606 matches found
CVE-2024-27397
In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: use timestamp to check for set element timeout Add a timestamp field at the beginning of the transaction, store it in the nftables per-netns area. Update set backend .insert, .deactivate and sync gc path to u...
AZL-40679 CVE-2024-27397 affecting package hyperv-daemons for versions less than 5.15.158.2-1
In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: use timestamp to check for set element timeout Add a timestamp field at the beginning of the transaction, store it in the nftables per-netns area. Update set backend .insert, .deactivate and sync gc path to u...
AZL-40546 CVE-2024-27397 affecting package hyperv-daemons for versions less than 6.6.56.1-1
In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: use timestamp to check for set element timeout Add a timestamp field at the beginning of the transaction, store it in the nftables per-netns area. Update set backend .insert, .deactivate and sync gc path to u...
UBUNTU-CVE-2024-27397
In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: use timestamp to check for set element timeout Add a timestamp field at the beginning of the transaction, store it in the nftables per-netns area. Update set backend .insert, .deactivate and sync gc path to u...
SUSE CVE-2024-27397
In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: use timestamp to check for set element timeout Add a timestamp field at the beginning of the transaction, store it in the nftables per-netns area. Update set backend .insert, .deactivate and sync gc path to u...
CVE-2024-27397 netfilter: nf_tables: use timestamp to check for set element timeout
In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: use timestamp to check for set element timeout Add a timestamp field at the beginning of the transaction, store it in the nftables per-netns area. Update set backend .insert, .deactivate and sync gc path to u...
CVE-2024-27397 netfilter: nf_tables: use timestamp to check for set element timeout
In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: use timestamp to check for set element timeout Add a timestamp field at the beginning of the transaction, store it in the nftables per-netns area. Update set backend .insert, .deactivate and sync gc path to u...
K000138636: BIG-IP Configuration utility XSS vulnerability CVE-2024-31156
Security Advisory Description A stored cross-site scripting XSS vulnerability exists in an undisclosed page of the BIG-IP Configuration utility that allows an attacker to run JavaScript in the context of the currently logged-in user. CVE-2024-31156 Impact An authenticated attacker may exploit thi...
K000138894: BIG-IP Configuration utility XSS vulnerability CVE-2024-33604
Security Advisory Description A reflected cross-site scripting XSS vulnerability exists in an undisclosed page of the BIG-IP Configuration utility that allows an attacker to run JavaScript in the context of the currently logged-in user. CVE-2024-33604 Impact An attacker may exploit this...
Denial Of Service (DoS)
github.com/stacklok/minder is vulnerable to Denial Of Service DoS. The vulnerability is due to improper validation of HTTP requests before processing them in server.go, allowing untrusted requests to crash the Minder control plane, denying service to other users...
CVE-2024-34066 Arbitrary File Write/Read in Pterodactyl wings
Pterodactyl wings is the server control plane for Pterodactyl Panel. If the Wings token is leaked either by viewing the node configuration or posting it accidentally somewhere, an attacker can use it to gain arbitrary file write and read access on the node the token is associated to. This issue h...
[SECURITY] Fedora 40 Update: kubernetes-1.29.4-1.fc40
Open Source Production-Grade Container Scheduling And Management Platform Installs kubelet, the kubernetes agent on each machine in a cluster. The kubernetes-client sub-package, containing kubectl, is recommended but not strictly required. The kubernetes-client sub-package should be installed on...
CVE-2024-31463
Ironic-image is an OpenStack Ironic deployment packaged and configured by Metal3. When the reverse proxy mode is enabled by the IRONICREVERSEPROXYSETUP variable set to true, 1 HTTP basic credentials are validated on the HTTPD side in a separate container, not in the Ironic service itself and 2...
PT-2024-24094 · Openstack · Ironic-Image
Name of the Vulnerable Software and Affected Versions: Ironic-image versions prior to 24.1.1 Description: The issue affects Ironic-image, an OpenStack Ironic deployment packaged and configured by Metal3, when the reverse proxy mode is enabled by setting the IRONIC REVERSE PROXY SETUP variable to...
CVE-2024-21605
An Exposure of Resource to Wrong Sphere vulnerability in the Packet Forwarding Engine PFE of Juniper Networks Junos OS on SRX 300 Series allows an unauthenticated, adjacent attacker to cause a Denial of Service DoS. Specific valid link-local traffic is not blocked on ports in STP blocked state bu...
CVE-2024-21605 Junos OS: SRX 300 Series: Specific link local traffic causes a control plane overload
An Exposure of Resource to Wrong Sphere vulnerability in the Packet Forwarding Engine PFE of Juniper Networks Junos OS on SRX 300 Series allows an unauthenticated, adjacent attacker to cause a Denial of Service DoS. Specific valid link-local traffic is not blocked on ports in STP blocked state bu...
PT-2024-2886 · Juniper Networks · Junos
Name of the Vulnerable Software and Affected Versions: Juniper Networks Junos OS versions 21.2R3-S3 through 21.2R3-S6 Juniper Networks Junos OS versions 22.1R3 through 22.1R3-S4 Juniper Networks Junos OS versions 22.2R2 through 22.2R3-S2 Juniper Networks Junos OS versions 22.3R2 through 22.3R3-S1...
Important: Red Hat Security Advisory: ACS 4.4 enhancement and security update
Important: Updated images are now available for Red Hat Advanced Cluster Security. Updated images are now available for Red Hat Advanced Cluster Security. The updated image includes new features and bug fixes. This release includes the following features and updates: New Compliance capabilities...
CVE-2024-27102
Wings is the server control plane for Pterodactyl Panel. This vulnerability impacts anyone running the affected versions of Wings. The vulnerability can potentially be used to access files and directories on the host system. The full scope of impact is exactly unknown, but reading files outside o...
Design/Logic Flaw
Wings is the server control plane for Pterodactyl Panel. This vulnerability impacts anyone running the affected versions of Wings. The vulnerability can potentially be used to access files and directories on the host system. The full scope of impact is exactly unknown, but reading files outside o...