5834 matches found
[SECURITY] Fedora 39 Update: nats-server-2.10.5-1.fc39
A High Performance NATS Server written in Go and hosted by the Cloud Native Computing Foundation CNCF...
[SECURITY] Fedora 39 Update: golang-github-nats-io-1.31.0-1.fc39
Golang client for NATS, the cloud native messaging system...
[SECURITY] Fedora 38 Update: nats-server-2.10.5-1.fc38
A High Performance NATS Server written in Go and hosted by the Cloud Native Computing Foundation CNCF...
[SECURITY] Fedora 38 Update: golang-github-nats-io-1.31.0-2.fc38
Golang client for NATS, the cloud native messaging system...
Fedora: Security Advisory for nats-server (FEDORA-2023-3a895ff65c)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora: Security Advisory for nats-server (FEDORA-2023-66966ae3d0)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
PT-2023-30321 · Unknown +1 · Clickhouse
Name of the Vulnerable Software and Affected Versions: ClickHouse versions prior to 23.10.2.13-stable ClickHouse versions prior to 23.9.4.11-stable ClickHouse versions prior to 23.8.6.16-lts ClickHouse versions prior to 23.3.16.7-lts Description: A heap buffer overflow issue was discovered in the...
CVE-2023-48704
A heap buffer overflow vulnerability affecting the native interface running by default on port 9000/tcp. An attacker, by triggering a bug in the Gorilla codec, can cause the ClickHouse server process to crash. This vulnerability can be exploited without the need to authenticate. Fix has been push...
CVE-2023-47118
A heap buffer overflow vulnerability affecting the native interface running by default on port 9000/tcp. An attacker, by triggering a bug in the T64 compression codec, can cause the ClickHouse server process to crash. This vulnerability can be exploited without the need to authenticate. Fix has...
Apache Submarine Deserialization Vulnerability
Apache Submarine is a cloud-native machine learning platform from the Apache USA Foundation. Apache Submarine suffers from a deserialization vulnerability that stems from unsafe deserialization processing by snakeyaml when receiving serialized data submitted by a user, which can be exploited by a...
ROS-20231115-01
A vulnerability in the Squid proxy server related to the execution of a "buffer overflow" attack, writing up to 2MB of of arbitrary data to the memory heap when Squid is configured to accept HTTP Digest Authentication. Exploitation of the vulnerability could allow an attacker acting remotely to...
[SECURITY] Fedora 38 Update: pack-0.32.0-1.fc38
pack is a CLI implementation of the Platform Interface Specification for Cloud Native Buildpacks...
[SECURITY] Fedora 37 Update: pack-0.32.0-1.fc37
pack is a CLI implementation of the Platform Interface Specification for Cloud Native Buildpacks...
Fedora: Security Advisory for pack (FEDORA-2023-5029b92850)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora: Security Advisory for pack (FEDORA-2023-257f33c602)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
payable.transfer() call will result in loss of unused Ether
Lines of code Vulnerability details Impact batchContribute function carries out funding and transfer in batches by using the payable.transfer call. This is unsafe as transfer has hard coded gas budget and can fail when the user is a smart contract. This way programmatical usage of batchContribute...
Important: Red Hat Security Advisory: Red Hat OpenShift GitOps security update
An update is now available for Red Hat OpenShift GitOps 1.8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE lin...
CVE-2023-47271
PKP-WAL aka PKP Web Application Library or pkp-lib before 3.3.0-16, as used in Open Journal Systems OJS and other products, does not verify that the file named in an XML document used for the native import/export plugin is an image file, before trying to use it for an issue cover image...
Design/Logic Flaw
PKP-WAL aka PKP Web Application Library or pkp-lib before 3.3.0-16, as used in Open Journal Systems OJS and other products, does not verify that the file named in an XML document used for the native import/export plugin is an image file, before trying to use it for an issue cover image...
Fedora: Security Advisory for nats-server (FEDORA-2023-6b89bc0305)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...