[SECURITY] Fedora 39 Update: php-bartlett-PHP-CompatInfo-7.1.4-3.fc39

PHPCompatInfo will parse a file/folder/array to find out the minimum version and extensions required for it to run. CLI version has many reports extension, interface, class, function, constant to display and ability to show content of dictionary references...

CVE-2021-34752

A vulnerability in the CLI of Cisco FTD Software could allow an authenticated, local attacker with administrative privileges to execute arbitrary commands with root privileges on the underlying operating system of an affected device. This vulnerability is due to insufficient validation of...

CVE-2023-20093

Three vulnerabilities in the CLI of Cisco TelePresence CE and RoomOS could allow an authenticated, local attacker to overwrite arbitrary files on the local file system of an affected device. These vulnerabilities are due to improper access controls on files that are on the local file system. An...

CVE-2023-20090

A vulnerability in Cisco TelePresence CE and RoomOS could allow an authenticated, local attacker to elevate privileges to root on an affected device. This vulnerability is due to improper access control on certain CLI commands. An attacker could exploit this vulnerability by running a series of...

CVE-2023-20090

A vulnerability in Cisco TelePresence CE and RoomOS could allow an authenticated, local attacker to elevate privileges to root on an affected device. This vulnerability is due to improper access control on certain CLI commands. An attacker could exploit this vulnerability by running a series of...

CVE-2023-20004

Three vulnerabilities in the CLI of Cisco TelePresence CE and RoomOS could allow an authenticated, local attacker to overwrite arbitrary files on the local file system of an affected device. These vulnerabilities are due to improper access controls on files that are on the local file system. An...

CVE-2022-20655

A vulnerability in the implementation of the CLI on a device that is running ConfD could allow an authenticated, local attacker to perform a command injection attack. The vulnerability is due to insufficient validation of a process argument on an affected device. An attacker could exploit this...

CVE-2022-20655

A vulnerability in the implementation of the CLI on a device that is running ConfD could allow an authenticated, local attacker to perform a command injection attack. The vulnerability is due to insufficient validation of a process argument on an affected device. An attacker could exploit this...

CVE-2023-20090 Cisco TelePresence Collaboration Endpoint and RoomOS Software Privilege Escalation Vulnerability

A vulnerability in Cisco TelePresence CE and RoomOS could allow an authenticated, local attacker to elevate privileges to root on an affected device. This vulnerability is due to improper access control on certain CLI commands. An attacker could exploit this vulnerability by running a series of...

CVE-2023-20091 Cisco TelePresence Collaboration Endpoint and RoomOS Software Arbitrary File Overwrite Vulnerability

A vulnerability in the CLI of Cisco TelePresence CE and RoomOS could allow an authenticated, local attacker to overwrite arbitrary files on the local file system of an affected device. This vulnerability is due to improper access controls on files that are on the local file system. An attacker...

Malicious code in quality-cli (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware f01f544d6f653ee39d1d5c68a0b5795305468c31c30f8ed337e10e39387d63e7 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2024-10772 Malicious code in quality-cli (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware f01f544d6f653ee39d1d5c68a0b5795305468c31c30f8ed337e10e39387d63e7 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in pvct-cli (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 97125a9e23577624ce75d1c18f9ef230f8dee8ab03e9122e21afcadedbf22b0a Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2024-10771 Malicious code in pvct-cli (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 97125a9e23577624ce75d1c18f9ef230f8dee8ab03e9122e21afcadedbf22b0a Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in preact-cli-build (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 0b97d147bbe2f906512da2cfa2de62ecc0c18b2afd14ceb1dfd755122300ea57 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2024-10769 Malicious code in preact-cli-build (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 0b97d147bbe2f906512da2cfa2de62ecc0c18b2afd14ceb1dfd755122300ea57 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Fedora 38 : azure-cli (2022-ea9c1a9b20)

The remote Fedora 38 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2022-ea9c1a9b20 advisory. Automatic update for azure-cli-2.41.0-2.fc38. Changelog Thu Oct 27 2022 Major Hayden 2.41.0-2 - Fix az local dir import bug rhbz2053193 Tenable has extracted...

CVE-2024-52308

The GitHub CLI version 2.6.1 and earlier are vulnerable to remote code execution through a malicious codespace SSH server when using gh codespace ssh or gh codespace logs commands. This has been patched in the cli v2.62.0. Developers connect to remote codespaces through an SSH server running with...

AZL-53217 CVE-2024-52308 affecting package gh for versions less than 2.62.0-1

The GitHub CLI version 2.6.1 and earlier are vulnerable to remote code execution through a malicious codespace SSH server when using gh codespace ssh or gh codespace logs commands. This has been patched in the cli v2.62.0. Developers connect to remote codespaces through an SSH server running with...

DEBIAN-CVE-2024-52308

The GitHub CLI version 2.6.1 and earlier are vulnerable to remote code execution through a malicious codespace SSH server when using gh codespace ssh or gh codespace logs commands. This has been patched in the cli v2.62.0. Developers connect to remote codespaces through an SSH server running with...