2331 matches found
CVE-2023-47112 Authenticated users can view job names and groups they do not have authorization to view in Rundeck
Rundeck is an open source automation service with a web console, command line tools and a WebAPI. In affected versions access to two URLs used in both Rundeck Open Source and Process Automation products could allow authenticated users to access the URL path, which provides a list of job names and...
Important: Red Hat Security Advisory: kernel security, bug fix, and enhancement update
An update for kernel is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...
kernel: blocking operation in dvb_frontend_get_event and wait_event_interruptible
A potential deadlock flaw was found in the Linux’s kernel DVB API used by Digital TV devices functionality. This flaw allows a local user to crash the system...
kernel: cpufreq: amd-pstate-ut: Fix kernel panic when loading the driver
A reference leak flaw was found in the Linux kernel's AMD P-state unit test driver in the CPU policy access logic. A local user can trigger this issue by loading the amd-pstate-ut driver, which acquires CPU policy references via cpufreqcpuget without releasing them via cpufreqcpuput. This causes...
ALSA-2023:6523 Moderate: python-tornado security update
Tornado is a Python web framework and asynchronous networking library that provides an open source version of scalable, non-blocking web server and tools. Security Fixes: python-tornado: open redirect vulnerability in StaticFileHandler under certain configurations CVE-2023-28370 For more details...
PT-2023-27936 · Calico · Calico Typha +1
Name of the Vulnerable Software and Affected Versions: Calico Typha versions 3.26.2 and below Calico Typha version 3.25.1 Calico Enterprise Typha versions 3.17.1 and below Calico Enterprise Typha version 3.16.3 Calico Enterprise Typha version 3.15.3 Description: The issue arises when a client TLS...
[SECURITY] Fedora 39 Update: squid-6.4-1.fc39
Squid is a high-performance proxy caching server for Web clients, supporting FTP, gopher, and HTTP data objects. Unlike traditional caching software, Squid handles all requests in a single, non-blocking, I/O-driven process. Squid keeps meta data and especially hot objects cached in RAM, caches DN...
[SECURITY] Fedora 39 Update: nodejs20-20.8.1-1.fc39
Node.js is a platform built on Chrome's JavaScript runtime \ for easily building fast, scalable network applications. \ Node.js uses an event-driven, non-blocking I/O model that \ makes it lightweight and efficient, perfect for data-intensive \ real-time applications that run across distributed...
[SECURITY] Fedora 39 Update: nodejs18-18.18.2-1.fc39
Node.js is a platform built on Chrome's JavaScript runtime \ for easily building fast, scalable network applications. \ Node.js uses an event-driven, non-blocking I/O model that \ makes it lightweight and efficient, perfect for data-intensive \ real-time applications that run across distributed...
[SECURITY] Fedora 37 Update: squid-6.4-1.fc37
Squid is a high-performance proxy caching server for Web clients, supporting FTP, gopher, and HTTP data objects. Unlike traditional caching software, Squid handles all requests in a single, non-blocking, I/O-driven process. Squid keeps meta data and especially hot objects cached in RAM, caches DN...
PT-2023-33021 · Ez Systems +1 · Ezpublish-Kernel +4
Name of the Vulnerable Software and Affected Versions: Ibexa DXP and eZ Platform affected versions not specified ezsystems/ezplatform-kernel affected versions not specified ezsystems/ezpublish-kernel affected versions not specified ibexa/core affected versions not specified Description: The issue...
Fedora: Security Advisory for squid (FEDORA-2023-df4923cddc)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
ROS-20231030-05
Apache HTTP Server vulnerability is related to blocking HTTP/2 connection processing if it was opened with 0 initial sliding window size. was opened with the initial sliding window size set to 0. Exploitation of the vulnerability could Allow an attacker acting remotely to cause a denial of servic...
Fedora: Security Advisory for nodejs20 (FEDORA-2023-4d2fd884ea)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
F5 Issues Warning: BIG-IP Vulnerability Allows Remote Code Execution
F5 has alerted customers of a critical security vulnerability impacting BIG-IP that could result in unauthenticated remote code execution. The issue, rooted in the configuration utility component, has been assigned the CVE identifier CVE-2023-46747, and carries a CVSS score of 9.8 out of a maximu...
[SECURITY] Fedora 38 Update: nodejs20-20.8.1-1.fc38
Node.js is a platform built on Chrome's JavaScript runtime \ for easily building fast, scalable network applications. \ Node.js uses an event-driven, non-blocking I/O model that \ makes it lightweight and efficient, perfect for data-intensive \ real-time applications that run across distributed...
[SECURITY] Fedora 37 Update: nodejs20-20.8.1-1.fc37
Node.js is a platform built on Chrome's JavaScript runtime \ for easily building fast, scalable network applications. \ Node.js uses an event-driven, non-blocking I/O model that \ makes it lightweight and efficient, perfect for data-intensive \ real-time applications that run across distributed...
The vulnerability of the Connectize G6 AC2100 router’s microprogramming software lies in its overly restrictive mechanism for blocking user account data, which allows attackers to execute brute-force attacks.
The vulnerability of the Connectize G6 AC2100 router’s microprogramming software is related to an overly restrictive mechanism for blocking user credentials. Exploiting this vulnerability could allow a malicious actor, operating remotely, to carry out a brute-force attack...
[SECURITY] Fedora 38 Update: nodejs18-18.18.2-1.fc38
Node.js is a platform built on Chrome's JavaScript runtime \ for easily building fast, scalable network applications. \ Node.js uses an event-driven, non-blocking I/O model that \ makes it lightweight and efficient, perfect for data-intensive \ real-time applications that run across distributed...
The vulnerability of the WireGuard VPN service, related to errors in handling links, allows a malicious actor to block IP traffic on selected IP addresses.
The vulnerability of the VPN service WireGuard is related to errors in handling links. Exploiting this vulnerability allows a remote attacker to block IP traffic on selected IP addresses...