windmill-cli (>=0.0.1 <=0.0.13) potentially affected by CVE-2024-49770 via @oakserver/oak (>=12.6.2 <=14.1.0)

@oakserver/oak NPM version =12.6.2, =0.0.1, =0.0.13 Source cves: CVE-2024-49770 Source advisory: OSV:GHSA-QM92-93FV-VH7M...

CVE-2024-28180 affecting package dcos-cli for versions less than 1.2.0-19

CVE-2024-28180 affecting package dcos-cli for versions less than 1.2.0-19. A patched version of the package is available...

Important: Red Hat Security Advisory: OpenShift Container Platform 4.15.37 packages and security update

Red Hat OpenShift Container Platform release 4.15.37 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.15. Red Hat Product Security has rated this update as having a...

The vulnerability of the command-line interface (CLI) of Cisco IOS XR operating systems allows a hacker to execute arbitrary commands and increase their privileges.

The vulnerability of the command-line interface CLI of Cisco IOS XR operating systems is related to the lack of measures taken to neutralize special elements used in operating system commands. Exploiting this vulnerability allows an attacker to execute arbitrary commands and increase their...

Moderate: Red Hat Security Advisory: OpenShift Container Platform 4.17.3 security update

Red Hat OpenShift Container Platform release 4.17.3 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.17. Red Hat Product Security has rated this update as having a...

@herodevs/cli (>=1.0.0-beta.2 <=2.0.0-beta.4), @socketsecurity/cli (>=0.10.0 <=0.11.1) +2 more potentially affected by CVE-2024-50611 via @cyclonedx/cdxgen (>=10.11.0 <=11.11.0)

@cyclonedx/cdxgen NPM version =10.11.0, =1.0.0-beta.2, =0.10.0, =0.1.0, =1.3.0, =1.6.1 Source cves: CVE-2024-50611 Source advisory: OSV:GHSA-HXF3-VGPM-FV9P...

Fortinet Fortigate Stack-based buffer overflows in diagnostic CLI commands (FG-IR-21-179)

The version of Fortigate installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-21-179 advisory. - A stack-based buffer overflow vulnerability CWE-121 in the command line interpreter of FortiOS before 7.0.4 and FortiProxy...

Fortinet Fortigate Disclosure of other VDOMs information through CLI commands (FG-IR-20-243)

The version of Fortigate installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-20-243 advisory. - An exposure of sensitive information to an unauthorized actor vulnerability in FortiOS CLI 7.0.0, 6.4.0 through 6.4.6, 6.2....

Fortinet Fortigate Hardcoded symmetric key in fips.c (FG-IR-19-007)

The version of Fortigate installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the FG-IR-19-007 advisory. - Use of a hard-coded cryptographic key to cipher sensitive data in FortiOS configuration backup file may allow an...

Fortinet FortiWeb Multiple stack-based buffer overflow vulnerabilities in CLI command (FG-IR-20-206)

The version of FortiWeb installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-20-206 advisory. - A stack-based buffer overflow in Fortinet FortiWeb version 6.3.14 and below, 6.2.4 and below allows attacker to execute...

Fortinet Fortigate Stack-based buffer overflows via crafted CLI commands (FG-IR-21-206)

The version of Fortigate installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-21-206 advisory. - A buffer copy without checking size of input 'classic buffer overflow' in Fortinet FortiAnalyzer version 7.0.2 and below,...

Cisco Adaptive Security Appliance Software SSH Remote Command Injection Vulnerability (cisco-sa-asa-ssh-rce-gRAuPEUF)

A vulnerability in the SSH subsystem of Cisco Adaptive Security Appliance ASA Software could allow an authenticated, remote attacker to execute operating system commands as root. This vulnerability is due to insufficient validation of user input. An attacker could exploit this vulnerability by...

b4ae (>=2.0.0 <=2.1.3), clatter (>=0.1.2-alpha <=2.0.0-rc.1) +26 more potentially affected by unknown CVE via pqcrypto-kyber (>=0.1.2 <=0.8.1)

pqcrypto-kyber CARGO version =0.1.2, =2.0.0, =0.1.2-alpha, =0.1.4, =0.1.1, =0.1.0, =0.0.1, =0.1.0, =0.1.0, =0.1.0, =0.5.0 - qux-pqc =1.0.0 and more Source cves: unknown CVE Source advisory: OSV:RUSTSEC-2024-0381...

The vulnerability of the PFE (evo-pfemand) control demon in JunOS Evolved operating systems allows a intruder to trigger a service failure.

The vulnerability of the PFE evo-pfemand control demon for JunOS Evolved is related to the unlimited distribution of resources. Exploiting this vulnerability allows a malicious actor to cause service failures by executing arbitrary commands through the command line interface, or by sending...

RHEL 8 / 9 : OpenShift Container Platform 4.16.18 (RHSA-2024:8263)

The remote Redhat Enterprise Linux 8 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:8263 advisory. Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or...

@adobe/git-server (>=0.9.17 <=1.0.5), @adobe/helix-cli (>=0.3.0-SNAPSHOT.293 <=6.1.0) +69 more potentially affected by CVE-2024-48964 via snyk-gradle-plugin (>=1.0.2 <=3.9.0)

snyk-gradle-plugin NPM version =1.0.2, =0.9.17, =0.3.0-SNAPSHOT.293, =2.6.0, =1.0.5-SNAPSHOT.105, =0.0.4, =8.0.36, =5.0.22, =3.10.42, =0.0.70, =0.5.8, =3.2.4, =0.1.3, =0.0.2, =0.0.3 and more Source cves: CVE-2024-48964 Source advisory: OSV:GHSA-QQQW-GM93-QF6M...

GHSA-69F9-H8F9-7VJF vulnerabilities

Vulnerabilities for packages: snyk-cli...

GHSA-69F9-H8F9-7VJF vulnerabilities

Vulnerabilities for packages: snyk-cli...

GHSA-QQQW-GM93-QF6M vulnerabilities

Vulnerabilities for packages: snyk-cli...

GHSA-QQQW-GM93-QF6M vulnerabilities

Vulnerabilities for packages: snyk-cli...