Lucene search
K

39 matches found

Github Security Blog
Github Security Blog
added 2026/05/05 5:20 p.m.14 views

ots has a negative expire override that can bypass its secret retention policy

Summary The /api/create endpoint accepted negative expire query values. For the memory storage backend, negative values were passed to secret creation as a negative duration and treated as no expiry, allowing callers to create secrets that persisted longer than intended. Impact Unauthenticated...

5.7AI score
Exploits0References4Affected Software1
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2016-7034

Malware in sbrugna...

8.8CVSS8.8AI score0.00554EPSS
Exploits0References3
Veeam
Veeam
added 2025/01/23 12:0 a.m.16 views

SharePoint and OneDrive Items May Not Be Displayed

Article Applicability The solution provided in this article requires Veeam Backup for Microsoft 365 8.1 or higher. The issue discussed in this article only occurs under particular circumstances. Review the Cause section closely. This article is marked as related to Veeam Backup for Microsoft 365 ...

6.8AI score
Exploits0Affected Software1
CNVD
CNVD
added 2024/12/27 12:0 a.m.10 views

Dell ECS Buffer Overflow Vulnerability

Dell ECS Elastic Cloud Storage is an enterprise-class cloud-scale object storage platform from Dell Technologies. A buffer overflow vulnerability exists in Dell ECS. The vulnerability is due to an arithmetic overflow in the ECS's retention period processing. An attacker could exploit the...

8.1CVSS9.4AI score0.00388EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/12/26 3:53 p.m.30 views

CVE-2024-51540

Dell ECS, versions prior to 3.8.1.3 contains an arithmetic overflow vulnerability exists in retention period handling of ECS. An authenticated user with bucket or object-level access and the necessary privileges could potentially exploit this vulnerability to bypass retention policies and delete...

8.1CVSS0.00388EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/11/14 12:0 a.m.5 views

Harbor 授权问题漏洞

Harbor is an open source registry from Harbor Open Source. Artifacts are protected through policies and role-based access control to ensure that images are scanned and are not vulnerable, and that images are signed as trusted. Harbor suffers from an authorization issue vulnerability that stems fr...

7.7CVSS6.4AI score0.00531EPSS
Exploits0References1
Veeam
Veeam
added 2024/09/18 12:0 a.m.15 views

Release Information for Veeam Backup for Microsoft Azure 7 Cumulative Patches

Requirements Please confirm that you are running version Veeam Backup for Microsoft Azure v7 build 7.0.0.467 or later before upgrading. You can find the currently installed build number Product version in the About section under Configuration | Support Information | Updates. After installing Veea...

7.1AI score
Exploits0Affected Software1
Qualys Blog
Qualys Blog
added 2024/05/16 2:0 p.m.36 views

TotalCloud Container Security Best Practices

Qualys Container Security CS, an integral part of TotalCloud 2.0, provides a comprehensive view of the security posture of containerized applications. Operationalizing a new technology tool in an enterprise often presents its own challenges. This blog seeks to help the operations team familiarize...

7.1AI score
Exploits0
Positive Technologies
Positive Technologies
added 2022/09/16 12:0 a.m.6 views

PT-2022-20883 · Harbor · Harbor

Name of the Vulnerable Software and Affected Versions: Harbor versions prior to 2.5.2 Description: Harbor fails to validate user permissions when updating tag retention policies. By sending a request to update a tag retention policy with an id that belongs to a project that the currently...

7.7CVSS7AI score0.00531EPSS
Exploits0References12
Microsoft KB
Microsoft KB
added 2022/02/08 8:0 a.m.157 views

Description of the security update for SharePoint Server Subscription Edition: February 8, 2022 (KB5002145)

Description of the security update for SharePoint Server Subscription Edition: February 8, 2022 KB5002145 Summary This security update resolves a Microsoft SharePoint Server remote code execution vulnerability, Microsoft SharePoint Server spoofing vulnerability, and Microsoft SharePoint Server...

8.8CVSS8AI score0.16825EPSS
Exploits1
OpenVAS
OpenVAS
added 2022/01/20 12:0 a.m.13 views

Fedora: Security Advisory for btrbk (FEDORA-2022-a66734e7a2)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

9.8CVSS9.6AI score0.03155EPSS
Exploits0References2
Fedora
Fedora
added 2022/01/19 2:12 a.m.37 views

[SECURITY] Fedora 35 Update: btrbk-0.31.3-1.fc35

Backup tool for btrfs sub-volumes, using a configuration file, allows creation of backups from multiple sources to multiple destinations, with ssh and flexible retention policy support hourly, daily, weekly, monthly...

9.8CVSS1.4AI score0.03155EPSS
Exploits0
Fedora
Fedora
added 2022/01/19 1:54 a.m.29 views

[SECURITY] Fedora 34 Update: btrbk-0.31.3-1.fc34

Backup tool for btrfs sub-volumes, using a configuration file, allows creation of backups from multiple sources to multiple destinations, with ssh and flexible retention policy support hourly, daily, weekly, monthly...

9.8CVSS1.4AI score0.03155EPSS
Exploits0
OpenVAS
OpenVAS
added 2022/01/19 12:0 a.m.12 views

Fedora: Security Advisory for btrbk (FEDORA-2022-dc62389784)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

9.8CVSS9.6AI score0.03155EPSS
Exploits0References2
Veeam
Veeam
added 2021/02/12 12:0 a.m.15 views

Veeam Backup for Microsoft 365 retention policy miscalculation causing data loss

Challenge When you have deployed Veeam Backup for Microsoft 365, use snapshot-based retention and storing data on a Jet Database-based repository then your solution might mistakenly remove restore points of Exchange data that are still valid. This applies to versions 5.0 Day 0 Update and earlier...

6.6AI score
Exploits0Affected Software1
Imperva Blog
Imperva Blog
added 2019/03/14 5:45 p.m.173 views

How Our Threat Analytics Multi-Region Data Lake on AWS Stores More, Slashes Costs

Data is the lifeblood of digital businesses, and a key competitive advantage. The question is: how can you store your data cost-efficiently, access it quickly, while abiding by privacy laws? At Imperva, we wanted to store our data for long-term access. Databases would’ve cost too much in disk and...

Exploits0
Qualys Blog
Qualys Blog
added 2019/01/22 8:6 p.m.313 views

Qualys Cloud Platform (VM, PC) 8.16 New Features

This new release of the Qualys Cloud Platform VM, PC, version 8.16, contains several new improvements in Qualys Vulnerability Management and Qualys Policy Compliance, which includes new password security option, increased limit for virtual hosts that can be added to a subscription, added support...

7.6AI score
Exploits0
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/17 12:17 p.m.23 views

Security Bulletin: IBM Disposal and Governance Management for IT and IBM Global Retention Policy and Schedule Management vulnerable to cross-site request forgery (CSRF)

Summary The "notice confirmation" functionality in IBM Disposal and Governance Management for IT and IBM Global Retention Policy and Schedule Management, components of IBM Atlas Policy Suite, is impacted by a vulnerability that allows cross-site request forgery. Both products have addressed this...

8.8CVSS0.5AI score0.00554EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/17 12:17 p.m.20 views

Security Bulletin: OpenSource Apache Taglibs Vulnerability affects Atlas Policy Suite (CVE-2015-0254)

Summary Apache Standard Taglibs could allow a remote attacker to execute arbitrary code on the system, caused by an XML External Entity Injection XXE error when processing XML data. Vulnerability Details CVEID: CVE-2015-0254 DESCRIPTION: Apache Standard Taglibs could allow a remote attacker to...

7.5CVSS1.3AI score0.1326EPSS
Exploits0Affected Software1
OSV
OSV
added 2017/04/05 6:59 p.m.3 views

CVE-2016-6100

IBM Disposal and Governance Management for IT and IBM Global Retention Policy and Schedule Management, components of IBM Atlas Policy Suite 6.0.3 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that th...

8.8CVSS5.7AI score0.00554EPSS
Exploits0References2
Rows per page
Query Builder