CVE-2024-52518 Nextcloud Server is missing password confirmation when changing external storage options

Nextcloud Server is a self hosted personal cloud system. After an attacker got access to the session of a user or administrator, the attacker would be able to create, change or delete external storages without having to confirm the password. It is recommended that the Nextcloud Server is upgraded...

OESA-2024-2148 fence-agents security update

A collection of executables to handle isolation "fencing" of possibly misbehaving hosts by the means of remote power management, blocking network, storage, or similar. They operate through a unified interface calling conventions devised for the original Red Hat clustering solution. Security Fixes...

Security Bulletin: IBM Systems Director Storage Control is affected by vulnerabilities in IBM Java SDK (CVE-2014-0453, CVE-2013-5772, CVE-2013-5803, CVE-2013-5372, CVE-2013-5780, CVE-2013-0169, CVE-2013-4002)

Summary IBM Systems Director Storage Control contains a version of IBM Java SDK that contained the vulnerabilities listed above. Vulnerability Details Abstract IBM Systems Director Storage Control contains a version of IBM Java SDK that contained the vulnerabilities listed above. Content...

Security Bulletin: IBM Systems Director Storage Control is affected by vulnerabilities in OpenSSL (CVE-2014-0160 and CVE-2014-0076)

Summary Security vulnerabilities have been discovered in OpenSSL. Vulnerability Details Abstract Security Bulletin: IBM Systems Director Storage Control is affected by vulnerabilities in OpenSSL CVE-2014-0160 and CVE-2014-0076 Content Vulnerability Details: CVE-ID : CVE-2014-0160 Description :...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK 7 affect IBM Systems Director Storage Control

Summary There are multiple vulnerabilities in IBM SDK Java Technology Edition, Version 7 that is used by IBM Systems Director Storage Control. These issues were disclosed as part of the IBM Java SDK updates in April 2015. Vulnerability Details Summary There are multiple vulnerabilities in IBM SDK...

Security Bulletin: SSLv3 Vulnerability and multiple vulnerabilities in OpenSSL and IBM Java SDK affect IBM Systems Director Storage Control.

Summary There are multiple vulnerabilities in IBM SDK Java Technology Edition that is used by IBM Systems Director Storage Control. This also includes a fix for the Padding Oracle On Downgraded Legacy Encryption POODLE SSLv3 vulnerability CVE-2014-3566. These vulnerabilities were disclosed as par...

Security Bulletin: GNU C library (glibc) vulnerability affects IBM Systems Director Storage Control (CVE-2015-0235)

Summary GNU C library glibc vulnerability that has been referred to as GHOST affects IBM Systems Director Storage Control. Vulnerability Details Abstract GNU C library glibc vulnerability that has been referred to as GHOST affects IBM Systems Director Storage Control. Vulnerability Details: CVE-I...

Security Bulletin: IBM Systems Director (ISD) Storage Control is affected by vulnerabilities in IBM Websphere Application Server (WAS), OpenSSL and IBM Java Runtime

Summary There are vulnerabilities addressed in IBM WAS, IBM Runtime Environment Java™Technology Edition, and OpenSSL that are used by ISD Storage Control. The Java issues were disclosed as part of the IBM Java updates for October 2017. Vulnerability Details CVEID: CVE-2017-10356 DESCRIPTION: An...

Security Bulletin: IBM Systems Director (ISD) Storage Control is affected by vulnerabilities in IBM Java Runtime.

Summary There are vulnerabilities addressed in IBM Runtime Environment Java™Technology Edition that is used by ISD Storage Control. The Java issues were disclosed as part of the IBM Java updates for July 2017. Vulnerability Details CVEID: CVE-2017-10198 DESCRIPTION: An unspecified vulnerability i...

Security Bulletin: IBM Systems Director (ISD) Storage Control is affected by vulnerabilities in IBM Websphere Application Server (WAS), OpenSSL and IBM Java Runtime.

Summary There are vulnerabilities addressed in IBM WAS, IBM Runtime Environment Java™Technology Edition, and OpenSSL that are used by ISD Storage Control. The Java issues were disclosed as part of the IBM Java updates for January 2017. Vulnerability Details CVEID: CVE-2016-2183 DESCRIPTION: OpenS...

Security Bulletin: IBM Systems Director Storage Control is affected by multiple IBM Websphere Application Server (WAS) vulnerabilities (CVE-2016-3092, CVE-2016-5986, CVE-2016-5983)

Summary There are multiple vulnerabilities identified in IBM Websphere Application Server WAS that is embedded in IBM Systems Director Storage Control. This update addresses these issues. Vulnerability Details CVEID: CVE-2016-5983 DESCRIPTION: IBM WebSphere Application Server could allow remote...

Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affects IBM Systems Director Storage Control

Summary There are multiple vulnerabilities in IBM®Runtime Environment Java™Technology Edition, Version 6 that is used by IBM Systems Director Storage Control. These issues was disclosed as part of the IBM Java updates for January 2016, July 2016 and October 2016. Vulnerability Details CVEID:...

Security Bulletin: A security vulnerability in IBM Java Runtime affects IBM Systems Director Storage Control ( CVE-2015-4872)

Summary There is a security vulnerability in IBM® Runtime Environment Java™ Technology Edition, Version 5 that is used by IBM Systems Director Storage Control. This issue was disclosed as part of the IBM Java updates for October 2015. Vulnerability Details CVEID: CVE-2015-4872 DESCRIPTION: An...

Star Queen Aliyun OSS credentials have information leakage vulnerability

Star Queen APP is a social platform based on beauty and beautification manicure plastic surgery and bodybuilding and other industries. AliCloud Object Storage Service OSS is a massive, secure and highly reliable cloud storage service provided by AliCloud. After the star AliCloud OSS credentials...

Yuanbei Driving Exam Baidu Cloud BOS has credential leakage vulnerability

Yuanbei Driving Test is an internet and mobile internet product developed by Nanjing Yuanbei Information Technology Co. Ltd. specifically for driving beginners. Baidu cloud bos is a cloud storage service based on Baidu cloud system. A credential leakage vulnerability exists in Baidu Cloud bos of...

National Security Community App aliyun oss credentials have information leakage vulnerability

Aliyun Object Storage Service OSS is a massive, secure and highly reliable cloud storage service provided by Aliyun. National Security Community aliyun oss credentials have an information leakage vulnerability. When using this SDK, accessKeyId and accessKeySecret, endpoint are built into the mobi...