localapp (>=0.1.0 <=0.1.1) potentially affected by CVE-2023-46115 via tauri-cli (=1.1.1)

tauri-cli CARGO version =1.1.1 is affected by a known vulnerability. The following packages have a transitive dependency on tauri-cli and may be impacted: - localapp =0.1.0, =0.1.1 Source cves: CVE-2023-46115 Source advisory: OSV:GHSA-2RCP-JVR4-R259...

Tauri's Updater Private Keys Possibly Leaked via Vite Environment Variables

Impact This advisory is not describing a vulnerability in the Tauri code base itself but a commonly used misconfiguration which could lead to leaking of the private key and updater key password into bundled Tauri applications using the Vite frontend in a specific configuration. The Tauri...

CVE-2022-2441

The ImageMagick Engine plugin for WordPress is vulnerable to remote code execution via the 'clipath' parameter in versions up to, and including 1.7.5. This makes it possible for unauthenticated users to run arbitrary commands leading to remote command execution, granted they can trick a site...

azure-cli (=2.41.0), brokerql (>=0.0.1 <=0.0.2) potentially affected by CVE-2023-44690 via mycli (>=1.22.2 <=1.27.0)

mycli PYPI version =1.22.2, =0.0.1, =0.0.2 Source cves: CVE-2023-44690 Source advisory: OSV:GHSA-V9VJ-9PXV-MR2W...

hass-auth-synology (>=0.0.0 <=0.4.28), homeassistant-cli (=0.2.0) +4 more potentially affected by CVE-2023-41893 via homeassistant (>=0.83.3 <=2023.8.4)

homeassistant PYPI version =0.83.3, =0.0.0, =2021.4.0, =0.4.11, =1.2.0, =0.3.0, =0.13.85 Source cves: CVE-2023-41893 Source advisory: OSV:PYSEC-2023-214...

PT-2023-12753 · WordPress · Imagemagick Engine

Name of the Vulnerable Software and Affected Versions: ImageMagick Engine plugin for WordPress versions up to, and including 1.7.5 Description: The issue allows for remote code execution via the cli path parameter. This enables unauthenticated users to run arbitrary commands, potentially leading ...

CVE-2023-46115 Updater Private Keys Possibly Leaked via Vite Environment Variables in tauri-cli

Tauri is a framework for building binaries for all major desktop platforms. This advisory is not describing a vulnerability in the Tauri code base itself but a commonly used misconfiguration which could lead to leaking of the private key and updater key password into bundled Tauri applications...

azure-cli (=2.41.0), brokerql (>=0.0.1 <=0.0.2) potentially affected by CVE-2023-44690 via mycli (>=1.22.2 <=1.27.0)

mycli PYPI version =1.22.2, =0.0.1, =0.0.2 Source cves: CVE-2023-44690 Source advisory: OSV:PYSEC-2023-213...

agora (=0.1.0), ashpd (>=0.2.0-alpha <=0.2.0-alpha-3) +29 more potentially affected by CVE-2024-43806 via rustix (=0.37.13)

rustix CARGO version =0.37.13 is affected by a known vulnerability. The following packages have a transitive dependency on rustix and may be impacted: - agora =0.1.0 - ashpd =0.2.0-alpha, =0.2.0, =1.0.2, =0.6.0, =0.4.0, =0.2.0, =0.2.0-beta.4, =0.25.0, =0.4.8, =0.6.2 and more Source cves:...

Important: Red Hat Security Advisory: OpenShift Container Platform 4.11.52 bug fix and security update

Red Hat OpenShift Container Platform release 4.11.52 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.11. Red Hat Product Security has rated this update as having a...

Important: Red Hat Security Advisory: OpenShift Container Platform 4.12.39 bug fix and security update

Red Hat OpenShift Container Platform release 4.12.39 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.12. Red Hat Product Security has rated this update as having a...

Cisco IOS XE Software Web UI Command Injection (cisco-sa-webui-cmdij-FzZAeXAy)

According to its self-reported version, Cisco IOS-XE Software is affected by a vulnerability. - A vulnerability in the web UI of Cisco IOS XE Software could allow an authenticated, remote attacker to perform an injection attack against an affected device. This vulnerability is due to insufficient...

How to check the current TCP connection number of Gateway virtual server

It's not possible to check the current TCP connection number for gateway virtual server on NetScaler GUI, but it can be checked on the NetScaler CLI...

CVE-2023-44177

A Stack-based Buffer Overflow vulnerability in the CLI command of Juniper Networks Junos and Junos EVO allows a low privileged attacker to execute a specific CLI commands leading to Denial of Service. Repeated actions by the attacker will create a sustained Denial of Service DoS condition. This...

CVE-2023-44176

A Stack-based Buffer Overflow vulnerability in the CLI command of Juniper Networks Junos OS allows a low privileged attacker to execute a specific CLI commands leading to Denial of Service. Repeated actions by the attacker will create a sustained Denial of Service DoS condition. This issue affect...

CVE-2023-44178

A Stack-based Buffer Overflow vulnerability in the CLI command of Juniper Networks Junos OS allows a low privileged attacker to execute a specific CLI commands leading to Denial of Service. Repeated actions by the attacker will create a sustained Denial of Service DoS condition. This issue affect...

Stack overflow

A Stack-based Buffer Overflow vulnerability in the CLI command of Juniper Networks Junos and Junos EVO allows a low privileged attacker to execute a specific CLI commands leading to Denial of Service. Repeated actions by the attacker will create a sustained Denial of Service DoS condition. This...

Stack overflow

A Stack-based Buffer Overflow vulnerability in the CLI command of Juniper Networks Junos OS allows a low privileged attacker to execute a specific CLI commands leading to Denial of Service. Repeated actions by the attacker will create a sustained Denial of Service DoS condition. This issue affect...

Stack overflow

A Stack-based Buffer Overflow vulnerability in the CLI command of Juniper Networks Junos OS allows a low privileged attacker to execute a specific CLI commands leading to Denial of Service. Repeated actions by the attacker will create a sustained Denial of Service DoS condition. This issue affect...

CVE-2023-44178

CVE-2023-44178 describes a stack-based buffer overflow in the CLI command processing of Juniper Networks Junos OS. A low-privilege attacker can trigger the overflow by executing specific CLI commands, resulting in a Denial of Service (DoS); repeated actions cause a sustained DoS. Affected Junos O...