RHCOS 4 : OpenShift Container Platform 4.10.25 (RHSA-2022:5729)

The remote Red Hat Enterprise Linux CoreOS 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:5729 advisory. - golang: cmd/go: misinterpretation of branch names can lead to incorrect access control CVE-2022-23773 - golang: crypto/elliptic:...

TencentOS Server 3: go-toolset:rhel8 (TSSA-2022:0131)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2022:0131 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...

Fedora 37 : golang (2022-bf188fb91a)

The remote Fedora 37 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2022-bf188fb91a advisory. Automatic update for golang-1.18.4-1.fc37. Changelog Wed Jul 13 2022 Alejandro Sez - 1.18.4-1 - Update to 1.18.4 Sun Jun 19 2022 Robert-Andr Mauchin...

RHEL 8 : ior (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - golang: crypto/elliptic: panic caused by oversized scalar CVE-2022-28327 Note that Nessus has not tested for this...

RHEL 8 : Release of OpenShift Serverless Client kn 1.24.0 (Important) (RHSA-2022:6042)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2022:6042 advisory. Red Hat OpenShift Serverless Client kn 1.24.0 provides a CLI to interact with Red Hat OpenShift Serverless 1.24.0. The kn CLI is delivered a...

CVE-2024-28327

CVE-2024-28327 affects Asus RT-N12+ B1 router. The root cause is that the device stores user passwords in plaintext, enabling local attackers to obtain unauthorized access and modify router settings. Documented impact is high (local access, confidentiality/integrity/availability at risk). Publicl...

CVE-2024-28327

Asus RT-N12+ B1 router stores user passwords in plaintext, which could allow local attackers to obtain unauthorized access and modify router settings...

RHEL 8 : Red Hat OpenShift Enterprise (RHSA-2023:3914)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:3914 advisory. Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or privat...

Rocky Linux 8 : go-toolset:rhel8 (RLSA-2022:5337)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2022:5337 advisory. - encoding/pem in Go before 1.17.9 and 1.18.x before 1.18.1 has a Decode stack overflow via a large amount of PEM data. CVE-2022-24675 - regexp.Compile ...

Security Bulletin: IBM Storage Ceph is vulnerable to a panic in Golang (CVE-2022-28327)

Summary Golang is used by IBM Storage Ceph as part of RGW and in assorted other locations. CVE-2022-28327 Vulnerability Details CVEID: CVE-2022-28327 DESCRIPTION: Golang Go is vulnerable to a denial of service, caused by improper input validaiton by the generic P-256 feature in crypto/elliptic. B...

BELL-CVE-2023-28327 CVE-2023-28327 does not affect BellSoft software

Bulletin has no description...

BELL-CVE-2022-28327 CVE-2022-28327 does not affect BellSoft software

Bulletin has no description...

Important: Red Hat Security Advisory: Red Hat OpenShift Enterprise security update

Red Hat OpenShift Container Platform release 4.11.44 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.11. Red Hat Product Security has rated this update as having a...

Moderate: Red Hat Security Advisory: OpenShift Jenkins image and Jenkins agent base image security update

Release of Bug Advisories for the OpenShift Jenkins image and Jenkins agent base image. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

SUSE: Security Advisory (SUSE-SU-2023:2312-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2023-28327 affecting package kernel for versions less than 5.15.111.1-1

CVE-2023-28327 affecting package kernel for versions less than 5.15.111.1-1. A patched version of the package is available...

CVE-2023-28327

creationtimestamp| type| source ---|---|--- 2023-04-20 04:02:41+00:00| seen| https://t.me/cibsecurity/62496 2023-11-15 16:53:03+00:00| published-proof-of-concept| https://t.me/BABATATASASA/5977...

CVE-2023-28327

A NULL pointer dereference flaw was found in the UNIX protocol in net/unix/diag.c In unixdiaggetexact in the Linux Kernel. The newly allocated skb does not have sk, leading to a NULL pointer. This flaw allows a local user to crash or potentially cause a denial of service...

CVE-2023-28327

A NULL pointer dereference flaw was found in the UNIX protocol in net/unix/diag.c In unixdiaggetexact in the Linux Kernel. The newly allocated skb does not have sk, leading to a NULL pointer. This flaw allows a local user to crash or potentially cause a denial of service...

CVE-2023-28327

A NULL pointer dereference flaw was found in the UNIX protocol in net/unix/diag.c In unixdiaggetexact in the Linux Kernel. The newly allocated skb does not have sk, leading to a NULL pointer. This flaw allows a local user to crash or potentially cause a denial of service...