8005 matches found
CVE-2024-35274
An improper limitation of a pathname to a restricted directory 'Path Traversal' vulnerability CWE-22 in Fortinet FortiAnalyzer versions below 7.4.2, Fortinet FortiManager versions below 7.4.2 and Fortinet FortiAnalyzer-BigData version 7.4.0 and below 7.2.7 allows a privileged attacker with read...
CVE-2024-32116
Multiple relative path traversal vulnerabilities CWE-23 in Fortinet FortiManager version 7.4.0 through 7.4.2 and before 7.2.5, FortiAnalyzer version 7.4.0 through 7.4.2 and before 7.2.5 and FortiAnalyzer-BigData version 7.4.0 and before 7.2.7 allows a privileged attacker to delete files from the...
CVE-2024-31496
A stack-based buffer overflow vulnerability CWE-121 in Fortinet FortiManager version 7.4.0 through 7.4.2 and before 7.2.5, FortiAnalyzer version 7.4.0 through 7.4.2 and before 7.2.5 and FortiAnalyzer-BigData 7.4.0 and before 7.2.7 allows a privileged attacker to execute unauthorized code or...
CVE-2024-31496
A stack-based buffer overflow vulnerability CWE-121 in Fortinet FortiManager version 7.4.0 through 7.4.2 and before 7.2.5, FortiAnalyzer version 7.4.0 through 7.4.2 and before 7.2.5 and FortiAnalyzer-BigData 7.4.0 and before 7.2.7 allows a privileged attacker to execute unauthorized code or...
CVE-2024-31496
CVE-2024-31496 affects Fortinet FortiManager and FortiAnalyzer families. A stack-based buffer overflow (CWE-121) exists in FortiManager versions 7.4.0–7.4.2 and before 7.2.5, FortiAnalyzer versions 7.4.0–7.4.2 and before 7.2.5, and FortiAnalyzer-BigData 7.4.0 and before 7.2.7. The vulnerability a...
CVE-2024-35274
An improper limitation of a pathname to a restricted directory 'Path Traversal' vulnerability CWE-22 in Fortinet FortiAnalyzer versions below 7.4.2, Fortinet FortiManager versions below 7.4.2 and Fortinet FortiAnalyzer-BigData version 7.4.0 and below 7.2.7 allows a privileged attacker with read...
CVE-2024-35274
An improper limitation of a pathname to a restricted directory 'Path Traversal' vulnerability CWE-22 in Fortinet FortiAnalyzer versions below 7.4.2, Fortinet FortiManager versions below 7.4.2 and Fortinet FortiAnalyzer-BigData version 7.4.0 and below 7.2.7 allows a privileged attacker with read...
CVE-2024-35274
CVE-2024-35274 describes a Path Traversal vulnerability affecting Fortinet FortiAnalyzer (versions below 7.4.2), FortiManager (below 7.4.2), and FortiAnalyzer-BigData (below 7.2.7 and 7.4.0). The underlying issue is an improper limitation of a pathname to a restricted directory, allowing a privil...
CVE-2024-32116
Multiple relative path traversal vulnerabilities CWE-23 in Fortinet FortiManager version 7.4.0 through 7.4.2 and before 7.2.5, FortiAnalyzer version 7.4.0 through 7.4.2 and before 7.2.5 and FortiAnalyzer-BigData version 7.4.0 and before 7.2.7 allows a privileged attacker to delete files from the...
CVE-2024-32116
Multiple relative path traversal vulnerabilities CWE-23 in Fortinet FortiManager version 7.4.0 through 7.4.2 and before 7.2.5, FortiAnalyzer version 7.4.0 through 7.4.2 and before 7.2.5 and FortiAnalyzer-BigData version 7.4.0 and before 7.2.7 allows a privileged attacker to delete files from the...
Important: Red Hat Security Advisory: osbuild-composer security update
An update for osbuild-composer is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerabili...
[SECURITY] Fedora 40 Update: podman-5.2.5-2.fc40
podman Pod Manager is a fully featured container engine that is a simple daemonless tool. podman provides a Docker-CLI comparable command line that eases the transition from other container engines and allows the management of pods, containers and images. Simply put: alias docker=3Dpodman. Most...
Jenkins CLI - Java Deserialization
Jenkins versions 2.56 and earlier as well as 2.46.1 LTS and earlier are vulnerable to an unauthenticated remote code execution. An unauthenticated remote code execution vulnerability allowed attackers to transfer a serialized Java SignedObject object to the Jenkins CLI, that would be deserialized...
The vulnerability of the command-line interface (CLI) of Juniper Networks Junos OS-based SRX routers allows a attacker to gain unauthorized access to protected information.
The vulnerability of the command-line interface CLI of Juniper Networks Junos OS routers of the SRX series relates to insufficient protection of operational data. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information...
Netscale MPX/SDXr: LOM GUI is not accessible.
Unable to access the GUI of configured LOM IP. CLI access to LOM IP works but does not behave as expected...
CVE-2024-28180 affecting package dcos-cli for versions less than 1.2.0-16
CVE-2024-28180 affecting package dcos-cli for versions less than 1.2.0-16. A patched version of the package is available...
ca.uhn.hapi.fhir:hapi-fhir-cli-api (>=3.4.0 <=7.4.5), ca.uhn.hapi.fhir:hapi-fhir-cli-app (>=5.7.7 <=7.4.5) +181 more potentially affected by CVE-2024-52007 via ca.uhn.hapi.fhir:org.hl7.fhir.r4b (>=5.6.22 <=6.3.9)
ca.uhn.hapi.fhir:org.hl7.fhir.r4b MAVEN version =5.6.22, =3.4.0, =5.7.7, =5.7.0, =5.7.0, =5.7.0, =5.7.0, =5.7.0, =6.2.0, =6.8.0, =6.4.0, =5.7.0, =5.7.0, =5.7.0, =5.7.0, =5.7.7, =6.8.0 and more Source cves: CVE-2024-52007 Source advisory: OSV:GHSA-GR3C-Q7XF-47VH...
CVE-2024-50378
Airflow versions before 2.10.3 have a vulnerability that allows authenticated users with audit log access to see sensitive values in audit logs which they should not see. When sensitive variables were set via airflow CLI, values of those variables appeared in the audit log and were stored...
CVE-2024-50378
Airflow versions before 2.10.3 have a vulnerability that allows authenticated users with audit log access to see sensitive values in audit logs which they should not see. When sensitive variables were set via airflow CLI, values of those variables appeared in the audit log and were stored...
Important: Red Hat Security Advisory: OpenShift Container Platform 4.14.40 packages and security update
Red Hat OpenShift Container Platform release 4.14.40 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.14. Red Hat Product Security has rated this update as having a...