Security Bulletin: Cross-Site scripting vulnerability in ESAPI may affect IBM Business Automation Workflow - IBM X-Force ID: 273485

Summary IBM Business Automation Workflow is vulnerable to a Cross-Site scripting attack. Vulnerability Details IBM X-Force ID: 273485 DESCRIPTION: Enterprise Security API for Java is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the...

Security Bulletin: Vulnerability in PostCSS affects IBM Business Automation Workflow - CVE-2023-44270

Summary IBM Business Automation Workflow is depends on a vulnerable version of PostCSS. Vulnerability Details CVEID:CVE-2023-44270 DESCRIPTION: PostCSS could allow a remote attacker to bypass security restrictions, caused by improper input validaiton. By using a specially crafted external Cascadi...

Qualcomm Chipsets 安全漏洞

Qualcomm Chipsets are a family of chipsets from Qualcomm Incorporated USA. A security vulnerability exists in Qualcomm Chipsets that results from a denial of service when handling non-standard sized SMS containers received in a DL NAS transport in NR...

[SECURITY] Fedora 38 Update: prometheus-podman-exporter-1.11.0-1.fc38

Prometheus exporter for podman environments exposing containers, pods, images, volumes and networks information...

[SECURITY] Fedora 39 Update: prometheus-podman-exporter-1.11.0-1.fc39

Prometheus exporter for podman environments exposing containers, pods, images, volumes and networks information...

[SECURITY] Fedora 40 Update: prometheus-podman-exporter-1.11.0-1.fc40

Prometheus exporter for podman environments exposing containers, pods, images, volumes and networks information...

Rrgen - A Header Only C++ Library For Storing Safe, Randomly Generated Data Into Modern Containers

This library was developed to combat insecure methods of storing random data into modern C++ containers. For example, old and clunky PRNGs. Thus, rrgen uses STL's distribution engines in order to efficiently and safely store a random number distribution into a given C++ container. Installation 1...

[SECURITY] Fedora 40 Update: netavark-1.10.3-3.fc40

OCI network stack Netavark is a rust based network stack for containers. It is being designed to work with Podman but is also applicable for other OCI container management applications. Netavark is a tool for configuring networking for Linux containers. Its features include: Configuration of...

[SECURITY] Fedora 40 Update: containers-common-0.58.0-2.fc40

This package contains common configuration files and documentation for contai ner tools ecosystem, such as Podman, Buildah and Skopeo. It is required because the most of configuration files and docs come from pro jects which are vendored into Podman, Buildah, Skopeo, etc. but they are not packag ...

Fedora: Security Advisory (FEDORA-2024-a267e93f8c)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora: Security Advisory for netavark (FEDORA-2024-a267e93f8c)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

IBM Storage Protect Plus Server Information Disclosure Vulnerability (CNVD-2024-16923)

IBM Storage Protect Plus Server is an IBM Storage software from International Business Machines IBM that provides recovery, replication, retention and reuse for virtual machines, databases, applications, file systems, SaaS workloads and containers. An information disclosure vulnerability exists i...

IBM Storage Protect Plus Server Access Control Error Vulnerability

IBM Storage Protect Plus Server is an IBM Storage software from International Business Machines IBM that provides recovery, replication, retention and reuse for virtual machines, databases, applications, file systems, SaaS workloads and containers. An access control error vulnerability exists in...

Moderate: Red Hat Security Advisory: Red Hat OpenShift for Windows Containers 8.1.2 security update

The components for Red Hat OpenShift for Windows Containers 8.1.2 are now available. This product release includes bug fixes and security updates for the following packages: windows-machine-config-operator and windows-machine-config-operator-bundle. Red Hat Product Security has rated this update ...

Fedora: Security Advisory (FEDORA-2024-453ee0b3b9)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora: Security Advisory (FEDORA-2024-560a7aca85)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 40 Update: apptainer-1.3.0-1.fc40

Apptainer provides functionality to make portable containers that can be used across host environments...

[SECURITY] Fedora 39 Update: apptainer-1.3.0-1.fc39

Apptainer provides functionality to make portable containers that can be used across host environments...

The vulnerability of the deployment and management software for Azure Kubernetes Service Confidential Containers relates to deficiencies in access control, allowing attackers to escalate their privileges.

The vulnerability of the Azure Kubernetes Service Confidential Containers’ deployment and management software is related to deficiencies in access control. Exploiting this vulnerability could allow a malicious actor to enhance their privileges remotely...

Fedora 38 : ovn (2024-7c11edcd20)

The remote Fedora 38 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-7c11edcd20 advisory. Security fix for CVE-2024-2182 ovn: insufficient validation of BFD packets may lead to denial of service fedora-all Tenable has extracted the...