Fedora: Security Advisory for golang-github-instrumenta-kubeval (FEDORA-2022-5cbd6de569)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

[SECURITY] Fedora 34 Update: golang-github-instrumenta-kubeval-0.15.0-7.fc34

Validate your Kubernetes configuration files, supports multiple Kubernetes versions...

CVE-2021-46442

In the "webupg" binary of D-Link DIR-825 G1, attackers can bypass authentication through parameters "autoupgrade.asp", and perform functions such as downloading configuration files and updating firmware without authorization...

CVE-2021-46442

In the "webupg" binary of D-Link DIR-825 G1, attackers can bypass authentication through parameters "autoupgrade.asp", and perform functions such as downloading configuration files and updating firmware without authorization...

CVE-2021-46442

Summary of CVE-2021-46442 : Affected product is the D-Link DIR-825 G1 router, specifically the webupg binary. The vulnerability allows an attacker to bypass authentication via the parameter involved in the autoupgrade.asp flow, enabling unauthorized actions such as downloading configuration files...

CVE-2021-3722

A denial of service vulnerability was reported in Lenovo PCManager prior to version 4.0.40.2175 that could allow configuration files to be written to non-standard locations during installation...

Denial of service

A denial of service vulnerability was reported in Lenovo PCManager prior to version 4.0.40.2175 that could allow configuration files to be written to non-standard locations during installation...

CVE-2021-3722

A denial of service vulnerability was reported in Lenovo PCManager prior to version 4.0.40.2175 that could allow configuration files to be written to non-standard locations during installation...

Cisco Virtualized Infrastructure Manager访问控制错误漏洞

Cisco Virtualized Infrastructure Manager is a fully automated cloud lifecycle management system from Cisco, U.S. An access control error vulnerability exists in Cisco Virtualized Infrastructure Manager, which stems from certain configuration files' The vulnerability is caused by an access privile...

Lenovo Pcmanager 安全漏洞

Lenovo Lenovo Pcmanager Lenovo Computer Manager is a software from Lenovo, China that allows comprehensive management of Pc devices. A security vulnerability exists in versions prior to Lenovo PCManager 4.0.40.2175, which could allow configuration files to be written to non-standard locations...

CVE-2022-20732

A vulnerability in the configuration file protections of Cisco Virtualized Infrastructure Manager VIM could allow an authenticated, local attacker to access confidential information and elevate privileges on an affected device. This vulnerability is due to improper access permissions for certain...

Improper access control

A vulnerability in the configuration file protections of Cisco Virtualized Infrastructure Manager VIM could allow an authenticated, local attacker to access confidential information and elevate privileges on an affected device. This vulnerability is due to improper access permissions for certain...

CVE-2022-20732

Cisco CVE-2022-20732 affects Cisco Virtualized Infrastructure Manager (VIM). The vulnerability stems from improper access permissions on certain configuration files, enabling an authenticated, local attacker with low privileges to read confidential configuration data and internal database credent...

CVE-2022-20732 Cisco Virtualized Infrastructure Manager Privilege Escalation Vulnerability

A vulnerability in the configuration file protections of Cisco Virtualized Infrastructure Manager VIM could allow an authenticated, local attacker to access confidential information and elevate privileges on an affected device. This vulnerability is due to improper access permissions for certain...

Cisco Virtualized Infrastructure Manager Privilege Escalation Vulnerability

A vulnerability in the configuration file protections of Cisco Virtualized Infrastructure Manager VIM could allow an authenticated, local attacker to access confidential information and elevate privileges on an affected device. This vulnerability is due to improper access permissions for certain...

Cisco Virtualized Infrastructure Manager 访问控制错误漏洞

Cisco Virtualized Infrastructure Manager is a fully automated cloud lifecycle management system from Cisco, U.S. An access control error vulnerability exists in Cisco Virtualized Infrastructure Manager, which stems from certain configuration files' The vulnerability is caused by an access privile...

The vulnerability of GUI temperature control software relates to errors in processing configuration files *.gd1. This allows an intruder to access protected information or cause service failures.

The vulnerability of GUI temperature control software is related to errors in processing configuration files .gd1. Exploiting this vulnerability can allow an attacker to gain access to protected information or cause service failures...

The vulnerability of GUI temperature control software lies in its ability to write beyond the buffer boundaries when processing configuration files in the *.gd1 format. This allows a hacker to execute arbitrary code.

The vulnerability of GUI temperature control software relates to the possibility of writing beyond the buffer boundaries when processing configuration files in the .gd1 format. Exploiting this vulnerability allows an attacker to execute arbitrary code...

CVE-2022-25165

An issue was discovered in Amazon AWS VPN Client 2.0.0. A TOCTOU race condition exists during the validation of VPN configuration files. This allows parameters outside of the AWS VPN Client allow list to be injected into the configuration file prior to the AWS VPN Client service running as SYSTEM...

CVE-2022-25165

An issue was discovered in Amazon AWS VPN Client 2.0.0. A TOCTOU race condition exists during the validation of VPN configuration files. This allows parameters outside of the AWS VPN Client allow list to be injected into the configuration file prior to the AWS VPN Client service running as SYSTEM...