CyberSecurityBoard
Sponsor Register Login

CVE-2023-6570

Server-Side Request Forgery (SSRF) in kubeflow/kubeflow

This Cyber News was published on www.tenable.com. Publication date: Sat, 16 Dec 2023 17:41:03 +0000


Cyber News related to CVE-2023-6570

CVE-2012-4966 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2012-6570. Reason: This candidate is a reservation duplicate of CVE-2012-6570. Notes: All CVE users should reference CVE-2012-6570 instead of this candidate. All references and ...
55 years ago Tenable.com
Vulnerability Summary for the Week of November 27, 2023 - PrimaryVendor - Product apple - multiple products Description A memory corruption vulnerability was addressed with improved locking. Published 2023-12-01 CVSS Score not yet calculated Source & Patch Info CVE-2023-48842 PrimaryVendor - Product dell - ...
1 year ago Cisa.gov CVE-2023-48842 CVE-2023-43089 CVE-2023-39226 CVE-2023-46690 CVE-2023-47207 CVE-2023-46886 CVE-2023-48882 CVE-2023-49656 CVE-2023-28896 CVE-2023-48016 CVE-2023-49092 CVE-2023-2266 CVE-2023-2267 CVE-2023-31177 CVE-2023-34388 CVE-2023-34389 CVE-2023-48848 CVE-2023-4398
CVE-2024-37051 - GitHub access token could be exposed to third-party sites in JetBrains IDEs after version 2023.1 and less than: IntelliJ IDEA 2023.1.7, 2023.2.7, 2023.3.7, 2024.1.3, 2024.2 EAP3; Aqua 2024.1.2; CLion 2023.1.7, 2023.2.4, 2023.3.5, 2024.1.3, 2024.2 ...
1 year ago Tenable.com
Patching Perforce perforations: Critical RCE vulnerability discovered in Perforce Helix Core Server - Sig 11,887 p4api vs2017 static openssl3 p4api-2023.1.2468153-vs2017 static. Sig 11,847 p4api vs2017 static p4api-2023.1.2468153-vs2017 static. Sig 10,187 p4api vs2017 static vsdebug openssl3 p4api-2023.1.2468153-vs2017 static vsdebug. Sig 10,147 ...
1 year ago Microsoft.com
The Surveillance Showdown That Fizzled - Like the weather rapidly getting colder outside, the fight over renewing, reforming, or sunsetting the mass surveillance power of Section 702 has been put on ice until spring. In the last week of legislative business before the winter break, Congress ...
1 year ago Eff.org
Threat landscape for industrial automation systems. H2 2023 - In the second half of 2023, the percentage of ICS computers on which malicious objects were blocked decreased by 2.1 pp to 31.9%. Percentage of ICS computers on which malicious objects were blocked, by half year. In H2 2023, building automation once ...
1 year ago Securelist.com
Multiple Flaws in Dell PowerProtect Products Execute Commands - Multiple vulnerabilities have been discovered in Dell's PowerProtect, which were associated with SQL injection, cross-site scripting, privilege escalation, command injection, and path tracing. The severity for these vulnerabilities ranges between 4.3 ...
1 year ago Cybersecuritynews.com CVE-2023-44286 CVE-2023-44284 CVE-2023-48668 CVE-2023-44277 CVE-2023-48667 CVE-2023-44279 CVE-2023-44278 CVE-2023-44285
CVE-2023-6570 - Server-Side Request Forgery (SSRF) in kubeflow/kubeflow ...
1 year ago Tenable.com
The House Intelligence Committee's Surveillance 'Reform' Bill is a Farce - Earlier this week, both the House Committee on the Judiciary and the House Permanent Select Committee on Intelligence marked up two very different bills, both of which would reauthorize Section 702 of the Foreign Intelligence Surveillance Act-but in ...
1 year ago Eff.org
Competing Section 702 surveillance bills on collision path The Register - Two competing bills to reauthorize America's FISA Section 702 spying powers advanced in the House of Representatives committees this week, setting up Congress for a battle over warrantless surveillance before the law lapses in the New Year. At stake ...
1 year ago Go.theregister.com
Competing Section 702 surveillance bills on collision path The Register - Two competing bills to reauthorize America's FISA Section 702 spying powers advanced in the House of Representatives committees this week, setting up Congress for a battle over warrantless surveillance before the law lapses in the New Year. At stake ...
1 year ago Theregister.com
CVE-2014-6600 - Unspecified vulnerability in Oracle Sun Solaris 11 allows local users to affect availability via unknown vectors related to File System, a different vulnerability than CVE-2014-6570 and CVE-2015-0397. ...
8 years ago
CVE-2014-6570 - Unspecified vulnerability in Oracle Sun Solaris 11 allows local users to affect availability via unknown vectors related to File System, a different vulnerability than CVE-2014-6600 and CVE-2015-0397. ...
8 years ago
CVE-2015-0397 - Unspecified vulnerability in Oracle Sun Solaris 11 allows local users to affect availability via unknown vectors related to File System, a different vulnerability than CVE-2014-6570 and CVE-2014-6600. ...
7 years ago
CVE-2011-1332 - Cross-site scripting (XSS) vulnerability in Cybozu Garoon 2.0.0 through 2.1.3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2008-6570. ...
13 years ago
CVE-2012-6570 - The HTTP module in the (1) Branch Intelligent Management System (BIMS) and (2) web management components on Huawei AR routers and S2000, S3000, S3500, S3900, S5100, S5600, S7800, and S8500 switches does not check whether HTTP data is longer than the ...
12 years ago
CVE-2007-6570 - Cross-site scripting (XSS) vulnerability in the View URL Database functionality in Sun Java System Web Proxy Server 4.x before 4.0.6 and 3.x before 3.6 SP11 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka ...
7 years ago
CVE-2008-6570 - Cross-site scripting (XSS) vulnerability in the RSS reader in Cybozu Garoon 2.0.0 through 2.1.3 allows remote attackers to inject arbitrary web script or HTML via a crafted RSS feed. ...
7 years ago
CVE-2006-6570 - Unrestricted file upload vulnerability in upload.php in GenesisTrader 1.0 allows remote authenticated users to upload arbitrary files via unspecified vectors, possibly involving form.php and the ajoutfich "foap" action. ...
6 years ago
CVE-2017-6570 - A SQL injection issue is exploitable, with WordPress admin access, in the Mail Masta (aka mail-masta) plugin 1.0 for WordPress. This affects ./inc/campaign/view-campaign-list.php with the GET Parameter: id. ...
6 years ago
CVE-2020-6570 - Information leakage in WebRTC in Google Chrome prior to 85.0.4183.83 allowed a remote attacker to obtain potentially sensitive information via a crafted WebRTC interaction. ...
4 years ago
CVE-2019-6570 - A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V2.0). Due to insufficient checking of user permissions, an attacker may access URLs that require special authorization. An attacker must have access to a low ...
4 years ago
CVE-2013-6570 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2013. Notes: none ...
55 years ago Tenable.com
CVE-2024-6570 - The Glossary plugin for WordPress is vulnerable to Full Path Disclosure in all versions up to, and including, 2.2.26. This is due the plugin utilizing wpdesk and not preventing direct access to the test files along with display_errors being enabled. ...
10 months ago
CVE-2025-6570 - A vulnerability, which was classified as critical, has been found in PHPGurukul Hospital Management System 4.0. Affected by this issue is some unknown functionality of the file /doctor/search.php. The manipulation of the argument searchdata leads to ...
16 hours ago

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)