5 matches found
Security Bulletin: IBM Storage Ceph is vulnerable to Allocation of Resources Without Limits or Throttling in Grafana (CVE-2023-45290)
Summary Grafana is used by IBM Storage Ceph as a metrics dashboard. CVE-2023-45290 This bulletin identifies the steps to take to address the vulnerability in Grafana. Vulnerability Details CVEID:CVE-2023-45290 DESCRIPTION: When parsing a multipart form either explicitly with...
PT-2023-29153 · WordPress · Gopi Ramasamy Tiny Carousel Horizontal Slider
Name of the Vulnerable Software and Affected Versions: Gopi Ramasamy Tiny Carousel Horizontal Slider plugin versions = 8.1 Description: The issue is related to an Authenticated Stored Cross-Site Scripting XSS vulnerability. This means that an attacker with admin or higher privileges can inject...
Cryptography API: Next Generation (CNG) vulnerable to denial-of-service (DoS)
Overview Cryptography API: Next Generation CNG contains an issue in BCryptDecrypt, which may result in a denial-of-service DoS. ASHINO, Yuki of NEC Corporation reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. Impact...
Tiki Wiki CMS Groupware Cross Site Scripting
Advisory: Tiki Wiki CMS Groupware Multiple XSS vulnerabilities Advisory ID: INFOSERVE-ADV2011-01 Author: Stefan Schurtz Contact: [email protected] Affected Software: Successfully tested on Tiki 7.2 & 8.0 RC1 Vendor URL: http://info.tiki.org/ Vendor Status: fixed for Tiki 7 New Tiki 6 LTS...
PT-2008-3573 · Cisco · Cisco Pix Security Appliance +1
Name of the Vulnerable Software and Affected Versions: Cisco Adaptive Security Appliance ASA and Cisco PIX security appliance versions 8.0.x through 8.038 Cisco Adaptive Security Appliance ASA and Cisco PIX security appliance versions 8.1.x through 8.110 Description: The issue allows remote...