GO-2023-2378 Go package github.com/edgelesssys/marblerun CLI commands susceptible to MITM attacks

Go package github.com/edgelesssys/marblerun CLI commands susceptible to MITM attacks...

GO-2023-1653 `cilium-cli` disables etcd authorization for clustermesh clusters in github.com/cilium/cilium-cli

cilium-cli disables etcd authorization for clustermesh clusters in github.com/cilium/cilium-cli...

@airgap/beacon-sdk (>=0.0.1 <=0.0.3-beta.9), @altispeed/rn-matrix-core (>=0.0.34 <=0.0.36) +56 more potentially affected by CVE-2024-42369 via matrix-js-sdk (>=0.0.4 <=34.3.0)

matrix-js-sdk NPM version =0.0.4, =0.0.1, =0.0.34, =1.3.0, =1.0.0, =2.0.0, =2.0.0-alpha.3, =2.0.0-alpha.1, =1.4.1, =0.0.1, =0.0.0-development, =0.1.0, =0.17.0, =4.0.1, =0.3.1, =0.8.0 and more Source cves: CVE-2024-42369 Source advisory: OSV:GHSA-VHR5-G3PM-49FM...

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2024-23897 Jenkins Command Line Interface CLI Path Traversal Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber actors and...

Moderate: Red Hat Security Advisory: OpenShift Container Platform 4.12.63 packages and security update

Red Hat OpenShift Container Platform release 4.12.63 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.12. Red Hat Product Security has rated this update as having a...

RHEL 8 / 9 : OpenShift Container Platform 4.12.63 (RHSA-2024:5202)

The remote Redhat Enterprise Linux 8 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:5202 advisory. Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or...

GHSA-VWF8-Q6FW-4WCM vulnerabilities

Vulnerabilities for packages: hubble-ui, cilium-cli, hubble...

GHSA-VWF8-Q6FW-4WCM vulnerabilities

Vulnerabilities for packages: hubble-fips, hubble-ui-backend-fips, hubble, hubble-ui, cilium-cli, cilium-fips, cilium...

CVE-2024-42486 vulnerabilities

Vulnerabilities for packages: hubble-ui, cilium-cli, hubble...

GHSA-QCM3-7879-XCWW vulnerabilities

Vulnerabilities for packages: hubble-fips, hubble-ui-backend-fips, hubble, hubble-ui, cilium-cli, cilium-fips, cilium...

GHSA-QCM3-7879-XCWW vulnerabilities

Vulnerabilities for packages: hubble-ui, cilium-cli, hubble...

CVE-2024-42487 vulnerabilities

Vulnerabilities for packages: hubble-fips, hubble-ui-backend-fips, hubble, hubble-ui, cilium-cli, cilium-fips, cilium...

CVE-2023-39325 affecting package cf-cli for versions less than 8.7.3-2

CVE-2023-39325 affecting package cf-cli for versions less than 8.7.3-2. A patched version of the package is available...

USN-6959-1: .NET vulnerability

It was discovered that .NET suffered from an information disclosure vulnerability. An attacker could potentially use this issue to read targeted email messages...

D-Link DAP-2622 Command Injection Remote Code Execution Vulnerability

The D-Link DAP-2622 is a wireless access point AP from D-Link designed for wireless network coverage in an enterprise or commercial environment. The D-Link DAP-2622 suffers from a Command Injection Remote Code Execution vulnerability that stems from a Telnet CLI Command Injection Remote Code...

runc: Multiple Vulnerabilities

Background runc is a CLI tool for spawning and running containers on Linux according to the OCI specification. Description Multiple vulnerabilities have been discovered in runc. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for...

CVE-2024-7480

An Improper access control vulnerability was found in Avaya Aura System Manager which could allow a command-line interface CLI user with administrative privileges to read arbitrary files on the system. Affected versions include 10.1.x.x and 10.2.x.x. Versions prior to 10.1 are end of manufacturer...

CVE-2024-7477 Avaya Aura System Manager SQL injection vulnerability

A SQL injection vulnerability was found which could allow a command line interface CLI user with administrative privileges to execute arbitrary queries against the Avaya Aura System Manager database. Affected versions include 10.1.x.x and 10.2.x.x. Versions prior to 10.1 are end of manufacturer...

CVE-2024-7477 Avaya Aura System Manager SQL injection vulnerability

A SQL injection vulnerability was found which could allow a command line interface CLI user with administrative privileges to execute arbitrary queries against the Avaya Aura System Manager database. Affected versions include 10.1.x.x and 10.2.x.x. Versions prior to 10.1 are end of manufacturer...

Important: Red Hat Security Advisory: OpenShift Container Platform 4.14.34 bug fix and security update

Red Hat OpenShift Container Platform release 4.14.34 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.14. Red Hat Product Security has rated this update as having a...