RHEL 8 : Red Hat JBoss Enterprise Application Platform 7.4.9 Security update (Important) (RHSA-2023:0553)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:0553 advisory. - jquery: Cross-site scripting via cross- ...
Continue Reading
February 01, 2023
Additional Supply Chain Vulnerabilities Uncovered in AMI MegaRAC BMC Software
[]() Two more supply chain security flaws have be ...
Continue Reading
February 01, 2023
RHEL 9 : Red Hat JBoss Enterprise Application Platform 7.4.9 Security update (Important) (RHSA-2023:0554)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:0554 advisory. - jquery: Cross-site scripting via cross- ...
Continue Reading
February 01, 2023
RHEL 7 : Red Hat JBoss Enterprise Application Platform 7.4.9 Security update (Important) (RHSA-2023:0552)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:0552 advisory. - jquery: Cross-site scripting via cross- ...
Continue Reading
February 01, 2023
(RHSA-2023:0554) Important: Red Hat JBoss Enterprise Application Platform 7.4.9 Security update
Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.4.9 serves ...
Continue Reading
January 31, 2023
CVE-2023-22900
Efence login function has insufficient validation for user input. An unauthenticated remote attacker can exploit this vulnerability to inject arbitrary SQL commands to access, modify or delete databas ...
Continue Reading
January 31, 2023
CVE-2022-39060
ChangingTech MegaServiSignAdapter component has a vulnerability of improper input validation. An unauthenticated remote attacker can exploit this vulnerability to access and modify HKEY_CURRENT_USER s ...
Continue Reading
January 31, 2023
Security Bulletin: IBM Planning Analytics Workspace is affected by vulnerabilties
## Summary IBM Planning Analytics Workspace is affected by vulnerabilities. Node.js is an open-source and cross-platform JavaScript runtime environment (CVE-2022-35255, CVE-2022-35256). Node-tar is a ...
Continue Reading
January 28, 2023
Bypassing OGNL sandboxes for fun and charities
## Overview[]() Object Graph Notation Language (OGNL) is a popular, Java-based, expression language used in popular frameworks and applications, such as Apache Struts and Atlassian Confluence. In the ...
Continue Reading
January 27, 2023
Rocky Linux 9 : php (RLSA-2022:8197)
The remote Rocky Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2022:8197 advisory. Note that Nessus has not tested for this issue but has instead r ...
Continue Reading
January 27, 2023
