780 matches found
Important: Red Hat Enhancement Advisory: redis:7 update
An update for the redis:7 module is now available for Red Hat Enterprise Linux 9. Redis is an advanced key-value store. It is often referred to as a data-structure server since keys can contain strings, hashes, lists, sets, and sorted sets. For performance, Redis works with an in-memory data set...
The vulnerability of the JDBC URL Handler component of the Apache InLong data integration platform allows a attacker to execute arbitrary code.
The vulnerability of the JDBC URL Handler component of the Apache InLong data integration platform relates to the recovery of unreliable data in memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...
GO-2022-0427 Unprotected file upload in github.com/swaggo/http-swagger
The httpSwagger package's HTTP handler provides WebDAV read/write access to an in-memory filesystem. An attacker can exploit this to cause memory exhaustion by uploading many files, XSS attacks by uploading malicious files, or other unexpected behaviors...
Important: amazon-ssm-agent
Issue Overview: The HTTP/2 protocol allows a denial of service server resource consumption because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023. CVE-2023-39325 A malicious HTTP sender can use chunk extensions to cause a receiver...
[SECURITY] Fedora 39 Update: redis-7.2.4-1.fc39
Redis is an advanced key-value store. It is often referred to as a data structure server since keys can contain strings, hashes, lists, sets and sorted sets. You can run atomic operations on these types, like appending to a string; incrementing the value in a hash; pushing to a list; computing se...
[SECURITY] Fedora 38 Update: redis-7.0.15-1.fc38
Redis is an advanced key-value store. It is often referred to as a data structure server since keys can contain strings, hashes, lists, sets and sorted sets. You can run atomic operations on these types, like appending to a string; incrementing the value in a hash; pushing to a list; computing se...
Fedora 39 : redis (2024-6ef42a28c9)
The remote Fedora 39 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-6ef42a28c9 advisory. Redis 7.2.4 Released Tue 09 Jan 2024 10:45:52 IST Upgrade urgency SECURITY: See security fixes below. Security fixes CVE-2023-41056 In some cases,...
Fedora: Security Advisory (FEDORA-2024-6ef42a28c9)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Whispers of Atlantida: Safeguarding Your Digital Treasure
Recently, Rapid7 observed a new stealer named Atlantida. The stealer tricks users to download a malicious file from a compromised website, and uses several evasion techniques such as reflective loading and injection before the stealer is loaded. Atlantida steals a wide range of login information ...
The vulnerability of the Azure Storage Mover service arises from the possibility of the operation being executed outside the buffer in memory, allowing an attacker to execute arbitrary code.
The vulnerability of the Azure Storage Mover service is related to the execution of operations outside the buffer in memory. Exploiting this vulnerability could allow an attacker to execute arbitrary code...
Oracle TimesTen 22.x < 22.1.1.7.0 Multiple Vulnerabilities (July 2023 CPU)
The version of Oracle TimesTen installed on the remote host is 22.x prior to 22.1.1.7.0. It is, therefore, affected by multiple vulnerabilities as referenced in the July 2023 CPU advisory - Vulnerability in Oracle TimesTen In-Memory Database component: TimesTen IMDB Dell BSAFE Micro Edition Suite...
AZL-39592 CVE-2023-49569 affecting package cri-o for versions less than 1.22.3-12
A path traversal vulnerability was discovered in go-git versions prior to v5.11. This vulnerability allows an attacker to create and amend files across the filesystem. In the worse case scenario, remote code execution could be achieved. Applications are only affected if they are using the ChrootO...
DEBIAN-CVE-2023-49569
A path traversal vulnerability was discovered in go-git versions prior to v5.11. This vulnerability allows an attacker to create and amend files across the filesystem. In the worse case scenario, remote code execution could be achieved. Applications are only affected if they are using the ChrootO...
DEBIAN-CVE-2023-49568
A denial of service DoS vulnerability was discovered in go-git versions prior to v5.11. This vulnerability allows an attacker to perform denial of service attacks by providing specially crafted responses from a Git server which triggers resource exhaustion in go-git clients. Applications using on...
AZL-39595 CVE-2023-49568 affecting package cri-o for versions less than 1.22.3-12
A denial of service DoS vulnerability was discovered in go-git versions prior to v5.11. This vulnerability allows an attacker to perform denial of service attacks by providing specially crafted responses from a Git server which triggers resource exhaustion in go-git clients. Applications using on...
AZL-33892 CVE-2023-49568 affecting package packer for versions less than 1.9.5-3
A denial of service DoS vulnerability was discovered in go-git versions prior to v5.11. This vulnerability allows an attacker to perform denial of service attacks by providing specially crafted responses from a Git server which triggers resource exhaustion in go-git clients. Applications using on...
Path traversal
A path traversal vulnerability was discovered in go-git versions prior to v5.11. This vulnerability allows an attacker to create and amend files across the filesystem. In the worse case scenario, remote code execution could be achieved. Applications are only affected if they are using the ChrootO...
Design/Logic Flaw
A denial of service DoS vulnerability was discovered in go-git versions prior to v5.11. This vulnerability allows an attacker to perform denial of service attacks by providing specially crafted responses from a Git server which triggers resource exhaustion in go-git clients. Applications using on...
CVE-2023-49568
A denial of service DoS vulnerability was discovered in go-git versions prior to v5.11. This vulnerability allows an attacker to perform denial of service attacks by providing specially crafted responses from a Git server which triggers resource exhaustion in go-git clients. Applications using on...
UBUNTU-CVE-2023-49568
A denial of service DoS vulnerability was discovered in go-git versions prior to v5.11. This vulnerability allows an attacker to perform denial of service attacks by providing specially crafted responses from a Git server which triggers resource exhaustion in go-git clients. Applications using on...