1850 matches found
Microsoft Dynamics 365 (on-premises) Remote Code Execution Vulnerability
A remote code execution vulnerability exists in Microsoft Dynamics 365 on-premises when the server fails to properly sanitize web requests to an affected Dynamics server. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the SQL service account. A...
OPENSUSE-SU-2020:1376-1 Security update for xorg-x11-server
This update for xorg-x11-server fixes the following issues: - CVE-2020-14361: Fix XkbSelectEvents integer underflow bsc1174910 ZDI-CAN-11573. - CVE-2020-14362: Fix XRecordRegisterClients Integer underflow bsc1174913 ZDI-CAN-11574. This update was imported from the SUSE:SLE-15-SP2:Update update...
Remote Code Execution
pomelo-monitor is vulnerable to remote code execution. An attacker could run arbitrary commands on the server due to lack of validation...
CVE-2020-5622
Shadankun Server Security Type excluding normal blocking method types Ver.1.5.3 and earlier allows remote attackers to cause a denial of service which may result in not being able to add newly detected attack source IP addresses as blocking targets for about 10 minutes via a specially crafted...
Design/Logic Flaw
Shadankun Server Security Type excluding normal blocking method types Ver.1.5.3 and earlier allows remote attackers to cause a denial of service which may result in not being able to add newly detected attack source IP addresses as blocking targets for about 10 minutes via a specially crafted...
CVE-2020-5622
Shadankun Server Security Type excluding normal blocking method types Ver.1.5.3 and earlier allows remote attackers to cause a denial of service which may result in not being able to add newly detected attack source IP addresses as blocking targets for about 10 minutes via a specially crafted...
CVE-2020-5622
CVE-2020-5622 affects Shadankun Server Security Type up to version 1.5.3. The vulnerability describes a denial-of-service condition where, under certain conditions (overlapping internal Rule IDs and highly concurrent attack requests), the system cannot add newly detected attack source IP addresse...
The Life Cycle of a Compromised (Cloud) Server
Trend Micro Research has developed a go-to resource for all things related to cybercriminal underground hosting and infrastructure. Today we released the second in this three-part series of reports which detail the what, how, and why of cybercriminal hosting see the first part here. As part of th...
SUSE-SU-2020:2401-1 Security update for xorg-x11-server
This update for xorg-x11-server fixes the following issues: - CVE-2020-14361: Fix XkbSelectEvents integer underflow bsc1174910 ZDI-CAN-11573. - CVE-2020-14362: Fix XRecordRegisterClients Integer underflow bsc1174913 ZDI-CAN-11574...
JVN#42665874: "Shadankun Server Security Type" vulnerable to denial-of-service (DoS)
"Shadankun Server Security Type" provided by Cyber Security Cloud , Inc. contains a denial-of-service DoS vulnerability. When "Rule id"s assigned by the product's internal script overlap, it would not be able to add newly detected attack source IP addresses as the blocking targets CWE-703. The...
Basics of Keeping Kubernetes Clusters Secure Part 1
With Kubernetes’ popularity and high adoption rates, its security should always be prioritized. We provide vital tips and recommendations on keeping the master node, the API server, etcd, RBAC, and network policies secure...
Remote Code Execution (RCE)
mysql is vulnerable to remote code execution. The vulnerability exists in the Server Security Privileges through multiple unspecified vulnerabilities...
Arbitrary Code Execution
mysql is vulnerable to arbitrary code execution. The vulnerability exists in server security privileges through multiple unspecified vulnerabilities...
Authorization Bypass
mysql is vulnerable to authorization bypass. The vulnerability exists in server security roles through multiple unspecified vulnerabilities...
Denial Of Service (DoS)
mysql is vulnerable to denial of service DoS. The vulnerability exists in server security audit through an unspecified vulnerability...
Red Hat CloudForms Path Traversal Vulnerability
Red Hat CloudForms is a hybrid infrastructure management platform from Red Hat, Inc. The platform provides deployment, management, and other capabilities across virtual machines, clouds, containers, and physical infrastructure. A path traversal vulnerability exists in Red Hat CloudForms, which...
CVE-2020-14631
Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Security: Audit. Supported versions that are affected are 8.0.20 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successf...
Cisco Adaptive Security Appliance Directory Traversal (CVE-2020-3452)
A directory traversal vulnerability exists in Cisco Adaptive Security Appliance Software and Cisco Firepower Threat Defense. Successful exploitation of this vulnerability could allow an attacker to obtain sensitive information from the affected server...
CVE-2020-14656
Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Locking. Supported versions that are affected are 8.0.20 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attac...
UBUNTU-CVE-2020-14651
Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Security: Roles. Supported versions that are affected are 8.0.20 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successf...