A flaw was found in the Red Hat Ansible Automation Platform, Event-Driven Ansible (EDA) Event Streams. This vulnerability allows an authenticated user to gain access to sensitive internal infrastructu
A flaw was found in the Red Hat Ansible Automation Platform, Event-Driven Ansible (EDA) Event Stream API. This vulnerability allows exposure of sensitive client credentials and internal infrastructure
A flaw was found in Event-Driven Automation (EDA) in Ansible Automation Platform (AAP), which lacks encryption of sensitive information. An attacker with network access could exploit this vulnerabilit
A missing authorization vulnerability was found in the Event-Driven Ansible (EDA) websocket API. The /api/eda/ws/ansible-rulebook endpoint does not verify user permissions when processing Worker messa
A flaw was found in Ansible Automation Platform’s EDA component where user-supplied Git URLs are passed unsanitized to the git ls-remote command. This vulnerability allows an authenticated attacker to
A flaw was found in the EDA component of the Ansible Automation Platform, where user-supplied Git branch or refspec values are evaluated as Jinja2 templates. This vulnerability allows authenticated us
A flaw was found in Ansible. Sensitive cookies without security flags over non-encrypted channels can lead to Man-in-the-Middle (MitM) and Cross-site scripting (XSS) attacks allowing attackers to read
A flaw was found in Ansible. Three API endpoints are accessible and return verbose, unauthenticated responses. This flaw allows a malicious user to access data that may contain important information.
A flaw was found in Ansible Automation Platform (AAP). Read-only scoped OAuth2 API Tokens in AAP, are enforced at the Gateway level for Gateway-specific operations. However, this vulnerability allows
A flaw was found in the Ansible Automation Platform's Event-Driven Ansible. In configurations where verbosity is set to "debug", inventory passwords are exposed in plain text when starting a rulebook
A vulnerability was found in the Ansible Automation Platform (AAP). This flaw allows attackers to escalate privileges by improperly leveraging read-scoped OAuth2 tokens to gain write access. This issu
A vulnerability was found in Wildfly, where a user may perform Cross-site scripting in the Wildfly deployment system. This flaw allows an attacker or insider to execute a deployment with a malicious p
A flaw was found in Ansible Automation Platform (AAP) where the Gateway API returns the client secret for certain GitHub Enterprise authenticators in clear text. This vulnerability affects administrat
A flaw was found in ansible-collection-community-general. This vulnerability allows for information exposure (IE) of sensitive credentials, specifically plaintext passwords, via verbose output when ru
A flaw was found in Red Hat's AMQ-Streams, which ships a version of the OKHttp component with an information disclosure flaw via an exception triggered by a header containing an illegal value. This is
A flaw was found in Ansible-Core. This vulnerability allows attackers to bypass unsafe content protections using the hostvars object to reference and execute templated content. This issue can lead to
A security flaw has been discovered in Edimax BR-6675nD 1.12. This affects the function formHwSet of the file /goform/formHwSet of the component POST Request Handler. The manipulation of the argument
A flaw was found in the Ansible aap-gateway. Concurrent requests handled by the gateway grpc service can result in concurrency issues due to race condition requests against the proxy. This issue poten
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Automattic Newspack Blocks.This issue affects Newspack Blocks: from n/a through 3.0.8.
An authenticated command injection vulnerability exists in the Polycom HDX Series command shell interface accessible over Telnet. The lan traceroute command in the devcmds console accepts unsanitized
Page 1+ Next →