CVE-2024-8260 vulnerabilities

Vulnerabilities for packages: cosign, snyk-cli, spire-server, datadog-agent, k8sgpt, zarf, policy-controller, opa, conftest, zot, kubescape, kots, tfsec...

CVE-2024-8260 vulnerabilities

Vulnerabilities for packages: opa, cosign, kyverno, datadog-agent, cosign-fips, zot, policy-controller-fips, conftest, gatekeeper-fips, tfsec, snyk-cli, kots, datadog-agent-fips, policy-controller, gatekeeper, kyverno-fips, spire-server-fips, zarf, kubescape, spire-server, k8sgpt, conftest-fips...

CVE-2024-8260 OPA SMB Force-Authentication

A SMB force-authentication vulnerability exists in all versions of OPA for Windows prior to v0.68.0. The vulnerability exists because of improper input validation, allowing a user to pass an arbitrary SMB share instead of a Rego file as an argument to OPA CLI or to one of the OPA Go library’s...

Wordfence Intelligence Weekly WordPress Vulnerability Report (August 19, 2024 to August 25, 2024)

Did you know Wordfence runs a Bug Bounty Program for all WordPress plugin and themes at no cost to vendors? Through October 14th, researchers can earn up to $31,200, for all in-scope vulnerabilities submitted to our Bug Bounty Program! Find a vulnerability, submit the details directly to us, and ...

Malicious code in subspace-chatbot-cli (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 31bfcf245439a664e6089e8a70261797608614e43d5f4c36abd2cf737a4881d9 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Moderate: Red Hat Security Advisory: OpenShift Container Platform 4.12.64 security update

Red Hat OpenShift Container Platform release 4.12.64 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.12. Red Hat Product Security has rated this update as having a...

RHEL 8 / 9 : OpenShift Container Platform 4.12.64 (RHSA-2024:5810)

The remote Redhat Enterprise Linux 8 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:5810 advisory. Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or...

CVE-2024-20289 Cisco NX-OS Software Command Injection Vulnerability

A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, low-privileged, local attacker to execute arbitrary commands on the underlying operating system of an affected device. This vulnerability is due to insufficient validation of arguments for a specific CLI command. An...

Cisco NX-OS Software 安全漏洞

Cisco NX-OS Software is a suite of data center-grade operating system software used by switches from Cisco USA. A security vulnerability exists in Cisco NX-OS Software that stems from insufficient validation of parameters for specific CLI commands. An attacker exploiting this vulnerability could...

PT-2024-6116 · Cisco · Cisco Nx-Os +1

Name of the Vulnerable Software and Affected Versions: Cisco NX-OS Software affected versions not specified Description: A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, low-privileged, local attacker to execute arbitrary commands on the underlying operating system...

CVE-2023-45288 affecting package moby-cli for versions less than 24.0.9-3

CVE-2023-45288 affecting package moby-cli for versions less than 24.0.9-3. A patched version of the package is available...

IMAPServer (=0.2.0), IMAPServer-cli (=0.1.0) +369 more potentially affected by unknown CVE via diesel (>=0.10.1 <=2.2.12)

diesel CARGO version =0.10.1, =0.1.0, =0.1.0, =0.1.0, =0.4.0, =0.1.4, =0.1.11, =0.1.0, =0.5.0, =0.1.0, =0.1.2 and more Source cves: unknown CVE Source advisory: OSV:RUSTSEC-2024-0365...

BIT-KEYDB-2021-32762 Integer overflow that can lead to heap overflow in redis-cli, redis-sentinel on some platforms

Redis is an open source, in-memory database that persists on disk. The redis-cli command line tool and redis-sentinel service may be vulnerable to integer overflow when parsing specially crafted large multi-bulk network replies. This is a result of a vulnerability in the underlying hiredis librar...

RHEL 8 / 9 : OpenShift Container Platform 4.13.48 (RHSA-2024:5446)

The remote Redhat Enterprise Linux 8 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:5446 advisory. Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or...

RHEL 8 / 9 : OpenShift Container Platform 4.15.28 (RHSA-2024:5442)

The remote Redhat Enterprise Linux 8 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:5442 advisory. Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or...

@miragon/miranum-cli (>=0.5.5 <=0.5.12) potentially affected by CVE-2024-40453 via squirrelly (=9.0.0)

squirrelly NPM version =9.0.0 is affected by a known vulnerability. The following packages have a transitive dependency on squirrelly and may be impacted: - @miragon/miranum-cli =0.5.5, =0.5.12 Source cves: CVE-2024-40453 Source advisory: OSV:GHSA-W5PW-GMCW-RFC8...

GO-2022-0960 Flux CLI Workload Injection in github.com/fluxcd/flux2

Flux CLI Workload Injection in github.com/fluxcd/flux2...

GO-2022-0869 Possible XSS when using SSO with the CLI in github.com/argoproj/argo-cd

Possible XSS when using SSO with the CLI in github.com/argoproj/argo-cd...

GO-2022-0395 GitHub CLI can execute a git binary from the current directory in github.com/cli/cli

GitHub CLI can execute a git binary from the current directory in github.com/cli/cli...

GO-2022-0350 Code injection in Stripe CLI on windows in github.com/stripe/stripe-cli

Code injection in Stripe CLI on windows in github.com/stripe/stripe-cli...