157 matches found
CVE-2024-47707 ipv6: avoid possible NULL deref in rt6_uncached_list_flush_dev()
In the Linux kernel, the following vulnerability has been resolved: ipv6: avoid possible NULL deref in rt6uncachedlistflushdev Blamed commit accidentally removed a check for rt-rt6iidev being NULL, as spotted by syzbot: Oops: general protection fault, probably for non-canonical address...
ALSA-2024:3043 Moderate: ansible-core bug fix, enhancement, and security update
Ansible is a radically simple model-driven configuration management, multi-node deployment, and remote task execution system. Ansible works over SSH and does not require any software or daemons to be installed on remote nodes. Extension modules can be written in any language and are transferred t...
Moderate: ansible-core bug fix, enhancement, and security update
Ansible is a radically simple model-driven configuration management, multi-node deployment, and remote task execution system. Ansible works over SSH and does not require any software or daemons to be installed on remote nodes. Extension modules can be written in any language and are transferred t...
ALSA-2024:2246 Moderate: ansible-core bug fix, enhancement, and security update
Ansible is a radically simple model-driven configuration management, multi-node deployment, and remote task execution system. Ansible works over SSH and does not require any software or daemons to be installed on remote nodes. Extension modules can be written in any language and are transferred t...
BIT-SPRING-CLOUD-DATAFLOW-2020-5427 Possibility of SQL Injection in Spring Cloud Data Flow Task Execution Sorting Query
In Spring Cloud Data Flow, versions 2.6.x prior to 2.6.5, versions 2.5.x prior 2.5.4, an application is vulnerable to SQL injection when requesting task execution...
BIT-AIRFLOW-2022-38649 Apache Airflow Pinot provider allowed Command Injection
Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection' vulnerability in Apache Airflow Pinot Provider, Apache Airflow allows an attacker to control commands executed in the task execution context, without write access to DAG files. This issue affects Apache Airfl...
BIT-AIRFLOW-2022-40954 Apache Airflow Spark Provider RCE that bypass restrictions to read arbitrary files
Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection' vulnerability in Apache Airflow Spark Provider, Apache Airflow allows an attacker to read arbtrary files in the task execution context, without write access to DAG files. This issue affects Spark Provider...
BIT-AIRFLOW-2022-41131 Apache Airflow Hive Provider vulnerability (command injection via hive_cli connection)
Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection' vulnerability in Apache Airflow Hive Provider, Apache Airflow allows an attacker to execute arbtrary commands in the task execution context, without write access to DAG files. This issue affects Hive Provider...
Fedora: Security Advisory (FEDORA-2024-0d894565a0)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2023-7163
A security issue exists in D-Link D-View 8 v2.0.2.89 and prior that could allow an attacker to manipulate the probe inventory of the D-View service. This could result in the disclosure of information from other probes, denial of service conditions due to the probe inventory becoming full, or the...
[SECURITY] Fedora 39 Update: ansible-core-2.16.2-1.fc39
Ansible is a radically simple model-driven configuration management, multi-node deployment, and remote task execution system. Ansible works over SSH and does not require any software or daemons to be installed on remote nodes. Extension modules can be written in any language and are transferred t...
[SECURITY] Fedora 39 Update: ansible-9.1.0-1.fc39
Ansible is a radically simple model-driven configuration management, multi-node deployment, and remote task execution system. Ansible works over SSH and does not require any software or daemons to be installed on remote nodes. Extension modules can be written in any language and are transferred t...
What Is The Cyber Kill Chain? Process & Model
Grasping the Fundamentals: A Study of the Cyber Harm Ladder Navigating the multifaceted universe of cybersecurity is similar to solving an evolving labyrinth. This world is awash with intricate principles and techniques; with the Cyber Harm Ladder gaining increasing focus in recent times. But, wh...
Remote Code Execution (RCE)
vantage6node is vulnerable to Remote Code Execution RCE. The system fails to validate the execution of a child task if it has a specified parent task ID which could be exploited by an attacker who gains unauthorized access to the system. By setting a fake parent task ID for a malicious task, the...
CVE-2022-46900
An issue was discovered in Vocera Report Server and Voice Server 5.x through 5.8. There is Path Traversal in the Task Exec filename. The Vocera Report Console contains various jobs that are executed on the server at specified intervals, e.g., backup, etc. An authenticated user has the ability to...
PT-2023-7494 · Hazelcast · Hazelcast
Name of the Vulnerable Software and Affected Versions: Hazelcast versions 5.0 through 5.0.4 Hazelcast versions 5.1 through 5.1.6 Hazelcast versions 5.2 through 5.2.3 Hazelcast IMDG versions prior to 4.2.z Description: The issue is related to insufficient authorization procedures in Hazelcast,...
CVE-2023-31084
An issue was discovered in drivers/media/dvb-core/dvbfrontend.c in the Linux kernel 6.2. There is a blocking operation when a task is in !TASKRUNNING. In dvbfrontendgetevent, waiteventinterruptible is called; the condition is dvbfrontendtesteventfepriv,events. In dvbfrontendtestevent,...
GSD-2023-1001242 netfilter: ipset: Rework long task execution when adding/deleting entries
netfilter: ipset: Rework long task execution when adding/deleting entries This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.163 by commit...
GSD-2023-1000876 netfilter: ipset: Rework long task execution when adding/deleting entries
netfilter: ipset: Rework long task execution when adding/deleting entries This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.87 by commit...
GSD-2023-1000403 netfilter: ipset: Rework long task execution when adding/deleting entries
netfilter: ipset: Rework long task execution when adding/deleting entries This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v6.0.19 by commit...