Fedora: Security Advisory for godotenv (FEDORA-2022-5ef0bd9a27)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora: Security Advisory for direnv (FEDORA-2022-5ef0bd9a27)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 36 Update: golang-github-nicksnyder-i18n-2-2.1.2-6.fc36

go-i18n is a Go package and a command that helps you translate Go programs in to multiple languages. - Supports pluralized strings for all 200+ languages in the Unicode Common Locale Data Repository CLDR. - Code and tests are automatically generated from CLDR data. - Supports strings with named...

[SECURITY] Fedora 36 Update: golang-github-a8m-envsubst-1.3.0-3.fc36

Go package for substituting environment variables...

[SECURITY] Fedora 36 Update: godotenv-1.4.0-5.fc36

A Go port of Ruby's dotenv library Loads environment variables from .env...

PT-2022-23954 · Foxit · Foxit Pdf Editor

Name of the Vulnerable Software and Affected Versions: Foxit PDF Editor version 11.1.1.53537 Description: This issue allows remote attackers to execute arbitrary code on affected installations. User interaction is required, where the target must visit a malicious page or open a malicious file. Th...

[SECURITY] Fedora 35 Update: golang-github-nicksnyder-i18n-2-2.1.2-5.fc35

go-i18n is a Go package and a command that helps you translate Go programs in to multiple languages. - Supports pluralized strings for all 200+ languages in the Unicode Common Locale Data Repository CLDR. - Code and tests are automatically generated from CLDR data. - Supports strings with named...

[SECURITY] Fedora 35 Update: golang-github-a8m-envsubst-1.3.0-2.fc35

Go package for substituting environment variables...

[SECURITY] Fedora 35 Update: godotenv-1.4.0-4.fc35

A Go port of Ruby's dotenv library Loads environment variables from .env...

[SECURITY] Fedora 35 Update: direnv-2.32.1-2.fc35

direnv augments existing shells with a new feature that can load and unload environment variables depending on the current directory...

GO-2022-0345 Environment variable leakage in github.com/containers/buildah

The RunUsingChroot function unintentionally propagates environment variables from the current process to the child process...

Dumpscan - Tool To Extract And Dump Secrets From Kernel And Windows Minidump Formats

Dumpscan is a command-line tool designed to extract and dump secrets from kernel and Windows Minidump formats. Kernel-dump parsing is provided by volatility3. Features x509 Public and Private key PKCS 8/PKCS 1 parsing SymCrypt parsing Supported structures SYMCRYPTRSAKEY - Determines if the key...

GitHub: Command injection in GitHub Actions ContainerStepHost

GitHub Actions Runner is the application that runs a job from a GitHub Actions workflow. The actions runner invokes the docker cli directly in order to run job containers, service containers, or container actions. A bug in the logic for how the environment is encoded into these docker commands wa...

The vulnerability of Firefox, Firefox ESR, and the Thunderbird email client is related to errors in displaying the percent symbol in directories %HOMEPATH% and %APPDATA%. This allows an attacker to trigger a service failure or execute arbitrary code.

The vulnerability of Firefox, Firefox ESR, and the Thunderbird email client on Windows operating systems is related to display errors for the percent symbol in directories %HOMEPATH% and %APPDATA%. Exploiting this vulnerability can allow an attacker to cause service failures or execute arbitrary...

Fedora: Security Advisory for direnv (FEDORA-2022-6107f89f14)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

GitLab 12.0.x < 14.10.5, 15.0.x < 15.0.4, 15.1.x < 15.1.1 Information Disclosure Vulnerability

GitLab is prone to an information disclosure vulnerability. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:gitlab:gitlab"; if...

CrackQL - GraphQL Password Brute-Force And Fuzzing Utility

CrackQL is a GraphQL password brute-force and fuzzing utility. CrackQL is a versatile GraphQL penetration testing tool that exploits poor rate-limit and cost analysis controls to brute-force credentials and fuzz operations. How it works? CrackQL works by automatically batching a single GraphQL...

Fedora: Security Advisory for direnv (FEDORA-2022-fae3ecee19)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Fedora: Security Advisory for godotenv (FEDORA-2022-fae3ecee19)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Exploit for Off-by-one Error in Sudo_Project Sudo

CVE-2021-3156 Visualization, Fuzzing, Exploit and Patch...