Broken Access Control vulnerability in the ReplicationSettings!default.jspa endpoint. The affected versions are before version 8.6.0,...

PT-2021-23262 · Atlassian · Jira

Name of the Vulnerable Software and Affected Versions: Atlassian Jira Server and Data Center versions prior to 8.6.0 Atlassian Jira Server and Data Center versions 8.7.0 through 8.13.12 Atlassian Jira Server and Data Center versions 8.14.0 through 8.20.1 Description: The issue allows authenticate...

Atlassian Jira 安全漏洞

Atlassian Jira is a defect tracking management system from Atlassian Australia. The system is used to track and manage all types of issues and defects in the workplace. A security vulnerability exists in Atlassian Jira that originates in the Atlassian Jira server and data center that allows remot...

Non-administrators can edit the File Replication settings - CVE-2021-41308

Affected versions of Atlassian Jira Server and Data Center allow authenticated yet non-administrator remote attackers to edit the File Replication settings via a Broken Access Control vulnerability in the ReplicationSettings!default.jspa endpoint. The affected versions are before version 8.6.0,...

Non-administrators can edit the File Replication settings - CVE-2021-41308

Affected versions of Atlassian Jira Server and Data Center allow authenticated yet non-administrator remote attackers to edit the File Replication settings via a Broken Access Control vulnerability in the ReplicationSettings!default.jspa endpoint. The affected versions are before version 8.6.0,...

Fedora: Security Advisory for redis (FEDORA-2021-8913c7900c)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Fedora: Security Advisory for redis (FEDORA-2021-61c487f241)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...