CVE-2022-28619

The CVE-2022-28619 issue affects the HPE Version Control Repository Manager installer. Affected component: the VCRM installer (version 7.6.14.0 fixes the vulnerability). Root cause: an incorrectly programmed call to an advanced local procedure leads to an elevation of privilege. Impact: local esc...

HPE Version Control Repository Manager 安全漏洞

HPE Version Control Repository Manager is a version control repository manager from Wise and Technology HPE. An elevation of privilege vulnerability exists in HPE Version Control Repository Manager versions prior to 7.6.14.0, which stems from an incorrectly programmed call to an advanced local...

Out-of-bounds Read in function get_lisp_indent

Description Out-of-bounds Read in function getlispindent at indent.c:2083 vim version git log commit e366ed4f2c6fa8cb663f1b9599b39d57ddbd8a2a HEAD - master, tag: v8.2.5136, origin/master, origin/HEAD POC ./vim -u NONE -i NONE -n -m -X -Z -e -s -S /mnt/share/max/fuzz/poc/vim/pocobr2s.dat -c :qa!...

RLSA-2022:4941 Important: subversion:1.14 security update

Subversion SVN is a concurrent version control system which enables one or more users to collaborate in developing and maintaining a hierarchy of files and directories while keeping a history of all changes. Security Fixes: subversion: Subversion's moddavsvn is vulnerable to memory corruption...

subversion:1.14 security update

An update is available for subversion, utf8proc, libserf. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Subversion SVN is a concurrent version control system...

Information disclosure

An issue has been discovered in GitLab CE/EE affecting all versions starting from 10.8 before 14.9.5, all versions starting from 14.10 before 14.10.4, all versions starting from 15.0 before 15.0.1. It may be possible for a subgroup member to access the members list of their parent group...

vulhub

This repository is an offensive tool for web application security training and testing. It is a collection of vulnerable web applications and tools for testing and training purposes. The repository contains a variety of vulnerable applications, including web servers, databases, and other web-base...

subversion security update

An update is available for subversion. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Subversion SVN is a concurrent version control system which enables one or...

Important: Red Hat Security Advisory: subversion:1.10 security update

An update for the subversion:1.10 module is now available for Red Hat Enterprise Linux 8.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity ratin...

5 Benefits of Detection-as-Code

TL;DR: Adopt a modern, test-driven methodology for securing your organization with Detection-as-Code. Over the past decade, threat detection has become business-critical and even more complicated. As businesses move to the cloud, manual threat detection processes are no longer able to keep up. Ho...

Octopus Server 安全漏洞

Octopus Server is an automated deployment platform. A security vulnerability in all 2021.3.x versions prior to Octopus Server version 2021.3.12725 and all 2022.1.x versions prior to 2022.1.2454 stems from not properly validating permissions in the API for projects that use Git version control. Th...

PT-2022-13917 · Octopus Deploy +1 · Octopus Server +1

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided descriptions. Description: The issue concerns improper verification of permissions in the API for projects using Git version control. This flaw allows users with only ProjectView...

GSD-2022-1002461 drm/amdkfd: Check for potential null return of kmalloc_array()

drm/amdkfd: Check for potential null return of kmallocarray This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.9.311 by commit...

GSD-2022-1002250 dax: make sure inodes are flushed before destroy cache

dax: make sure inodes are flushed before destroy cache This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.4.189 by commit...

GSD-2022-1002177 mm/mempolicy: fix mpol_new leak in shared_policy_replace

mm/mempolicy: fix mpolnew leak in sharedpolicyreplace This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.4.189 by commit...

GSD-2022-1001961 gpiolib: acpi: use correct format characters

gpiolib: acpi: use correct format characters This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.112 by commit...

GSD-2022-1001341 drm/panel: ili9341: fix optional regulator handling

drm/panel: ili9341: fix optional regulator handling This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.16.20 by commit...

GSD-2022-1001168 net: hns3: add vlan list lock to protect vlan list

net: hns3: add vlan list lock to protect vlan list This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.17.2 by commit...

GSD-2022-1001011 qede: confirm skb is allocated before using

qede: confirm skb is allocated before using This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.17.3 by commit...

Apache Subversion Information Disclosure Vulnerability

Apache Subversion is an open source version control system from the Apache Foundation. The system is compatible with the Concurrent Versioning System CVS, and an information disclosure vulnerability exists in Apache Subversion, which stems from a server exposing a "copyfrom" path that should be...