Fortinet Fortigate xss (FG-IR-23-471)

The version of Fortigate installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-23-471 advisory. - An improper neutralization of input during web page Generation 'Cross-site Scripting' vulnerability CWE-79 in FortiOS versi...

How to Enable Veeam Kasten for Kubernetes Disaster Recovery using CLI

Purpose This article provides step-by-step instructions on how to enable Veeam Kasten for Kubernetes Disaster Recovery KDR using CLI. Veeam Kasten for Kubernetes Documentation - Disaster Recovery Solution 1. Replace in the following command and run it to create a DR secret with a passphrase: Note...

SUSE SLES15 / openSUSE 15 Security Update : aws-nitro-enclaves-cli (SUSE-SU-2024:1966-1)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2024:1966-1 advisory. - CVE-2023-50711: Fixed out of bounds memory accesses in embedded vmm-sys-util bsc1218501. Tenable has extracted the preceding...

Fortinet Fortigate Weak key derivation for backup file (FG-IR-23-423)

The version of Fortigate installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-23-423 advisory. - A use of password hash with insufficient computational effort vulnerability CWE-916 affecting FortiOS version 7.4.3 and...

Fortinet Fortigate Stack buffer overflow on bluetooth write feature (FG-IR-23-356)

The version of Fortigate installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-23-356 advisory. - A stack-based buffer overflow in Fortinet FortiOS version 7.4.0 through 7.4.1 and 7.2.0 through 7.2.7 and 7.0.0 through...

Docker CLI leaks private registry credentials to registry-1.docker.io

Impact A bug was found in the Docker CLI where running docker login my-private-registry.example.com with a misconfigured configuration file typically /.docker/config.json listing a credsStore or credHelpers that could not be executed would result in any provided credentials being sent to...

GHSA-99PG-GRM5-QQ3V Docker CLI leaks private registry credentials to registry-1.docker.io

Impact A bug was found in the Docker CLI where running docker login my-private-registry.example.com with a misconfigured configuration file typically /.docker/config.json listing a credsStore or credHelpers that could not be executed would result in any provided credentials being sent to...

SUSE-SU-2024:1966-1 Security update for aws-nitro-enclaves-cli

This update for aws-nitro-enclaves-cli fixes the following issues: - CVE-2023-50711: Fixed out of bounds memory accesses in embedded vmm-sys-util bsc1218501...

Fedora: Security Advisory for rust-bodhi-cli (FEDORA-2024-40ee18b2e7)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora: Security Advisory for rust-varlink-cli (FEDORA-2024-40ee18b2e7)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora: Security Advisory for rust-tree-sitter-cli (FEDORA-2024-40ee18b2e7)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora: Security Advisory for rust-tealdeer (FEDORA-2024-40ee18b2e7)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora: Security Advisory for rust-bindgen-cli (FEDORA-2024-40ee18b2e7)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora: Security Advisory for rust-askalono-cli (FEDORA-2024-40ee18b2e7)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora: Security Advisory for rust-dua-cli (FEDORA-2024-40ee18b2e7)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Evmos allows unvested token delegations

Impact What kind of vulnerability is it? Who is impacted? At the moment, users are able to delegate tokens that have not yet been vested. This affects employees and grantees who have funds managed via ClawbackVestingAccount. Patches Has the problem been patched? What versions should users upgrade...

GHSA-7HRH-V6WP-53VW Evmos allows unvested token delegations

Impact What kind of vulnerability is it? Who is impacted? At the moment, users are able to delegate tokens that have not yet been vested. This affects employees and grantees who have funds managed via ClawbackVestingAccount. Patches Has the problem been patched? What versions should users upgrade...

GO-2024-2850 NATS server TLS missing ciphersuite settings when CLI flags used in github.com/nats-io/nats-server

NATS server TLS missing ciphersuite settings when CLI flags used in github.com/nats-io/nats-server...

CVE-2024-23669

An improper authorization in Fortinet FortiWebManager version 7.2.0 and 7.0.0 through 7.0.4 and 6.3.0 and 6.2.3 through 6.2.4 and 6.0.2 allows attacker to execute unauthorized code or commands via HTTP requests or CLI...

CVE-2024-23669

An improper authorization in Fortinet FortiWebManager version 7.2.0 and 7.0.0 through 7.0.4 and 6.3.0 and 6.2.3 through 6.2.4 and 6.0.2 allows attacker to execute unauthorized code or commands via HTTP requests or CLI...