EUVD-2017-0146

Malware in sbrugna...

nodejs:20 security update

nodejs 1:20.19.2-1 - Update to version 20.19.2 Fixes: CVE-2025-23166 Resolves: RHEL-91595 RHEL-89598 RHEL-92854 1:20.19.1-1 - Update to version 20.19.1 Resolves: RHEL-78763 1:20.18.2-4 - Update c-ares to 1.34.5 to address CVE-2025-31498 1:20.18.2-3 - Remove obsolete lua pretransaction script from...

GHSA-8QFC-CVJP-MGPQ Moderate severity vulnerability that affects org.apache.ignite:ignite-core

Apache Ignite before 1.9 allows man-in-the-middle attackers to read arbitrary files via XXE in modified update-notifier documents...

GHSA-8P83-68CW-943F Apache Ignite communicates to an external PHP server where sensitive information is sent

Apache Ignite 1.0.0-RC3 to 2.0 uses an update notifier component to update the users about new project releases that include additional functionality, bug fixes and performance improvements. To do that the component communicates to an external PHP server http://ignite.run where it needs to send...

Apache Ignite communicates to an external PHP server where sensitive information is sent

Apache Ignite 1.0.0-RC3 to 2.0 uses an update notifier component to update the users about new project releases that include additional functionality, bug fixes and performance improvements. To do that the component communicates to an external PHP server http://ignite.run where it needs to send...

Information disclosure

Apache Ignite 1.0.0-RC3 to 2.0 uses an update notifier component to update the users about new project releases that include additional functionality, bug fixes and performance improvements. To do that the component communicates to an external PHP server http://ignite.run where it needs to send...

CVE-2017-7686

Apache Ignite 1.0.0-RC3 to 2.0 uses an update notifier component to update the users about new project releases that include additional functionality, bug fixes and performance improvements. To do that the component communicates to an external PHP server http://ignite.run where it needs to send...

CVE-2017-7686

Apache Ignite 1.0.0-RC3 to 2.0 uses an update notifier component to update the users about new project releases that include additional functionality, bug fixes and performance improvements. To do that the component communicates to an external PHP server http://ignite.run where it needs to send...

PYSEC-2017-146

Apache Ignite 1.0.0-RC3 to 2.0 uses an update notifier component to update the users about new project releases that include additional functionality, bug fixes and performance improvements. To do that the component communicates to an external PHP server http://ignite.run where it needs to send...

PYSEC-2017-146

Apache Ignite 1.0.0-RC3 to 2.0 uses an update notifier component to update the users about new project releases that include additional functionality, bug fixes and performance improvements. To do that the component communicates to an external PHP server http://ignite.run where it needs to send...

CVE-2017-7686

Apache Ignite versions 1.0.0-RC3 through 2.0 are affected by an information disclosure vulnerability stemming from an update notifier that communicates to an external PHP server (ignite.run) and transmits system properties (e.g., Ignite/Java version) that may contain user‑sensitive information. I...

CVE-2017-7686

Apache Ignite 1.0.0-RC3 to 2.0 uses an update notifier component to update the users about new project releases that include additional functionality, bug fixes and performance improvements. To do that the component communicates to an external PHP server http://ignite.run where it needs to send...

Information Disclosure

Apache Ignite is vulnerable to information disclosure. The library contains an update notifier component to notify users about new project releases. This component sends sensitive information to an external PHP server http://ignite.run that a malicious user can observe to obtain sensitive data...

Apache Ignite Information Disclosure and XML External Entity Injection Vulnerabilities

Ignite is the in-memory computing platform. Apache Ignite suffers from an information disclosure and XML external entity injection vulnerability, which can be exploited by an attacker to modify the update-notifier document and read arbitrary files via an XXE attack...

External XML Entity (XXE) Attacks

ignite-core is vulnerable external XML entity XXE attacks. The update notifier component sends sensitive system data over an unsecured HTTP connection. Since TLS is not used man-in-the-middle MitM attacks also possible. Attackers can alter the response coming from the server the information is se...

Code injection

Apache Ignite before 1.9 allows man-in-the-middle attackers to read arbitrary files via XXE in modified update-notifier documents...

CVE-2016-6805

Apache Ignite before 1.9 allows man-in-the-middle attackers to read arbitrary files via XXE in modified update-notifier documents...

Ubuntu: Security Advisory (USN-1284-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu Update for update-manager USN-1284-2

Ubuntu Update for Linux kernel vulnerabilities USN-1284-2 OpenVAS Vulnerability Test $Id: gbubuntuUSN12842.nasl 7960 2017-12-01 06:58:16Z santu $ Ubuntu Update for update-manager USN-1284-2 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.n...

Ubuntu 8.04 LTS / 10.04 LTS / 10.10 / 11.04 / 11.10 : update-manager regression (USN-1284-2)

USN-1284-1 fixed vulnerabilities in Update Manager. One of the fixes introduced a regression for Kubuntu users attempting to upgrade to a newer Ubuntu release. This update fixes the problem. We apologize for the inconvenience. David Black discovered that Update Manager incorrectly extracted the...