sensu: Password exposure in warn level log when configured for multiple rabbitMQ connections

Sensu's redaction function fails to handle the redaction of sensitive data in deeply nested data structures, resulting in sensitive data, such as passwords, being logged in clear-text...

sensu: Password exposure in warn level log when configured for multiple rabbitMQ connections

Sensu's redaction function fails to handle the redaction of sensitive data in deeply nested data structures, resulting in sensitive data, such as passwords, being logged in clear-text...

HTTP Client in JIRA does not accept RFC6265 compliant date format in "Expires" cookie header

When using AWS Application Load Balancer, the following WARN log messages are shown in the logs, as JIRA does not understand the "Expires" header used for sticky sessions. code:java 2017-09-27 01:44:47,292 HealthCheck:thread-7 WARN o.a.h.client.protocol.ResponseProcessCookies Invalid cookie heade...

Design/Logic Flaw

The PCI backend driver in Xen, when running on an x86 system and using Linux 3.1.x through 4.3.x as the driver domain, allows local guest administrators to generate a continuous stream of WARN messages and cause a denial of service disk consumption by leveraging a system with access to a...

CVE-2015-8552

The PCI backend driver in Xen, when running on an x86 system and using Linux 3.1.x through 4.3.x as the driver domain, allows local guest administrators to generate a continuous stream of WARN messages and cause a denial of service disk consumption by leveraging a system with access to a...

NINA - Die Warn-App des BBK - Customized SSL, MIT license vulnerabilities

HackApp vulnerability scanner discovered that application NINA - Die Warn-App des BBK published at the 'play' market has multiple vulnerabilities...

Ubuntu 14.04 LTS : Linux kernel (Vivid HWE) vulnerabilities (USN-2854-1)

The remote Ubuntu 14.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-2854-1 advisory. Felix Wilhelm discovered a race condition in the Xen paravirtualized drivers which can cause double fetch vulnerabilities. An attacker in the...

WordPress cookie forgery vulnerability detailed analysis and exp-vulnerability warning-the black bar safety net

0×0 0 Preface This article The analysis is in wordpress3. 8. 2 update fixes the cookie falsification Vulnerability, CVE-2 0 1 4 - 0 1 6 6, and is given corresponding to exp. According to the description in WordPress before 3.7.2 and 3.8. x before 3.8.2 are affected, A local installation of...

Fedora 15 : viewvc-1.1.11-1.fc15 (2011-7185)

security fix: remove user-reachable override of cvsdb row limit - fix broken standalone.py -c and -d options handling - add --help option to standalone.py - fix stack trace when asked to checkout a directory issue 478 - improve memory usage and speed of revision log markup issue 477 - fix broken...

Fedora 13 : viewvc-1.1.11-1.fc13 (2011-7198)

security fix: remove user-reachable override of cvsdb row limit - fix broken standalone.py -c and -d options handling - add --help option to standalone.py - fix stack trace when asked to checkout a directory issue 478 - improve memory usage and speed of revision log markup issue 477 - fix broken...

Fedora 9 : rkhunter-1.3.2-5.fc9 (2008-8314)

Wed Sep 3 2008 Kevin Fenzi - 1.3.2-5 - Patch debug tmp file issue - bug 460628 - Mon Jun 16 2008 Kevin Fenzi - 1.3.2-4 - Fix cron script to only mail on warn/error - bug 450703 - Fix conditional to account for fc10 rsyslog - Mon Apr 28 2008 Kevin Fenzi - 1.3.2-3 - Change cron to run after prelink...

Fedora 8 : rkhunter-1.3.2-5.fc8 (2008-8364)

Wed Sep 3 2008 Kevin Fenzi - 1.3.2-5 - Patch debug tmp file issue - bug 460628 - Mon Jun 16 2008 Kevin Fenzi - 1.3.2-4 - Fix cron script to only mail on warn/error - bug 450703 - Fix conditional to account for fc10 rsyslog Note that Tenable Network Security has extracted the preceding description...

Format string

Multiple format string vulnerabilities in AFFLIB 2.2.6 allow remote attackers to execute arbitrary code via certain command line parameters, which are used in 1 warn and 2 err calls, possibly involving a lib/s3.cpp, b tools/afconvert.cpp, c tools/afcopy.cpp, d tools/afinfo.cpp, e aimage/imager.cp...