Deserialization Of Untrusted Data

ops-cli is vulnerable to Deserialization Of Untrusted Data. The vulnerability is due to improper handling of user-supplied data in the checkoutrepo function, which allows an attacker to execute arbitrary code on the victim's machine...

CVE-2022-41717 affecting package moby-cli for versions less than 24.0.9-1

CVE-2022-41717 affecting package moby-cli for versions less than 24.0.9-1. An upgraded version of the package is available that resolves this issue...

Moderate: podman security and bug fix update

The podman tool manages pods, container images, and containers. It is part of the libpod library, which is for applications that use container pods. Container pods is a concept in Kubernetes. Security Fixes: podman: golang-protobuf: encoding/protojson, internal/encoding/json: infinite loop in...

Amazon Linux 2023 : wireshark-cli, wireshark-devel (ALAS2023-2024-590)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2024-590 advisory. T.38 dissector crash in Wireshark 4.2.0 to 4.0.3 and 4.0.0 to 4.0.13 allows denial of service via packet injection or crafted capture file CVE-2024-2955 Tenable has extracted the preceding description...

RHEL 8 / 9 : skupper-cli and skupper-router (RHSA-2023:6165)

The remote Redhat Enterprise Linux 8 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:6165 advisory. Security Fixes: golang: net/http, x/net/http2: rapid stream resets can cause excessive work CVE-2023-44487 CVE-2023-39325 HTTP/2: Multip...

RHEL 8 : jenkins and jenkins-2-plugins (RHSA-2024:0776)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:0776 advisory. Jenkins is a continuous integration server that monitors executions of repeated jobs, such as building a software project or jobs run by cro...

Url-Status-Checker - Tool For Swiftly Checking The Status Of URLs

Status Checker is a Python script that checks the status of one or multiple URLs/domains and categorizes them based on their HTTP status codes. Version 1.0.0 Created BY BLACK-SCORP10 t.me/BLACK-SCORP10 Features Check the status of single or multiple URLs/domains. Asynchronous HTTP requests for...

Important: Red Hat Security Advisory: OpenShift Container Platform 4.14.22 bug fix and security update

Red Hat OpenShift Container Platform release 4.14.22 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.14. Red Hat Product Security has rated this update as having a...

Important: Red Hat Security Advisory: OpenShift Container Platform 4.12.56 security update

Red Hat OpenShift Container Platform release 4.12.56 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.12. Red Hat Product Security has rated this update as having a...

Microsoft Azure Command-Line Interface (CLI) Extensions Installed (Windows)

Binary data azurecliextensionswindetect.nbin...

Microsoft Azure CLI Confcom Extension < 0.3.3 Privilege Escalation

An elevation of privilege vulnerability exists in Microsoft Azure CLI Confcom extension. An unauthenticated, remote attacker can exploit this, to gain elevated privileges. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number...

HTTPS configuration between Brocade SANnav Management Portal and Brocade SAN switches (no CVE)

A security researcher reported a lack of encryption in Brocade SANnav for management protocol HTTP. The researcher states: By default, the appliance can be installed with these options: To configure HTTP or HTTPS connections between SANnav Management Portal and SAN switches, select one of the...

Improper Authentication

jenkins-core is vulnerable to Improper Authentication. The vulnerability is due to the CLI using remote-based commands that stored encrypted user names in a cache particularly login command, enabling attacker with certain permissions to impersonate any Jenkins user...

PT-2024-25804 · Node.Js +1 · Node.Js +2

Name of the Vulnerable Software and Affected Versions: @hoppscotch/cli versions prior to 0.8.0 Description: The @hoppscotch/cli is a CLI to run Hoppscotch Test Scripts in CI environments. Prior to version 0.8.0, the @hoppscotch/js-sandbox package provides a Javascript sandbox that uses the Node.j...

Fortinet FortiSandbox OS Command Injection Vulnerability (CNVD-2024-20429)

Fortinet FortiSandbox is an APT Advanced Persistent Threat protection appliance from Fortinet. The appliance offers dual sandboxing technology, dynamic threat intelligence system, real-time control panel and reporting. Fortinet FortiSandbox suffers from an operating system command injection...

Important: Red Hat Security Advisory: OpenShift Container Platform 4.13.40 packages and security update

Red Hat OpenShift Container Platform release 4.13.40 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.13. Red Hat Product Security has rated this update as having a...

Juniper Junos OS Vulnerability (JSA75744)

The version of Junos OS installed on the remote host is affected by a vulnerability as referenced in the JSA75744 advisory. - An Improper Check for Unusual or Exceptional Conditions vulnerability in the kernel of Juniper Network Junos OS on MX Series allows a network based attacker with low...

@cardinal/namespaces-components (>=4.1.0 <=5.0.0), @frakters/fusion-pool (>=1.0.0 <=1.0.4) +1 more potentially affected by CVE-2024-30253 via @solana/web3.js (=1.32.0)

@solana/web3.js NPM version =1.32.0 is affected by a known vulnerability. The following packages have a transitive dependency on @solana/web3.js and may be impacted: - @cardinal/namespaces-components =4.1.0, =1.0.0, =0.0.29, =0.0.32 Source cves: CVE-2024-30253 Source advisory:...

@strata-foundation/governance-cli (>=3.11.0 <=3.11.2) potentially affected by CVE-2024-30253 via @solana/web3.js (=1.22.0)

@solana/web3.js NPM version =1.22.0 is affected by a known vulnerability. The following packages have a transitive dependency on @solana/web3.js and may be impacted: - @strata-foundation/governance-cli =3.11.0, =3.11.2 Source cves: CVE-2024-30253 Source advisory: OSV:GHSA-8M45-2RJM-J347...

OSV-2024-264 UNKNOWN READ in cli_html_normalise

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=67953 Crash type: UNKNOWN READ Crash state: clihtmlnormalise htmlnormalisemap cliscanhtml...