RLSA-2024:2548 Moderate: podman security and bug fix update

The podman tool manages pods, container images, and containers. It is part of the libpod library, which is for applications that use container pods. Container pods is a concept in Kubernetes. Security Fixes: podman: golang-protobuf: encoding/protojson, internal/encoding/json: infinite loop in...

podman security and bug fix update

4.9.4-3.0.1 - Add devices on container startup, not on creation - Backport fast gzip for compression Orabug: 36420418 - overlay: Put should ignore ENINVAL for Unmount Orabug: 36234694 - Drop nmap-ncat requirement and skip ignore-socket test case Orabug: 34117404 4:4.9.4-3 - rebuild - Related:...

CVE-2023-28633

creationtimestamp| type| source ---|---|--- 2023-04-05 20:26:32+00:00| seen| https://t.me/cibsecurity/61479...

CVE-2023-28633

GLPI exposes a server-side request forgery (SSRF) in RSS feed handling affecting versions prior to 9.5.13 and 10.0.7 (including older 0.84 lineage). When an RSS feed URL is invalid, the autodiscovery feature is triggered without validating safety/URLs, potentially enabling unauthorized network re...

CVE-2023-28633 GLPI vulnerable to Blind Server-Side Request Forgery (SSRF) in RSS feeds

GLPI is a free asset and IT management software package. Starting in version 0.84 and prior to versions 9.5.13 and 10.0.7, usage of RSS feeds is subject to server-side request forgery SSRF. In case the remote address is not a valid RSS feed, an RSS autodiscovery feature is triggered. This feature...

CVE-2022-28633

creationtimestamp| type| source ---|---|--- 2022-08-12 18:43:40+00:00| seen| https://t.me/cibsecurity/48069...

CVE-2022-28633

CVE-2022-28633 affects HPE Integrated Lights-Out 5 (iLO 5) firmware prior to 2.71. An unprivileged, local user can read and write to the iLO 5 firmware filesystem, resulting in complete loss of confidentiality and partial loss of integrity and availability. HPE provides a firmware update (2.71+) ...

Adobe Creative Cloud < 2.5 Multiple Vulnerabilities (APSB21-41) (macOS)

The version of Adobe Creative Cloud installed on the remote macOS host is prior to 2.5. It is, therefore, affected by multiple vulnerabilities as referenced in the apsb21-41 advisory. - Adobe Creative Cloud Desktop Application installer version 2.4 and earlier is affected by an Uncontrolled Searc...

CVE-2020-28633

creationtimestamp| type| source ---|---|--- 2022-04-18 20:23:31+00:00| seen| https://t.me/cibsecurity/41018...

CVE-2020-28633

Multiple code execution vulnerabilities exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could lead to code execution. An attacker can provide malicious input to trigger any o...

CVE-2020-28633

Multiple code execution vulnerabilities exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could lead to code execution. An attacker can provide malicious input to trigger any o...

CVE-2020-28633

Multiple code execution vulnerabilities exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could lead to code execution. An attacker can provide malicious input to trigger any o...

CVE-2020-28633

Multiple code execution vulnerabilities exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could lead to code execution. An attacker can provide malicious input to trigger any o...

CVE-2020-28633

CGAL-5.1.1 Nef polygon parsing contains an out-of-bounds read vulnerability in SNC_io_parser.read_sedge() (prev) that can lead to code execution. CVE-2020-28633 is reported publicly; Debian Gentoo advisories/date ranges indicate fixes in later CGAL releases (e.g., CGAL ≥5.4.1). Remediation per co...

CVE-2021-28633

Adobe Creative Cloud Desktop Application installer version 2.4 and earlier is affected by an Insecure temporary file creation vulnerability that can lead to arbitrary file overwriting in the user context. Exploitation requires physical interaction. Remediation per APSB21-41 is to update to a newe...

CVE-2021-28633

Adobe Creative Cloud Desktop Application installer version 2.4 and earlier is affected by an Insecure temporary file creation vulnerability. An attacker could leverage this vulnerability to cause arbitrary file overwriting in the context of the current user. Exploitation of this issue requires...

Google Android System suffers from an unspecified vulnerability (CNVD-2019-28633)

Android is a Linux-based open source operating system from Google and the Open Handset Alliance OHA in the U.S. System is one of the system components. A security vulnerability exists in System in Android. An attacker can exploit this vulnerability to elevate privileges...