EUVD-2024-20820

Malicious code in bioql PyPI...

TencentOS Server 3: rear (TSSA-2024:0111)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2024:0111 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities:...

TencentOS Server 4: rear (TSSA-2024:0898)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2024:0898 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...

MAL-2025-2397 Malicious code in oauth2-paypal (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 7cc95085eb1819e853bafa9792a2e3d1b7b761fd85657e25b110586cbb78d997 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

CVE-2024-55928 Clear text secrets returned & Remote system secrets in clear text

Xerox Workplace Suite exposes sensitive secrets in clear text, both locally and remotely. This vulnerability allows attackers to intercept or access secrets without encryption...

CVE-2024-55928 Clear text secrets returned & Remote system secrets in clear text

Xerox Workplace Suite exposes sensitive secrets in clear text, both locally and remotely. This vulnerability allows attackers to intercept or access secrets without encryption...

MAL-2024-12000 Malicious code in maplibre (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 812bdb7f3cb3a09a616e906c456e223c0069b42451a78c0df8d032054ec3f6a1 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Updated rear packages fix security vulnerability

Relax-and-Recover aka ReaR through 2.7 creates a world-readable initrd when using GRUBRESCUE=y. This allows local attackers to gain access to system secrets otherwise only readable by root. CVE-2024-23301...

MGASA-2024-0131 Updated rear packages fix security vulnerability

Relax-and-Recover aka ReaR through 2.7 creates a world-readable initrd when using GRUBRESCUE=y. This allows local attackers to gain access to system secrets otherwise only readable by root. CVE-2024-23301...

Oracle Linux 8 : rear (ELSA-2024-1719)

The remote Oracle Linux 8 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2024-1719 advisory. 2.6-11.0.1 - Change OSVENDOR to OracleServer 2.6-11 - make initrd accessible only by root CVE-2024-23301, PR 3123 Tenable has extracted the preceding descriptio...

Oracle Linux 9 : rear (ELSA-2024-1147)

The remote Oracle Linux 9 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2024-1147 advisory. 2.6-21.0.1 - rear: creates a world-readable initrd CVE-2024-23301 Tenable has extracted the preceding description block directly from the Oracle Linux security...

[SECURITY] [DLA 3733-1] rear security update

Debian LTS Advisory DLA-3733-1 [email protected] https://www.debian.org/lts/security/ Abhijith PA February 03, 2024 https://wiki.debian.org/LTS Package : rear Version : 2.4+dfsg-1+deb10u1 CVE ID : CVE-2024-23301 rear is a disaster recovery and system migration framework. It has been...

SUSE SLES12 Security Update : rear116 (SUSE-SU-2024:0291-1)

The remote SUSE Linux SLES12 host has a package installed that is affected by a vulnerability as referenced in the SUSE- SU-2024:0291-1 advisory. - Relax-and-Recover aka ReaR through 2.7 creates a world-readable initrd when using GRUBRESCUE=y. This allows local attackers to gain access to system...

SUSE SLES15 Security Update : rear27a (SUSE-SU-2024:0253-1)

The remote SUSE Linux SLES15 host has a package installed that is affected by a vulnerability as referenced in the SUSE- SU-2024:0253-1 advisory. - Relax-and-Recover aka ReaR through 2.7 creates a world-readable initrd when using GRUBRESCUE=y. This allows local attackers to gain access to system...

SUSE SLES12 Security Update : rear27a (SUSE-SU-2024:0135-1)

The remote SUSE Linux SLES12 host has a package installed that is affected by a vulnerability as referenced in the SUSE- SU-2024:0135-1 advisory. - Relax-and-Recover aka ReaR through 2.7 creates a world-readable initrd when using GRUBRESCUE=y. This allows local attackers to gain access to system...

CVE-2024-23301

A vulnerability has been identified in Relax-and-Recover ReaR, where the use of GRUBRESCUE=y results in the creation of an initrd that is readable by anyone. This flaw could potentially enable local attackers to obtain access to system secrets that are typically restricted to root privileges...

CVE-2024-23301

Relax-and-Recover aka ReaR through 2.7 creates a world-readable initrd when using GRUBRESCUE=y. This allows local attackers to gain access to system secrets otherwise only readable by root...

AZL-44403 CVE-2024-23301 affecting package rear 2.4-7

Relax-and-Recover aka ReaR through 2.7 creates a world-readable initrd when using GRUBRESCUE=y. This allows local attackers to gain access to system secrets otherwise only readable by root...

CVE-2024-23301

Relax-and-Recover aka ReaR through 2.7 creates a world-readable initrd when using GRUBRESCUE=y. This allows local attackers to gain access to system secrets otherwise only readable by root...

CVE-2024-23301

Relax-and-Recover aka ReaR through 2.7 creates a world-readable initrd when using GRUBRESCUE=y. This allows local attackers to gain access to system secrets otherwise only readable by root...