Lucene search
K

595 matches found

Tenable Nessus
Tenable Nessus
added 2025/08/07 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2021-3447

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in several ansible modules, where parameters containing credentials, such as secrets, were being logged in plain-text on managed nodes, as well...

5.5CVSS7AI score0.00333EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/05/23 9:55 a.m.10 views

CVE-2024-28161

In Jenkins Delphix Plugin 3.0.1, a global option for administrators to enable or disable SSL/TLS certificate validation for Data Control Tower DCT connections is disabled by default...

5.3CVSS6.7AI score0.00417EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 9:7 a.m.5 views

CVE-2024-6727

A flaw in versions of Delphix Data Control Tower DCT prior to 19.0.0 results in broken authentication through the enable-scale-testing functionality of the application...

5.4CVSS6.8AI score0.00309EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 8:59 p.m.5 views

CVE-2021-20140

An unauthenticated command injection vulnerability exists in the parameters of operation 10 in the controllerserver service on Gryphon Tower routers. An unauthenticated remote attacker on the same network can execute commands as root on the device by sending a specially crafted malicious packet t...

8.8CVSS8.1AI score0.03984EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 8:58 p.m.2 views

CVE-2021-20139

An unauthenticated command injection vulnerability exists in the parameters of operation 3 in the controllerserver service on Gryphon Tower routers. An unauthenticated remote attacker on the same network can execute commands as root on the device by sending a specially crafted malicious packet to...

8.8CVSS8.1AI score0.03984EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 8:31 p.m.3 views

CVE-2021-20142

An unauthenticated command injection vulnerability exists in the parameters of operation 41 in the controllerserver service on Gryphon Tower routers. An unauthenticated remote attacker on the same network can execute commands as root on the device by sending a specially crafted malicious packet t...

8.8CVSS8.1AI score0.03709EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 8:30 p.m.3 views

CVE-2021-20138

An unauthenticated command injection vulnerability exists in multiple parameters in the Gryphon Tower router’s web interface at /cgi-bin/luci/rc. An unauthenticated remote attacker on the same network can execute commands as root on the device by sending a specially crafted malicious packet to th...

8.8CVSS8.2AI score0.03702EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 7:6 p.m.6 views

CVE-2021-20143

An unauthenticated command injection vulnerability exists in the parameters of operation 48 in the controllerserver service on Gryphon Tower routers. An unauthenticated remote attacker on the same network can execute commands as root on the device by sending a specially crafted malicious packet t...

8.8CVSS8AI score0.03709EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 7:6 p.m.6 views

CVE-2021-20144

An unauthenticated command injection vulnerability exists in the parameters of operation 49 in the controllerserver service on Gryphon Tower routers. An unauthenticated remote attacker on the same network can execute commands as root on the device by sending a specially crafted malicious packet t...

8.8CVSS8AI score0.03709EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 7:6 p.m.7 views

CVE-2021-20145

Gryphon Tower routers contain an unprotected openvpn configuration file which can grant attackers access to the Gryphon homebound VPN network which exposes the LAN interfaces of other users' devices connected to the same service. An attacker could leverage this to make configuration changes to, o...

7.5CVSS6.9AI score0.01242EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 6:16 p.m.5 views

CVE-2021-20141

An unauthenticated command injection vulnerability exists in the parameters of operation 32 in the controllerserver service on Gryphon Tower routers. An unauthenticated remote attacker on the same network can execute commands as root on the device by sending a specially crafted malicious packet t...

8.8CVSS8AI score0.03709EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 6:16 p.m.6 views

CVE-2021-20137

A reflected cross-site scripting vulnerability exists in the url parameter of the /cgi-bin/luci/siteaccess/ page on the Gryphon Tower router's web interface. An attacker could exploit this issue by tricking a user into following a specially crafted link, granting the attacker javascript execution...

6.1CVSS6.1AI score0.02557EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 9:15 a.m.10 views

CVE-2019-10312

A missing permission check in Jenkins Ansible Tower Plugin 0.9.1 and earlier in the TowerInstallation.TowerInstallationDescriptordoFillTowerCredentialsIdItems method allowed attackers with Overall/Read permission to enumerate credentials ID of credentials stored in Jenkins...

4.3CVSS6.4AI score0.01361EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 4:14 a.m.8 views

CVE-2019-10311

A missing permission check in Jenkins Ansible Tower Plugin 0.9.1 and earlier in the TowerInstallation.TowerInstallationDescriptordoTestTowerConnection form validation method allowed attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified credentials...

8.8CVSS6.4AI score0.01832EPSS
Exploits0References1
OSV
OSV
added 2025/02/14 12:13 p.m.3 views

OESA-2025-1125 ansible security update

Ansible is a radically simple model-driven configuration management, multi-node deployment, and remote task execution system. Ansible works over SSH and does not require any software or daemons to be installed on remote nodes. Extension modules can be written in any language and are transferred t...

7.5CVSS7.2AI score0.00859EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2024/11/14 12:0 a.m.6 views

Fedora 41 : rust-hyper-rustls / rust-reqwest / rust-rustls-native-certs / etc (2024-347164df1c)

The remote Fedora 41 host has packages installed that are affected by a vulnerability as referenced in the FEDORA-2024-347164df1c advisory. - Update the hyper-rustls crate to version 0.27.3. - Update the reqwest crate to version 0.12.8. - Update the rustls-native-certs crate to version 0.8.0 and...

6.9CVSS5.2AI score0.00622EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2024/10/21 12:0 a.m.6 views

Fedora: Security Advisory (FEDORA-2024-bf524bf5c0)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5AI score
Exploits0References2
Fedora
Fedora
added 2024/10/19 1:54 a.m.10 views

[SECURITY] Fedora 40 Update: rust-tower0.4-0.4.13-1.fc40

Tower is a library of modular and reusable components for building robust clients and servers...

7.4AI score
Exploits0
Fedora
Fedora
added 2024/10/19 1:54 a.m.10 views

[SECURITY] Fedora 40 Update: rust-tower-http0.5-0.5.2-1.fc40

Tower middleware and utilities for HTTP clients and servers...

7.4AI score
Exploits0
Fedora
Fedora
added 2024/10/19 1:54 a.m.11 views

[SECURITY] Fedora 40 Update: rust-tower-http-0.6.1-1.fc40

Tower middleware and utilities for HTTP clients and servers...

7.4AI score
Exploits0
Rows per page
Query Builder