Security
Headlines
HeadlinesLatestCVEs

Tag

#auth

Red Hat Security Advisory 2024-3775-03

Red Hat Security Advisory 2024-3775-03 - An update for the idm:DL1 module is now available for Red Hat Enterprise Linux 8.6 Extended Update Support.

Packet Storm
Open in Source
#vulnerability#linux#red_hat#js#auth
Red Hat Security Advisory 2024-3761-03

Red Hat Security Advisory 2024-3761-03 - An update for ipa is now available for Red Hat Enterprise Linux 9.0 Extended Update Support.

Red Hat Security Advisory 2024-3760-03

Red Hat Security Advisory 2024-3760-03 - An update for ipa is now available for Red Hat Enterprise Linux 7.

Red Hat Security Advisory 2024-3759-03

Red Hat Security Advisory 2024-3759-03 - An update for the idm:DL1 module is now available for Red Hat Enterprise Linux 8.4 Extended Update Support.

Red Hat Security Advisory 2024-3758-03

Red Hat Security Advisory 2024-3758-03 - An update for the idm:DL1 module is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support.

Red Hat Security Advisory 2024-3757-03

Red Hat Security Advisory 2024-3757-03 - An update for ipa is now available for Red Hat Enterprise Linux 9.2 Extended Update Support.

Red Hat Security Advisory 2024-3756-03

Red Hat Security Advisory 2024-3756-03 - An update for the idm:DL1 module is now available for Red Hat Enterprise Linux 8.4 Advanced Update Support, Red Hat Enterprise Linux 8.4 Telecommunications Update Service, and Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions.

Red Hat Security Advisory 2024-3755-03

Red Hat Security Advisory 2024-3755-03 - An update for the idm:DL1 module is now available for Red Hat Enterprise Linux 8.

Red Hat Security Advisory 2024-3754-03

Red Hat Security Advisory 2024-3754-03 - An update for ipa is now available for Red Hat Enterprise Linux 9.

Intrado 911 Emergency Gateway

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 10.0 ATTENTION: Exploitable remotely/low attack complexity Vendor: Intrado Equipment: 911 Emergency Gateway (EGW) Vulnerability: SQL Injection 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to execute malicious code, exfiltrate data, or manipulate the database. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following versions of Intrado's 911 Emergency Gateway are affected: 911 Emergency Gateway (EGW): All versions 3.2 Vulnerability Overview 3.2.1 IMPROPER NEUTRALIZATION OF SPECIAL ELEMENTS USED IN AN SQL COMMAND ('SQL INJECTION') CWE-89 Intrado 911 Emergency Gateway login form is vulnerable to an unauthenticated blind time-based SQL injection, which may allow an attacker to execute malicious code, exfiltrate data, or manipulate the database. CVE-2024-1839 has been assigned to this vulnerability. A CVSS v3.1 base score of 10.0 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/...