MiracleLinux 9 : nodejs:18 (AXSA:2023-6072:01)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-6072:01 advisory. glob-parent: Regular Expression Denial of Service CVE-2021-35065 c-ares: buffer overflow in configsortlist due to missing string length check...

EUVD-2024-18159

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2023-31419

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was discovered in Elasticsearch, affecting the search API that allowed a specially crafted query string to cause a Stack Overflow and ultimately a Denial...

CVE-2024-20444 Cisco Nexus Dashboard Fabric Controller REST API Command Injection Vulnerability

A vulnerability in Cisco Nexus Dashboard Fabric Controller NDFC, formerly Cisco Data Center Network Manager DCNM, could allow an authenticated, remote attacker with network-admin privileges to perform a command injection attack against an affected device. This vulnerability is due to insufficient...

Stripo Inc: Race condition on my.stripo.email at /cabinet/stripeapi/v1/projects/298427/emails/folders uri

Summary: Hi! I hope you all are pretty good = We have discovered a race condition endpoint Steps To Reproduce: POST /cabinet/stripeapi/v1/projects/298427/emails/folders HTTP/1.1 Host: my.stripo.email Connection: close Content-Length: 23 Accept: application/json, text/plain, / Pragma: no-cache...

Multiple Vulnerabilities in Cisco Unified Computing System (cisco-sa-20130424-ucsmulti)

Managed and standalone Cisco Unified Computing System UCS deployments contain one or more of the following vulnerabilities : - Cisco Unified Computing System LDAP User Authentication Bypass Vulnerability CVE-2013-1182 - Cisco Unified Computing System IPMI Buffer Overflow Vulnerability CVE-2013-11...