13 matches found
Linux Distros Unpatched Vulnerability : CVE-2022-0563
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in the util-linux chfn and chsh utilities when compiled with Readline support. The Readline library uses an INPUTRC environment variable to get...
CVE-2024-43330
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in IdeaBox Creations PowerPack for Beaver Builder allows Reflected XSS.This issue affects PowerPack for Beaver Builder: from n/a before 2.37.4...
WordPress plugin PowerPack for Beaver Builder 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability...
Huawei EulerOS: Security Advisory for git (EulerOS-SA-2023-1502)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS 2.0 SP9 : git (EulerOS-SA-2023-1123)
According to the versions of the git packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Git is an open source, scalable, distributed revision control system. Versions prior to 2.30.6, 2.31.5, 2.32.4, 2.33.5, 2.34.5, 2.35.5, 2.36.3, and...
Prometheus vulnerable to basic authentication bypass
Impact Prometheus can be secured by a web.yml file that specifies usernames and hashed passwords for basic authentication. Passwords are hashed with bcrypt, which means that even if you have access to the hash, it is very hard to find the original password back. However, a flaw in the way this...
Ubuntu 22.10 : Git vulnerabilities (USN-5686-3)
The remote Ubuntu 22.10 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5686-3 advisory. USN-5686-1 fixed vulnerabilities in Git. This update provides the corresponding updates for Ubuntu 22.10. Tenable has extracted the preceding description blo...
CVE-2022-39260
Git is an open source, scalable, distributed revision control system. git shell is a restricted login shell that can be used to implement Git's push/pull functionality via SSH. In versions prior to 2.30.6, 2.31.5, 2.32.4, 2.33.5, 2.34.5, 2.35.5, 2.36.3, and 2.37.4, the function that splits the...
CVE-2022-39253
Git is an open source, scalable, distributed revision control system. Versions prior to 2.30.6, 2.31.5, 2.32.4, 2.33.5, 2.34.5, 2.35.5, 2.36.3, and 2.37.4 are subject to exposure of sensitive information to a malicious actor. When performing a local clone where the source and target of the clone...
UBUNTU-CVE-2022-39260
Git is an open source, scalable, distributed revision control system. git shell is a restricted login shell that can be used to implement Git's push/pull functionality via SSH. In versions prior to 2.30.6, 2.31.5, 2.32.4, 2.33.5, 2.34.5, 2.35.5, 2.36.3, and 2.37.4, the function that splits the...
CVE-2022-0563 affecting package util-linux for versions less than 2.37.4-1
CVE-2022-0563 affecting package util-linux for versions less than 2.37.4-1. An upgraded version of the package is available that resolves this issue...
Privilege escalation
A flaw was found in the util-linux chfn and chsh utilities when compiled with Readline support. The Readline library uses an "INPUTRC" environment variable to get a path to the library config file. When the library cannot parse the specified file, it prints an error message containing data from t...
CVE-2022-0563
A flaw was found in the util-linux chfn and chsh utilities when compiled with Readline support. The Readline library uses an "INPUTRC" environment variable to get a path to the library config file. When the library cannot parse the specified file, it prints an error message containing data from t...