RHCOS 4 : OpenShift Container Platform 4.10.25 (RHSA-2022:5729)

The remote Red Hat Enterprise Linux CoreOS 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:5729 advisory. - golang: cmd/go: misinterpretation of branch names can lead to incorrect access control CVE-2022-23773 - golang: crypto/elliptic:...

Linux Distros Unpatched Vulnerability : CVE-2022-24921

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - regexp.Compile in Go before 1.16.15 and 1.17.x before 1.17.8 allows stack exhaustion via a deeply nested expression. CVE-2022-24921 Note that Nessus relies on t...

Azure Linux 3.0 Security Update: golang / python-tensorboard (CVE-2022-24921)

The version of golang / python-tensorboard installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2022-24921 advisory. - regexp.Compile in Go before 1.16.15 and 1.17.x before 1.17.8 allows stack exhaustion vi...

CBL Mariner 2.0 Security Update: golang (CVE-2022-24921)

The version of golang installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2022-24921 advisory. - regexp.Compile in Go before 1.16.15 and 1.17.x before 1.17.8 allows stack exhaustion via a deeply nested...

CVE-2022-24921 affecting package python-tensorboard for versions less than 2.16.2-2

CVE-2022-24921 affecting package python-tensorboard for versions less than 2.16.2-2. An upgraded version of the package is available that resolves this issue...

RHEL 7 / 8 : OpenShift Virtualization 4.12.0 RPMs (RHSA-2023:0407)

The remote Redhat Enterprise Linux 7 / 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:0407 advisory. OpenShift Virtualization is Red Hat's virtualization solution designed for Red Hat OpenShift Container Platform.This advisory contains...

RHEL 8 : Release of OpenShift Serverless Client kn 1.24.0 (Important) (RHSA-2022:6042)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2022:6042 advisory. Red Hat OpenShift Serverless Client kn 1.24.0 provides a CLI to interact with Red Hat OpenShift Serverless 1.24.0. The kn CLI is delivered a...

CVE-2024-24921

Siemens Simcenter Femap is affected by CVE-2024-24921 in all versions prior to V2401.0000. The issue is a memory corruption flaw triggered while parsing specially crafted Catia MODEL files, enabling code execution in the current process context (ZDI-CAN-21712). Mitigation per the sources is to up...

CVE-2024-24921

A vulnerability has been identified in Simcenter Femap All versions V2401.0000. The affected application is vulnerable to memory corruption while parsing specially crafted Catia MODEL files. This could allow an attacker to execute code in the context of the current process. ZDI-CAN-21712...

Siemens Simcenter Femap

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services |...

Rocky Linux 8 : go-toolset:rhel8 (RLSA-2022:5337)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2022:5337 advisory. - encoding/pem in Go before 1.17.9 and 1.18.x before 1.18.1 has a Decode stack overflow via a large amount of PEM data. CVE-2022-24675 - regexp.Compile ...

CVE-2023-24921

creationtimestamp| type| source ---|---|--- 2023-03-14 19:30:22+00:00| seen| https://t.me/cibsecurity/60007...

CVE-2023-24921

Microsoft Dynamics 365 on-premises Cross-site Scripting Vulnerability...

CVE-2023-24921 Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability

...

CVE-2023-24921 Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability

...

KLA48561 Multiple vulnerabilities in Microsoft Dynamics

Multiple vulnerabilities were found in Microsoft Dynamics 365. Malicious users can exploit these vulnerabilities to spoof user interface, obtain sensitive information. Below is a complete list of vulnerabilities: 1. Security UI vulnerability in Microsoft Dynamics 365 on-premises can be exploited...

Security Updates for Microsoft Dynamics 365 (on-premises) (February 2023)

The Microsoft Dynamics 365 on-premises is missing security updates. It is, therefore, affected by multiple session spoofing vulnerabilities. An attacker can exploit these to perform actions with the privileges of another user Note that Nessus has not tested for these issues but has instead relied...

Security Bulletin: IBM Cloud Pak for Multicloud Management Monitoring has applied security fixes for its use of Golang Go (CVE-2022-24921, CVE-2022-28327, CVE-2022-24675)

Summary IBM Cloud Pak for Multicloud Management Monitoring has patched its use of Golang Go due to vulnerabilities with that runtime. Vulnerability Details CVEID:CVE-2022-24921 DESCRIPTION: Golang Go is vulnerable to a denial of service, caused by improper input validation. By using a...

Moderate: Red Hat Security Advisory: OpenShift Virtualization 4.12.0 RPMs security update

Updated release packages that fix several bugs and add various enhancements are now available. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for ea...

Security Bulletin: IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to a denial of service in Golang Go (CVE-2022-24921).

Summary IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to a denial of service in Golang Go, caused by improper input validation, which may be exploited to cause a goroutine stack exhaustion CVE-2022-24921. Golang Go is included in some of the operators used in IBM...