new packages: bash-completion

An update is available for bash-completion. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rocky...

new packages: bash

An update is available for bash. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rocky Linux 9.0...

Zyxel Firewall ZTP Unauthenticated Command Injection

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Zyxel Firewall ZTP Unauthenticated Command Injection', 'Description' = %q This module exploits CVE-2022-30525, an unauthenticated remote command...

Hackers Actively Exploit F5 BIG-IP Bug

Threat actors have started exploiting a critical bug in the application service provider F5’s BIG-IP modules after a working exploit of the vulnerability was publicly made available. The critical vulnerability, tracked as CVE-2020-1388, allows unauthenticated attackers to launch “arbitrary system...

bash bug fix and enhancement update

An update is available for bash. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rocky Linux 8.6...

Exploit for Missing Authentication for Critical Function in F5 Big-Ip_Access_Policy_Manager

Nuclei Template Exploit F5 BIG-IP iControl REST Auth Bypass RC...

Exploit for Missing Authentication for Critical Function in F5 Big-Ip_Access_Policy_Manager

CVE-2022-1388 EXPLOIT POC F5 BIG IP POST...

[SECURITY] Fedora 36 Update: golang-github-spf13-cobra-1.4.0-2.fc36

Cobra is a library providing a simple interface to create powerful modern CLI interfaces similar to git & go tools. Cobra is also an application that will generate your application scaffolding to rapidly develop a Cobra-based application. Cobra provides: - Easy subcommand-based CLIs: app server,...

Mitrastar GPT-2541GNAC-N1 操作系统命令注入漏洞

The Mitrastar GPT-2541GNAC-N1 is a router. An operating system command injection vulnerability exists in the firmware version of the Mitrastar GPT-2541GNAC-N1 HGU 100VNZ0b33, which is caused by incorrectly clearing the parameter "path". The vulnerability can be exploited by a remote authenticatio...

Fedora: Security Advisory for golang-github-spf13-cobra (FEDORA-2022-3a63897745)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

[SECURITY] Fedora 35 Update: golang-github-spf13-cobra-1.4.0-2.fc35

Cobra is a library providing a simple interface to create powerful modern CLI interfaces similar to git & go tools. Cobra is also an application that will generate your application scaffolding to rapidly develop a Cobra-based application. Cobra provides: - Easy subcommand-based CLIs: app server,...

CLSA-2022-1650909007 Fixed CVE-2019-18276 in bash

CVE-2019-18276: Fix priviledge dropping when running with effective UID not equal to real UID...

Ecapture - Capture SSL/TLS Text Content Without CA Cert By eBPF

How eCapture works SSL/TLS text context capture, support openssl\gnutls\nsprnss libraries. bash audit, capture bash command for Host Security Audit. mysql query SQL audit, support mysqld 5.6\5.7\8.0, and mariadDB. eCapture Architecure eCapture User Manual Getting started use ELF binary file...

Slackware: Security Advisory (SSA:2014-267-01)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Slackware: Security Advisory (SSA:2017-251-01)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Slackware: Security Advisory (SSA:2014-268-01)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu: Security Advisory (USN-5380-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Slackware: Security Advisory (SSA:2014-272-01)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Exploit for CVE-2022-21449

CVE-2022-21449 Overview This tool allows to perform a qu...

USN-5380-1: Bash vulnerability

It was discovered that Bash did not properly drop privileges when the binary had the setuid bit enabled. An attacker could possibly use this issue to escalate privileges...