MAL-2024-1988 Malicious code in @expue/cli (npm)

--- -= Per source details. Do not edit below this line.=-...

Tp-Link ER7206 Omada Gigabit VPN Router cli_server debug leftover debug code vulnerability

Talos Vulnerability Report TALOS-2024-1947 Tp-Link ER7206 Omada Gigabit VPN Router cliserver debug leftover debug code vulnerability June 25, 2024 CVE Number CVE-2024-21827 SUMMARY A leftover debug code vulnerability exists in the cliserver debug functionality of Tp-Link ER7206 Omada Gigabit VPN...

atuin (>=0.3.0 <=11.0.0), atuin-client (>=0.6.2 <=11.0.0) +27 more potentially affected by unknown CVE via chrono-english (=0.1.8)

chrono-english CARGO version =0.1.8 is affected by a known vulnerability. The following packages have a transitive dependency on chrono-english and may be impacted: - atuin =0.3.0, =0.6.2, =0.6.2, =0.1.0, =1.9.0, =0.1.0, =0.1.0, =0.2.0, =0.1.0, =0.4.2, =0.4.0, =0.7.0, =0.0.4, =1.0.0 and more Sour...

Important: docker

Issue Overview: A file permissions vulnerability was found in Moby Docker Engine. Copying files by using into a specially-crafted container can result in Unix file permission changes for existing files in the host's filesystem, which might lead to permissions escalation and allow an attacker acce...

CVE-2024-38359

The Lightning Network Daemon lnd - is a complete implementation of a Lightning Network node. A parsing vulnerability in lnd's onion processing logic and lead to a DoS vector due to excessive memory allocation. The issue was patched in lnd v0.17.0. Users should update to a version v0.17.0 to be...

CVE-2024-38359

The CVE-2024-38359 vulnerability affects the Lightning Network Daemon (lnd) in its onion processing logic, causing a Denial-of-Service due to excessive memory allocation. It has been patched in lnd v0.17.0; upgrading to a version greater than 0.17.0 mitigates the issue. As a partial mitigation, u...

CVE-2024-38359 Lightning Network Daemon Onion Bomb

The Lightning Network Daemon lnd - is a complete implementation of a Lightning Network node. A parsing vulnerability in lnd's onion processing logic and lead to a DoS vector due to excessive memory allocation. The issue was patched in lnd v0.17.0. Users should update to a version v0.17.0 to be...

Important: Red Hat Enhancement Advisory: Red Hat OpenShift Pipelines Client tkn for 1.15.0 release

Red Hat OpenShift Pipelines Client tkn for 1.15.0 has been released. Red Hat OpenShift Pipelines Client, tkn for the 1.15.0 release, provides a CLI tool to interact with the Pipelines and Triggers components provided by Red Hat OpenShift Pipelines 1.15.0 The tkn CLI tool is delivered as an RPM...

Wordfence Intelligence Weekly WordPress Vulnerability Report (June 10, 2024 to June 16, 2024)

Did you know Wordfence runs a Bug Bounty Program for all WordPress plugin and themes at no cost to vendors? Researchers can earn up to $10,400, for all in-scope vulnerabilities submitted to our Bug Bounty Program! Find a vulnerability, submit the details directly to us, and we handle all the rest...

Important: Red Hat Security Advisory: Release of openshift-serverless-clients kn 1.33.0 security update & enhancements

Red Hat openshift-serverless-clients kn 1.33.0 is now available. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE...

@arkxio/ark-ui (>=0.1.0 <=0.1.18), @arkxio/ark-ui-src (=0.1.0) +39 more potentially affected by CVE-2024-38357 via tinymce (>=6.0.0 <=6.8.3)

tinymce NPM version =6.0.0, =0.1.0, =0.1.19, =0.1.0, =0.1.0, =0.1.0, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.0.7 and more Source cves: CVE-2024-38357 Source advisory: OSV:GHSA-W9JX-4G6G-RP7X...

Important: Red Hat Security Advisory: OpenShift Container Platform 4.13.44 bug fix and security update

Red Hat OpenShift Container Platform release 4.13.44 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.13. Red Hat Product Security has rated this update as having a...

K000140043: runc vulnerability CVE-2024-21626

Security Advisory Description runc is a CLI tool for spawning and running containers on Linux according to the OCI specification. In runc 1.1.11 and earlier, due to an internal file descriptor leak, an attacker could cause a newly-spawned container process from runc exec to have a working directo...

Security Bulletin: Multiple Vulnerabilities have been identified in IBM Db2 shipped with IBM WebSphere Remote Server

Summary IBM Db2 is shipped with IBM WebSphere Remote Server. Information about security vulnerabilities affecting IBM Db2 have been published in a security bulletin CVE-2023-45853, CVE-2023-29267, CVE-2024-25710, CVE-2024-26308, CVE-2023-45178, CVE-2024-28762, CVE-2024-28757, CVE-2024-29025,...

CVE-2024-37794

Improper input validation in CVC5 Solver v1.1.3 allows attackers to cause a Denial of Service DoS via a crafted SMT2 input file...

MAL-2024-1622 Malicious code in @corraldev/cli (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 2ce1f827fc48514e74b4bd81dc008359f2284ff02be068cbae81851f6e2056ea Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

OPENSUSE-SU-2024:10644-1 aws-cli-1.20.7-2.2 on GA media

These are all security issues fixed in the aws-cli-1.20.7-2.2 package on the GA media of openSUSE Tumbleweed...

OPENSUSE-SU-2024:12695-1 cilium-cli-0.12.13-1.1 on GA media

These are all security issues fixed in the cilium-cli-0.12.13-1.1 package on the GA media of openSUSE Tumbleweed...

OPENSUSE-SU-2024:12787-1 oci-cli-3.23.3-1.1 on GA media

These are all security issues fixed in the oci-cli-3.23.3-1.1 package on the GA media of openSUSE Tumbleweed...

OPENSUSE-SU-2024:11175-1 platformsh-cli-3.67.2-1.2 on GA media

These are all security issues fixed in the platformsh-cli-3.67.2-1.2 package on the GA media of openSUSE Tumbleweed...