MiracleLinux 7 : keycloak-httpd-client-install-0.8-1.el7 (AXSA:2019-4175:01)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2019-4175:01 advisory. keycloak-httpd-client-install: unsafe /tmp log file in --log-file option in keycloakcli.py CVE-2017-15111 keycloak-httpd-client-install: unsafe use ...

CVE-2016-15049

Nagios Log Server versions prior to 1.4.2 are vulnerable to cross-site scripting XSS in the Dashboards section when rendering log entries in the Logs table. Untrusted log content was not safely encoded for the output context, allowing attacker-controlled data present in logs to execute script in...

Logpoint SIEM Cross-Site Scripting Vulnerability

Logpoint SIEM is a Security Information and Event Management SIEM solution from Logpoint. A cross-site scripting vulnerability exists in Logpoint SIEM versions v6.1.0d through 7.3.0, which stems from a Jinja template that fails to properly review displayed log data.A remote attacker can construct...

RHEL 7 : keycloak-httpd-client-install (RHSA-2019:2137)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2019:2137 advisory. The keycloak-httpd-client-install packages provide various libraries and tools that can automate and simplify the configuration of Apache...