Microsoft Windows 10 Gold, 1511, 1607, And 1703, And Windows Server 2016 Security Vulnerabilities

Security Bulletin: IBM App Connect Enterprise is vulnerable to a denial of service due to Apache Commons Compress (CVE-2024-25710, CVE-2024-26308)

Summary The Transformation Advisor tool in IBM App Connect Enterprise is vulnerable to a denial of service due to Apache Commons Compress. This bulletin identifies the steps to take to address the vulnerability. Vulnerability Details ** CVEID: CVE-2024-25710 DESCRIPTION: **Apache Commons Compress.....

CVE-2016-9179 affecting package lynx 2.9.0~dev.9-5

CVE-2016-9179 affecting package lynx 2.9.0~dev.9-5. This CVE either no longer is or was never...

CVE-2016-2124 affecting package samba 4.12.5-6

CVE-2016-2124 affecting package samba 4.12.5-6. No patch is available...

CVE-2016-4912 affecting package openslp 2.0.0-26

CVE-2016-4912 affecting package openslp 2.0.0-26. No patch is available...

CVE-2016-1000104 affecting package mod_fcgid 2.3.9-21

CVE-2016-1000104 affecting package mod_fcgid 2.3.9-21. No patch is available...

CVE-2016-2568 affecting package polkit 0.119-3

CVE-2016-2568 affecting package polkit 0.119-3. No patch is available...

CVE-2016-8681 affecting package libdwarf for versions less than 0.9.0

CVE-2016-8681 affecting package libdwarf for versions less than 0.9.0. A patched version of the package is...

CVE-2023-44487 affecting package prometheus for versions less than 2.37.0-10

CVE-2023-44487 affecting package prometheus for versions less than 2.37.0-10. A patched version of the package is...

CVE-2022-3857 affecting package syslinux 6.04-10

CVE-2022-3857 affecting package syslinux 6.04-10. No patch is available...

CVE-2023-44487 affecting package cmake for versions less than 3.21.4-10

CVE-2023-44487 affecting package cmake for versions less than 3.21.4-10. A patched version of the package is...

CVE-2022-43552 affecting package cmake 3.21.4-10

CVE-2022-43552 affecting package cmake 3.21.4-10. No patch is available...

CVE-2023-23916 affecting package cmake 3.21.4-10

CVE-2023-23916 affecting package cmake 3.21.4-10. No patch is available...

CVE-2023-23915 affecting package cmake 3.21.4-10

CVE-2023-23915 affecting package cmake 3.21.4-10. No patch is available...

CVE-2016-3709 affecting package libxml2 2.9.14-3

CVE-2016-3709 affecting package libxml2 2.9.14-3. This CVE either no longer is or was never...

CVE-2016-2568 affecting package polkit 0.116-7

CVE-2016-2568 affecting package polkit 0.116-7. No patch is available...

GHSA-95PR-FXF5-86GV vulnerabilities

Vulnerabilities for packages: aactl, policy-controller, skaffold, wolfictl, tkn, tekton-chains, falco, gitsign, melange, kubescape, zarf, goreleaser, flux-source-controller, slsa-verifier, zot, falcoctl, spire-server, apko,...

GHSA-VQ7J-GX56-RXJH vulnerabilities

Vulnerabilities for packages: kind, falco,...

GHSA-49WX-9H9F-8C9G vulnerabilities

Vulnerabilities for packages:...

CVE-2024-21885 vulnerabilities

Vulnerabilities for packages:...

CVE-2024-21886 vulnerabilities

Vulnerabilities for packages:...

CVE-2024-31080 vulnerabilities

Vulnerabilities for packages:...

CVE-2024-21506 vulnerabilities

Vulnerabilities for packages: py3-pymongo,...

CVE-2024-28219 vulnerabilities

Vulnerabilities for packages: py3-pillow,...

CVE-2024-34069 vulnerabilities

Vulnerabilities for packages: superset, kubeflow-pipelines-visualization-server,...

GHSA-2G68-C3QC-8985 vulnerabilities

Vulnerabilities for packages: superset, kubeflow-pipelines-visualization-server,...

CVE-2023-44487 vulnerabilities

Vulnerabilities for packages: tctl, aactl, terraform, memcached-exporter, kubernetes-csi-livenessprobe, src, prometheus-stackdriver-exporter, istio-envoy, cue, oauth2-proxy, buildkitd, keda, pulumi, metacontroller, ollama, nginx-mainline, nvidia-device-plugin, prometheus, coredns, hugo, argo-cd,...

GHSA-MQ39-4GV4-MVPX vulnerabilities

Vulnerabilities for packages: crossplane, datadog-agent, cadvisor, aactl, dagger, buildkitd, kargo, wolfictl, ctop, tkn, trivy, up, buf, kaniko, syft, prometheus, conftest, melange, kubescape, telegraf, docker-compose, grype, zot, spire-server, ko,...

CVE-2024-29018 vulnerabilities

Vulnerabilities for packages: crossplane, datadog-agent, cadvisor, aactl, dagger, buildkitd, kargo, wolfictl, ctop, tkn, trivy, up, buf, kaniko, syft, prometheus, conftest, melange, kubescape, telegraf, docker-compose, grype, zot, spire-server, ko,...

GHSA-2C7C-3MJ9-8FQH vulnerabilities

Vulnerabilities for packages: kyverno, aactl, flux-kustomize-controller, kots, istio-pilot-discovery, cosign, cilium-envoy, rekor, oauth2-proxy, keda, argo-workflows, vault, traefik, sops, terragrunt, tkn, tekton-chains, falco, gitsign, kubescape, cloudflared, external-secrets-operator,...

GHSA-8R3F-844C-MC37 vulnerabilities

Vulnerabilities for packages: tctl, crossplane, kubernetes-csi-external-resizer, hugo-extended, aactl, nri-discovery-kubernetes, terraform, skopeo, memcached-exporter, kubernetes-csi-livenessprobe, crossplane-provider-aws, src, prometheus-stackdriver-exporter, cass-operator, istio-pilot-discovery,....

CVE-2023-45289 vulnerabilities

Vulnerabilities for packages: tctl, crossplane, kubernetes-csi-external-resizer, esbuild, nri-discovery-kubernetes, terraform, memcached-exporter, kubernetes-csi-livenessprobe, src, cass-operator, kyverno-policy-reporter-kyverno-plugin, cue, protoc-gen-go-grpc, supercronic, direnv, buildkitd,...

GHSA-MRWW-27VC-GGHV vulnerabilities

Vulnerabilities for packages: kine, k3s, ferretdb, amass, spicedb, temporal-server, keda, kube-bench, argo-workflows, trillian, kots, caddy, telegraf, vault, src,...

CVE-2024-27304 vulnerabilities

Vulnerabilities for packages: kine, k3s, ferretdb, amass, spicedb, temporal-server, keda, kube-bench, argo-workflows, trillian, kots, caddy, telegraf, vault, src,...

GHSA-JJG7-2V4V-X38H vulnerabilities

Vulnerabilities for packages: ggshield, kubeflow-pipelines, kubeflow-jupyter-web-app, k8s-sidecar, confluent-docker-utils, kubeflow-pipelines-visualization-server, py3-cassandra-medusa, kubeflow-katib, py3-idna, az,...

CVE-2024-3651 vulnerabilities

Vulnerabilities for packages: ggshield, kubeflow-pipelines, kubeflow-jupyter-web-app, k8s-sidecar, confluent-docker-utils, kubeflow-pipelines-visualization-server, py3-cassandra-medusa, kubeflow-katib, py3-idna, az,...

GHSA-RXV8-V965-V333 vulnerabilities

Vulnerabilities for packages:...

CVE-2023-39320 vulnerabilities

Vulnerabilities for packages:...

GHSA-HJ3V-M684-V259 vulnerabilities

Vulnerabilities for packages: kyverno, falco, istio-cni, minio, istio-pilot-agent, mc, istio-operator, falcoctl, spire-server, external-secrets-operator, istio-pilot-discovery,...

GHSA-H75V-3VVJ-5MFJ vulnerabilities

Vulnerabilities for packages: dask-gateway, confluent-docker-utils, superset, reflex,...

GHSA-679V-HH23-H5JH vulnerabilities

Vulnerabilities for packages: kind, falco,...

CVE-2023-44487 affecting package prometheus for versions less than 2.37.0-10

CVE-2023-44487 affecting package prometheus for versions less than 2.37.0-10. A patched version of the package is...

GHSA-PCJV-393Q-RQF2 vulnerabilities

Vulnerabilities for packages:...

CVE-2024-31081 vulnerabilities

Vulnerabilities for packages:...

CVE-2024-31082 vulnerabilities

Vulnerabilities for packages:...

CVE-2023-45288 vulnerabilities

Vulnerabilities for packages: kubernetes-csi-external-resizer, esbuild, nri-discovery-kubernetes, kubernetes-csi-livenessprobe, prometheus-stackdriver-exporter, direnv, nri-nagios, pulumi, prometheus-pushgateway, k8sgpt, terragrunt, trivy, flyte, nri-mongodb, hello-world-golang,...

GHSA-5FQ7-4MXC-535H vulnerabilities

Vulnerabilities for packages: crossplane, kubernetes-csi-external-resizer, aactl, skopeo, kubernetes-csi-livenessprobe, crossplane-provider-aws, src, wave, kyverno-policy-reporter-kyverno-plugin, guac, rekor, cue, harbor-scanner-trivy, oauth2-proxy, rclone, spegel, direnv, buildkitd,...

CVE-2024-24787 vulnerabilities

Vulnerabilities for packages: crossplane, kubernetes-csi-external-resizer, aactl, skopeo, kubernetes-csi-livenessprobe, crossplane-provider-aws, src, wave, kyverno-policy-reporter-kyverno-plugin, guac, rekor, cue, harbor-scanner-trivy, oauth2-proxy, rclone, spegel, direnv, buildkitd,...

CVE-2023-45285 vulnerabilities

Vulnerabilities for packages: grpcurl, nsc, oras, hey, wait-for-port, aactl, nri-discovery-kubernetes, metrics-server, sonobuoy, dgraph, docker-cli, prometheus-stackdriver-exporter, cass-operator, kind, go-licenses, gops, cilium-envoy, gosu, protoc-gen-go-grpc, amass, k3d, cni-plugins,...

CVE-2023-3978 vulnerabilities

Vulnerabilities for packages: tctl, kubernetes-csi-external-resizer, aactl, terraform, memcached-exporter, kubernetes-csi-livenessprobe, crossplane-provider-aws, src, prometheus-stackdriver-exporter, cue, oauth2-proxy, buildkitd, keda, pulumi, prometheus-alertmanager, prometheus-pushgateway,...

CVE-2023-48795 vulnerabilities

Vulnerabilities for packages: nsc, crossplane, aactl, terraform, skopeo, memcached-exporter, crossplane-provider-aws, src, prometheus-stackdriver-exporter, istio-pilot-discovery, rekor, oauth2-proxy, istio-cni, buildkitd, pulumi, argo-workflows, prometheus-alertmanager, kyverno-policy-reporter,...