[SECURITY] Fedora 37 Update: redis-7.0.13-1.fc37

Redis is an advanced key-value store. It is often referred to as a data structure server since keys can contain strings, hashes, lists, sets and sorted sets. You can run atomic operations on these types, like appending to a string; incrementing the value in a hash; pushing to a list; computing se...

[SECURITY] Fedora 38 Update: redis-7.0.13-1.fc38

Redis is an advanced key-value store. It is often referred to as a data structure server since keys can contain strings, hashes, lists, sets and sorted sets. You can run atomic operations on these types, like appending to a string; incrementing the value in a hash; pushing to a list; computing se...

[SECURITY] Fedora 39 Update: redis-7.2.1-1.fc39

Redis is an advanced key-value store. It is often referred to as a data structure server since keys can contain strings, hashes, lists, sets and sorted sets. You can run atomic operations on these types, like appending to a string; incrementing the value in a hash; pushing to a list; computing se...

Apache Solr < 8.6.0 Information Disclosure (CVE-2020-13941)

The version of Apache Solr running on the remote host is prior to 8.6.0. It is, therefore, affected by an information disclosure vulnerability. The Replication handler allows commands backup, restore and deleteBackup. Each of these take a location parameter, which was not validated, i.e you could...

Description of the security update for SharePoint Server Subscription Edition: September 12, 2023 (KB5002474)

Description of the security update for SharePoint Server Subscription Edition: September 12, 2023 KB5002474 Summary This security update resolves a Microsoft SharePoint Server elevation of privilege vulnerability. To learn more about the vulnerability, see Microsoft Common Vulnerabilities and...

Cloud storage security: What’s new in the threat matrix

Today, we announce the release of a second version of the threat matrix for storage services, a structured tool that assists in identifying and analyzing potential security threats on data stored in cloud storage services. The matrix, first released in April 2021 as detailed in the blog post Thre...

Veeam Backup & Replication support for VMware Cloud Director

Purpose This article provides information about compatibility between VMware Cloud Director and Veeam Backup & Replication. Solution The table below provides VMware Cloud Director compatibility information for the most recent version of Veeam Backup & Replication. Older VMware Cloud Director/vClo...

Oracle Linux 8 : mariadb:10.3 (ELSA-2019-3708)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2019-3708 advisory. - Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Server: Security: Privileges. Supported versions that are affected are 5.6....

Agent Backup Job Fails With "Veeam Backup and Replication version is not compatible with Veeam Agent for Windows"

Challenge After upgrading Veeam Agent for Microsoft Windows , the backup job fails to run and displays the error message: Error: Managed session has failed: Veeam Backup and Replication version is not compatible with Veeam Agent for Windows. Cause This error occurs when the version of Veeam Agent...

JetBrains TeamCity 跨站脚本漏洞

JetBrains TeamCity is a set of distributed build management and continuous integration tools from the Czech company JetBrains. The tool provides features such as continuous unit testing, code quality analysis and build issue analysis reports. A cross-site scripting vulnerability exists in JetBrai...

Veeam Backup & Replication Cloud Connect Missing Authentication for Critical Function Vulnerability

Veeam Backup & Replication Cloud Connect component contains a missing authentication for critical function vulnerability that allows an unauthenticated user operating within the backup infrastructure network perimeter to obtain encrypted credentials stored in the configuration database. This may...

Ubuntu 20.04 LTS / 22.04 LTS / 23.04 : MySQL vulnerabilities (USN-6288-1)

The remote Ubuntu 20.04 LTS / 22.04 LTS / 23.04 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6288-1 advisory. Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues. MySQL has...

Virtuozzo Hybrid Infrastructure 5.4 Update 3 Hotfix 2 (5.4.3-103)

This update provides important fixes for the core storage and object storage services. Vulnerability id: VSTOR-73165 After updating an expired license, some virtual machines continue to be stuck. Vulnerability id: VSTOR-72936 The MDS service may get overloaded by clients. Vulnerability id:...

SAP Supplier Relationship Management Information Disclosure Vulnerability

SAP Supplier Relationship Management SRM is a supplier relationship management solution from SAP. The product automates purchasing and acquisition processes within an organization and between suppliers, and provides functions such as invoicing. An information disclosure vulnerability exists in SA...

Moderate: Red Hat Security Advisory: VolSync 0.6.3 security fixes and enhancements

VolSync v0.6.3 security fixes and enhancements Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the...

Moderate: Red Hat Security Advisory: VolSync 0.5.4 security fixes and enhancements

VolSync v0.5.4 security fixes and enhancements Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the...

CVE-2023-39436

SAP Supplier Relationship Management -versions 600, 602, 603, 604, 605, 606, 616, 617, allows an unauthorized attacker to discover information relating to SRM within Vendor Master Data for Business Partners replication functionality.This information could be used to allow the attacker to speciali...

SAP Supplier Relationship Management 信息泄露漏洞

SAP Supplier Relationship Management SRM is a supplier relationship management solution from SAP. The product automates purchasing and acquisition processes within an organization and between suppliers, and provides functions such as invoicing. An information disclosure vulnerability exists in SA...

SSH Connection Failure to Linux Machine Requiring Multiple Sequential AuthenticationMethods

Challenge Connections to a Linux machine fail with the following errors: Authentication was partially successful, but server requires additional authentication with: 'password'. No suitable authentication method is supported. Supported methods: 'password'. Some tasks may not display these errors...

FC-Only Nimble Array Snapshot Failures in Veeam Backup & Replication P20230718

Challenge When using Veeam Backup & Replication 12 P20230718, rescan, backup, and restore operations may fail when the Nimble array is configured to only use Fibre Channel FC protocol. The request could not be understood by the server. Unexpected argument 'multiinitiator'. Solution A private fix ...