The vulnerability of the Rockwell Automation Emulate3D software for virtual modeling of equipment and manufacturing processes lies in improper external control of file names or file paths, allowing a hacker to execute arbitrary code.

The vulnerability of the Rockwell Automation Emulate3D software for virtual modeling of equipment and manufacturing processes is related to improper external manipulation of file names or DLL files during library loading. Exploiting this vulnerability allows an attacker to execute arbitrary code...

CentOS 6 : java-1.8.0-ibm (RHSA-2020:2239)

The remote CentOS Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:2239 advisory. - Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Kerberos. Supported versions that are affected are Java SE: 7u231...

CentOS 7 : java-1.8.0-openjdk (RHSA-2022:0306)

The remote CentOS Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:0306 advisory. - Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Serialization. Supported versions that ar...

CentOS 7 : java-1.8.0-ibm (RHSA-2022:4959)

The remote CentOS Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:4959 advisory. - Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Utility. Supported versions that are affected ar...

CentOS 7 : java-1.7.1-ibm (RHSA-2021:0733)

The remote CentOS Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:0733 advisory. - Vulnerability in the Java SE product of Oracle Java SE component: Libraries. Supported versions that are affected are Java SE: 11.0.8 and 15. Easily...

CentOS 7 : java-1.7.1-ibm (RHSA-2020:3388)

The remote CentOS Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:3388 advisory. - In Eclipse OpenJ9 prior to version 0.21 on Power platforms, calling the System.arraycopy method with a length longer than the length of the source or...

Security Bulletin: Multiple Vulnerabilities in Rational Synergy 7.2.2.6

Summary Vulnerabilities in the Java Runtime Environment JRE 8.0.8.0 and earlier component shipped with Rational Synergy may affect the security of the product. Vulnerability Details CVEID:CVE-2024-20952 DESCRIPTION: An unspecified vulnerability in Java SE related to the Security component could...

The vulnerability of the MongoDB database management system, due to issues with process management, allows attackers to load arbitrary libraries and gain full control over the application.

The vulnerability of the MongoDB database management system exists due to a problem with process management. Exploiting this vulnerability allows an attacker to load arbitrary libraries and gain full control over the application by executing a specially created binary file...

net-snmp security update

An update is available for net-snmp. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The net-snmp packages provide various libraries and tools for the Simple...

RLSA-2024:6908 Important: go-toolset:rhel8 security update

Go Toolset provides the Go programming language tools and libraries. Go is alternatively known as golang. Security Fixes: net/http: Denial of service due to improper 100-continue handling in net/http CVE-2024-24791 go/parser: golang: Calling any of the Parse functions containing deeply nested...

ai.ancf.lmos:arc-graphql-spring-boot-starter (>=0.70.0 <=0.74.0), ai.ancf.lmos:arc-runner (=0.73.0) +3484 more potentially affected by CVE-2024-38809 via org.springframework:spring-web (>=6.1.0 <=6.1.11)

org.springframework:spring-web MAVEN version =6.1.0, =0.70.0, =0.1.0, =0.5.0, =0.6.0, =0.6.0, =0.5.0, =0.6.0, =0.6.0, =0.5.0, =0.7.0, =0.7.0, =0.5.0, =0.7.5, =0.8.3, =0.8.7 and more Source cves: CVE-2024-38809 Source advisory: OSV:GHSA-2RMJ-MQ67-H97G...

azure-identity: Azure Identity Libraries Elevation of Privilege Vulnerability in github.com/Azure/azure-sdk-for-go/sdk/azidentity

A flaw was found in Microsoft's Azure Identity Libraries and the Microsoft Authentication Library MSAL. The flaw arises from a race condition—a scenario where the timing of events leads to unexpected behavior—during concurrent operations on shared resources. This can result in privilege escalatio...

RHEL 8 : python3.12 (RHSA-2024:6961)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:6961 advisory. Python 3.12 is an accessible, high-level, dynamically typed, interpreted programming language, designed with an emphasis on code readability...

RHEL 8 : python3.11 (RHSA-2024:6962)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:6962 advisory. Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level...

[SECURITY] Fedora 39 Update: openssl-3.1.4-4.fc39

The OpenSSL toolkit provides support for secure communications between machines. OpenSSL includes a certificate management tool and shared libraries which provide various cryptographic algorithms and protocols...

The vulnerability of the set of libraries and drivers for DPDK’s fast processing, related to uncontrolled resource consumption, allows a hacker to cause a service failure.

The vulnerability of the toolkit for fast packet processing DPDK involves an uncontrolled consumption of resources. Exploiting this vulnerability allows a attacker to cause service failures...

[SECURITY] Fedora 41 Update: openssl-3.2.2-7.fc41

The OpenSSL toolkit provides support for secure communications between machines. OpenSSL includes a certificate management tool and shared libraries which provide various cryptographic algorithms and protocols...

openSUSE Security Advisory (SUSE-SU-2024:3345-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 39 Update: python3.11-3.11.10-1.fc39

Python 3.11 is an accessible, high-level, dynamically typed, interpreted programming language, designed with an emphasis on code readability. It includes an extensive standard library, and has a vast ecosystem of third-party libraries. The python3.11 package provides the "python3.11" executable:...

ai.cheq.sst.android:cheq-sst-kotlin-protobuf (>=0.1.0 <=0.1.3), at.asitplus:warden (>=2.1.0 <=2.3.1) +46 more potentially affected by CVE-2024-7254 via com.google.protobuf:protobuf-javalite (>=4.0.0-rc-2 <=4.27.4)

com.google.protobuf:protobuf-javalite MAVEN version =4.0.0-rc-2, =0.1.0, =2.1.0, =1.6.0, =4.26.0, =0.29.1, =0.6.0, =0.1.0, =0.10.13, =0.10.13, =0.10.13, =0.10.13, =0.10.13, =0.10.13, =0.10.13, =0.10.35 and more Source cves: CVE-2024-7254 Source advisory: OSV:GHSA-735F-PC8J-V9W8...