deno_cli (>=0.18.0-preview4 <=0.23.0), deno_cli_snapshots (>=0.0.3 <=0.19.0) +2 more potentially affected by CVE-2024-27931 via deno (>=0.15.0 <=0.6.0)

deno CARGO version =0.15.0, =0.18.0-preview4, =0.0.3, =0.0.1, =0.23.0 Source cves: CVE-2024-27931 Source advisory: OSV:GHSA-HRQR-JV8W-V9JH...

PT-2024-2100 · Aruba · Arubaos

Name of the Vulnerable Software and Affected Versions: ArubaOS affected versions not specified Description: The issue is related to an arbitrary file deletion vulnerability in the CLI used by ArubaOS. Successful exploitation of this vulnerability results in the ability to delete arbitrary files o...

openSUSE: Security Advisory for php7 (SUSE-SU-2023:0073-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

GHSA-JW44-4F3J-Q396 vulnerabilities

Vulnerabilities for packages: k9s, cilium-cli...

GHSA-JW44-4F3J-Q396 vulnerabilities

Vulnerabilities for packages: cilium-cli, k9s...

CVE-2019-25210 vulnerabilities

Vulnerabilities for packages: k9s, cilium-cli...

CVE-2019-25210 vulnerabilities

Vulnerabilities for packages: cilium-cli, k9s...

Spring into Action! Earn up to $10,000 with our Extended Bug Bounty Program Extravaganza through Memorial Day!

Spring into action and kick-start your spring cleaning with a tech twist! Were excited to announce the extension of our Bug Bounty Extravaganza through Memorial Day, May 27th, 2024. Now, you have a golden opportunity to earn up to $10,000 for reporting vulnerabilities in WordPress software over t...

Design/Logic Flaw

A vulnerability in the Link Layer Discovery Protocol LLDP feature of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to cause a denial of service DoS condition on an affected device. This vulnerability is due to improper handling of specific fields i...

Cisco FXOS and NX-OS Software Link Layer Discovery Protocol Denial of Service Vulnerability

A vulnerability in the Link Layer Discovery Protocol LLDP feature of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to cause a denial of service DoS condition on an affected device. This vulnerability is due to improper handling of specific fields i...

Critical: Red Hat Security Advisory: OpenShift Container Platform 4.15.0 bug fix and security update

Red Hat OpenShift Container Platform release 4.15.0 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.15. Red Hat Product Security has rated this update as having a...

Microsoft Azure MCR VSTS CLI vstscli Uncontrolled Search Path Element Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of MCR VSTS CLI for Microsoft Azure. Authentication is not required to exploit this vulnerability. The specific flaw exists within the installation of MCR VSTS CLI. When installed from the Microsoft...

CVE-2021-44716 affecting package moby-cli for versions less than 20.10.27-5

CVE-2021-44716 affecting package moby-cli for versions less than 20.10.27-5. A patched version of the package is available...

CVE-2022-21698 affecting package moby-cli for versions less than 20.10.27-5

CVE-2022-21698 affecting package moby-cli for versions less than 20.10.27-5. A patched version of the package is available...

GHSA-R53H-JV2G-VPX6 vulnerabilities

Vulnerabilities for packages: cert-manager-fips, flux-source-controller, helm-operator, up, eksctl, kubevela, chartmuseum, helm-push, flux-helm-controller, k8sgpt, k9s, zarf, cert-manager, cilium-cli, trivy, kubescape, kots, zot...

CVE-2024-25129

The CodeQL CLI repo holds binaries for the CodeQL command line interface CLI. Prior to version 2.16.3, an XML parser used by the CodeQL CLI to read various auxiliary files is vulnerable to an XML External Entity attack. If a vulnerable version of the CLI is used to process either a maliciously...

Xxe

The CodeQL CLI repo holds binaries for the CodeQL command line interface CLI. Prior to version 2.16.3, an XML parser used by the CodeQL CLI to read various auxiliary files is vulnerable to an XML External Entity attack. If a vulnerable version of the CLI is used to process either a maliciously...

CVE-2024-25129 Limited data exfiltration in CodeQL CLI

The CodeQL CLI repo holds binaries for the CodeQL command line interface CLI. Prior to version 2.16.3, an XML parser used by the CodeQL CLI to read various auxiliary files is vulnerable to an XML External Entity attack. If a vulnerable version of the CLI is used to process either a maliciously...

CVE-2024-25129

The CVE-2024-25129 entry concerns CodeQL CLI prior to version 2.16.3, where an XML External Entity flaw in the CLI’s XML parser can cause the CLI to fetch an HTTP URL containing data read from a local file when processing malicious databases or specially crafted QL sources. Impact described as po...

CVE-2024-25129 Limited data exfiltration in CodeQL CLI

The CodeQL CLI repo holds binaries for the CodeQL command line interface CLI. Prior to version 2.16.3, an XML parser used by the CodeQL CLI to read various auxiliary files is vulnerable to an XML External Entity attack. If a vulnerable version of the CLI is used to process either a maliciously...