CVE-2024-9158

A stored cross site scripting vulnerability exists in Nessus Network Monitor where an authenticated, privileged local attacker could inject arbitrary code into the NNM UI via the local CLI...

CVE-2024-9158

A stored cross site scripting vulnerability exists in Nessus Network Monitor where an authenticated, privileged local attacker could inject arbitrary code into the NNM UI via the local CLI...

CVE-2024-9158 XSS

A stored cross site scripting vulnerability exists in Nessus Network Monitor where an authenticated, privileged local attacker could inject arbitrary code into the NNM UI via the local CLI...

CVE-2024-9158 XSS

A stored cross site scripting vulnerability exists in Nessus Network Monitor where an authenticated, privileged local attacker could inject arbitrary code into the NNM UI via the local CLI...

CVE-2024-9158

CVE-2024-9158 is a stored cross-site scripting vulnerability in Nessus Network Monitor (NNM). The available connected sources confirm: an authenticated, privileged local attacker can inject arbitrary code into the NNM UI via the local CLI. Affected software is Nessus Network Monitor prior to vers...

RLSA-2024:7262 Important: osbuild-composer security update

A service for building customized OS artifacts, such as VM images and OSTree commits, that uses osbuild under the hood. Besides building images for local usage, it can also upload images directly to cloud. It is compatible with composer-cli and cockpit-composer clients. Security Fixes:...

osbuild-composer security update

An update is available for osbuild-composer. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list A service for building customized OS artifacts, such as VM images an...

PT-2024-39461 · Tenable · Nessus Network Monitor

Name of the Vulnerable Software and Affected Versions: Nessus Network Monitor versions 6.4.1 and earlier Description: A stored cross site scripting vulnerability exists in Nessus Network Monitor where an authenticated, privileged local attacker could inject arbitrary code into the NNM UI via the...

OPENSUSE-SU-2024:14374-1 argocd-cli-2.12.4-1.1 on GA media

These are all security issues fixed in the argocd-cli-2.12.4-1.1 package on the GA media of openSUSE Tumbleweed...

Important: Red Hat Security Advisory: osbuild-composer security update

An update for osbuild-composer is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerabili...

Important: Red Hat Security Advisory: osbuild-composer security update

An update for osbuild-composer is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

ALSA-2024:7262 Important: osbuild-composer security update

A service for building customized OS artifacts, such as VM images and OSTree commits, that uses osbuild under the hood. Besides building images for local usage, it can also upload images directly to cloud. It is compatible with composer-cli and cockpit-composer clients. Security Fixes:...

Important: osbuild-composer security update

A service for building customized OS artifacts, such as VM images and OSTree commits, that uses osbuild under the hood. Besides building images for local usage, it can also upload images directly to cloud. It is compatible with composer-cli and cockpit-composer clients. Security Fixes:...

AeP (>=0.1.0 <=0.1.3), ApacheLogAnonymizer (>=0.1.0 <=0.1.1) +24249 more potentially affected by unknown CVE via atty (>=0.1.2 <=0.2.14)

atty CARGO version =0.1.2, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.1.8, =0.1.0, =0.1.0, =0.1.0, =0.2.0, =0.1.0, =0.1.4 - IMAPServer =0.2.0 and more Source cves: unknown CVE Source advisory: OSV:RUSTSEC-2024-0375...

CVE-2024-42506 Unauthenticated Command Injection Vulnerabilities in the CLI Service Accessed by the PAPI Protocol

Command injection vulnerabilities in the underlying CLI service could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI Aruba's Access Point management protocol UDP port 8211. Successful exploitation of these vulnerabilities results in the...

Cisco IOS XR Software CLI Privilege Escalation (cisco-sa-iosxr-priv-esc-CrG5vhCq)

According to its self-reported version, Cisco IOS XR is affected by a vulnerability. - A vulnerability in the CLI of Cisco IOS XR Software could allow an authenticated, local attacker to obtain read/write file system access on the underlying operating system of an affected device. This...

RHSA-2024:1752 Red Hat Security Advisory: GitOps 1.12.1- Argo CD CLI and MicroShift GitOps security update

Bulletin has no description...

CVE-2024-42503

CVE-2024-42503 is an authenticated command execution vulnerability in ArubaOS CLI. Exploitation enables running arbitrary commands as a privileged OS user. The connected Nessus entry HPESBNW04709 notes affected ArubaOS versions: ArubaOS 8.10.x before 8.10.0.14, 8.12.x before 8.12.0.2, and 10.6.x ...

Updated python-tqdm package fixes security vulnerability

Any optional non-boolean CLI arguments e.g. --delim, --buf-size, --manpath are passed through python's eval, allowing arbitrary code execution. This issue is only locally exploitable...

RHSA-2018:2837 Red Hat Security Advisory: ceph-iscsi-cli security update

Bulletin has no description...