HPE XP P9000 Command View Advanced Edition Software Open URL Redirection Vulnerability

HPE XP P9000 Command View Advanced Edition Software is a full-featured device manager for HPE XP P9500 and XP disk array products. An open URL redirection vulnerability exists in DevMgr, TSMgr, and RepMgr in HPE XP P9000 Command View Advanced Edition Software CVAE 7.0.0-00 - 8.60-00 excluding...

CVE-2018-7090

HPE XP P9000 Command View Advanced Edition Software CVAE has local and remote cross site scripting vulnerability in versions 7.0.0-00 to earlier than 8.60-00 of DevMgr, TSMgr and RepMgr...

Oracle MySQL Server Component Denial of Service Vulnerability (CNVD-2019-07346)

Oracle MySQL is an open source relational database management system from Oracle. The database system is characterized by high performance, low cost, good reliability, etc. MySQL Server is one of the server components. A security vulnerability exists in the Server: Replication subcomponent of the...

CVE-2018-1288

In Apache Kafka 0.9.0.0 to 0.9.0.1, 0.10.0.0 to 0.10.2.1, 0.11.0.0 to 0.11.0.2, and 1.0.0, authenticated Kafka users may perform action reserved for the Broker via a manually created fetch request interfering with data replication, resulting in data loss...

Apache Kafka Security Bypass Vulnerability

Apache Kafka is an open source distributed streaming platform developed by the Apache Apache Software Foundation in the United States. The platform is capable of acquiring real-time data for building applications that react in real time to changes in the data stream. A security bypass vulnerabili...

Data Loss

Apache Kafka is vulnerable to data loss. An authenticated malicious user can send a fetch request during data replication to perform Broker reserved actions, causing data to be lost...

Design/Logic Flaw

In Apache Kafka 0.9.0.0 to 0.9.0.1, 0.10.0.0 to 0.10.2.1, 0.11.0.0 to 0.11.0.2, and 1.0.0, authenticated Kafka users may perform action reserved for the Broker via a manually created fetch request interfering with data replication, resulting in data loss...

CVE-2018-1288

In Apache Kafka 0.9.0.0 to 0.9.0.1, 0.10.0.0 to 0.10.2.1, 0.11.0.0 to 0.11.0.2, and 1.0.0, authenticated Kafka users may perform action reserved for the Broker via a manually created fetch request interfering with data replication, resulting in data loss...

CVE-2018-1288

In Apache Kafka 0.9.0.0 to 0.9.0.1, 0.10.0.0 to 0.10.2.1, 0.11.0.0 to 0.11.0.2, and 1.0.0, authenticated Kafka users may perform action reserved for the Broker via a manually created fetch request interfering with data replication, resulting in data loss...

CVE-2018-1288

In Apache Kafka 0.9.0.0 to 0.9.0.1, 0.10.0.0 to 0.10.2.1, 0.11.0.0 to 0.11.0.2, and 1.0.0, authenticated Kafka users may perform action reserved for the Broker via a manually created fetch request interfering with data replication, resulting in data loss...

Oracle Re-Patches Decade-Old Solaris Bug

Oracle has issued three fixes for a critical Solaris vulnerability that could allow kernel-level privilege escalation. Impacted are the Solaris 10 and 11.3 operating environments. Sun Microsystems now owned by Oracle originally patched the vulnerability in 2009. But, a “re-fix” is now required,...

Unable to join second StoreFront server after upgrade, with error "Error getting replication keys"

Follow are the symptoms: 1 StoreFront join operation fails with following error: 2 If we enable Audit for logon failure and success, you will observer following event on the Joiner: Log Name: Security Source: Microsoft-Windows-Security-Auditing Date: XXXXXXXXXXXXXXXXXXX Event ID: 4625 Task...

CVE-2018-3067

CVE-2018-3067 pertains to Oracle MySQL Server, specifically the Server: Replication subcomponent. The vulnerability affects MySQL 8.0.11 and earlier and can be exploited by a highly privileged attacker with network access via multiple protocols, potentially causing a hang or a frequently occurrin...

IBM InfoSphere Data Replication Dashboard Path Traversal Vulnerability

IBM InfoSphere Data Replication Dashboard is a data synchronization solution from IBM USA. The solution enables log-based data change capture through real-time replication and provides features such as trusted data integration and synchronization. A directory traversal vulnerability exists in IBM...

IBM InfoSphere Data Replication Dashboard Cross-Site Scripting Vulnerability

IBM InfoSphere Data Replication Dashboard is a data synchronization solution from IBM USA. The solution enables log-based data change capture through real-time replication and provides features such as trusted data integration and synchronization. A cross-site scripting vulnerability exists in IB...

IBM InfoSphere Data Replication Dashboard SQL Injection Vulnerability

IBM InfoSphere Data Replication Dashboard is a data synchronization solution from IBM USA. The solution enables log-based data change capture through real-time replication and provides features such as trusted data integration and synchronization. A SQL injection vulnerability exists in IBM...

RHEL 7 : Red Hat Ceph Storage 3.0 (RHSA-2018:2177)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2018:2177 advisory. Red Hat Ceph Storage is a scalable, open, software-defined storage platform that combines the most stable version of the Ceph storage system...

Moderate: Red Hat Security Advisory: Red Hat Ceph Storage 3.0 security and bug fix update

An update for ceph is now available for Red Hat Ceph Storage 3.0 for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

Cross site scripting

Cross-site scripting XSS vulnerability in IBM InfoSphere Data Replication Dashboard 9.7 and 10.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. IBM X-Force ID: 84115...

Directory traversal

Directory traversal vulnerability in IBM InfoSphere Data Replication Dashboard 9.7 and 10.1 allows remote attackers to read arbitrary files via unspecified vectors. IBM X-Force ID: 84127...