EUVD-2012-0039

Malware in sbrugna...

VulnCheck KEV: CVE-2024-50603

Aviatrix Controllers contain an OS command injection vulnerability that could allow an unauthenticated attacker to execute arbitrary code. Shell metacharacters can be sent to /v1/api in cloudtype for listflightpathdestinationinstances, or srccloudtype for flightpathconnectiontest...

Citrix EndPoint Management - Reconfigure your Firebase Cloud Messaging (FCM) in CEM console

As permigration guidance, Google is going to deprecate the FCM legacy APIs for HTTP, which is currently used in our Citrix Endpoint Management CEM FCM implementation. The migration deadline is on June 21, 2024. Customers need to migrate the FCM from legacy FCM API to HTTP v1 API. With the release...

Fedora: Security Advisory for mxparser (FEDORA-2024-129d8ca6fc)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2023-39951 Instrumentation for AWS SDK v2 captures email content when using Amazon Simple Email Service (SES) v1 API, exposing that content to the telemetry backend

OpenTelemetry Java Instrumentation provides OpenTelemetry auto-instrumentation and instrumentation libraries for Java. OpenTelemetry Java Instrumentation prior to version 1.28.0 contains an issue related to the instrumentation of Java applications using the AWS SDK v2 with Amazon Simple Email...

GHSA-C8W9-83VG-R8VV OpenStack Glance is vulnerable to Exposure of Sensitive Information

The v1 API in OpenStack Glance Essex 2012.1, Folsom 2012.2, and Grizzly, when using the single-tenant Swift or S3 store, reports the location field, which allows remote authenticated users to obtain the operator's backend credentials via a request for a cached image...

OpenStack Glance is vulnerable to Exposure of Sensitive Information

The v1 API in OpenStack Glance Essex 2012.1, Folsom 2012.2, and Grizzly, when using the single-tenant Swift or S3 store, reports the location field, which allows remote authenticated users to obtain the operator's backend credentials via a request for a cached image...

Authorization Bypass

openstack-glance is vulnerable to authorization bypass. A flaw was discovered in the OpenStack Image service where a tenant could manipulate the status of their images by submitting an HTTP PUT request together with an 'x-image-meta-status' header. A malicious tenant could exploit this flaw to...

Ubuntu: Security Advisory (USN-1764-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

DEBIAN-CVE-2012-4573

The v1 API in OpenStack Glance Grizzly, Folsom 2012.2, and Essex 2012.1 allows remote authenticated users to delete arbitrary non-protected images via an image deletion request, a different vulnerability than CVE-2012-5482...

Ubuntu Update for glance USN-1626-1

Ubuntu Update for Linux kernel vulnerabilities USN-1626-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN16261.nasl 7960 2017-12-01 06:58:16Z santu $ Ubuntu Update for glance USN-1626-1 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This...