Authentication Bypass

org.apache.linkis:linkis-cli-application is vulnerable to Authentication Bypass. The vulnerability exists because the generated default tokens are easy to guess, which allows a remote attacker to bypass authentication mechanisms...

CVE-2023-28966

An Incorrect Default Permissions vulnerability in Juniper Networks Junos OS Evolved allows a low-privileged local attacker with shell access to modify existing files or execute commands as root. The issue is caused by improper file and directory permissions on certain system files, allowing an...

CVE-2023-28961

An Improper Handling of Unexpected Data Type vulnerability in IPv6 firewall filter processing of Juniper Networks Junos OS on the ACX Series devices will prevent a firewall filter with the term 'from next-header ah' from being properly installed in the packet forwarding engine PFE. There is no...

Design/Logic Flaw

An Improper Handling of Unexpected Data Type vulnerability in IPv6 firewall filter processing of Juniper Networks Junos OS on the ACX Series devices will prevent a firewall filter with the term 'from next-header ah' from being properly installed in the packet forwarding engine PFE. There is no...

Juniper Networks Junos OS Evolved 安全漏洞

Juniper Networks Junos OS Evolved is an updated version of Juniper Networks' Junos OS. A security vulnerability exists in Juniper Networks Junos OS Evolved, which can be exploited by a local, low-privileged user with shell access to execute CLI commands as root, and affects the following products...

CVE-2023-28966 Junos OS Evolved: Local low-privileged user with shell access can execute CLI commands as root

An Incorrect Default Permissions vulnerability in Juniper Networks Junos OS Evolved allows a low-privileged local attacker with shell access to modify existing files or execute commands as root. The issue is caused by improper file and directory permissions on certain system files, allowing an...

Fortinet Fortigate Ability to modify privileges from Custom to Read-Write (FG-IR-22-346)

The version of Fortigate installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-22-346 advisory. - An improper privilege management vulnerability CWE-269 in Fortinet FortiOS version 7.2.0 and before 7.0.7 and FortiProxy...

[SECURITY] Fedora 38 Update: podman-4.4.4-3.fc38

podman Pod Manager is a fully featured container engine that is a simple daemonless tool. podman provides a Docker-CLI comparable command line that eases the transition from other container engines and allows the management of pods, containers and images. Simply put: alias docker=3Dpodman. Most...

SUSE SLES15: aws-nitro-enclaves-binaryblobs-upstream / aws-nitro-enclaves-cli / etc (SUSE-SU-2023:1844-1)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:1844-1 advisory. Update aws-nitro-enclaves-cli to version 1.2.2git0.4ccc639: CVE-2022-31394: Fixed DoS vulnerability in hyper crate...

CVE-2023-29194

Vitess is a database clustering system for horizontal scaling of MySQL. Users can either intentionally or inadvertently create a keyspace containing / characters such that from that point on, anyone who tries to view keyspaces from VTAdmin will receive an error. Trying to list all the keyspaces...

Design/Logic Flaw

Vitess is a database clustering system for horizontal scaling of MySQL. Users can either intentionally or inadvertently create a keyspace containing / characters such that from that point on, anyone who tries to view keyspaces from VTAdmin will receive an error. Trying to list all the keyspaces...

CVE-2023-29194

Vitess CVE-2023-29194 describes a logic flaw that allows creation of a keyspace containing a slash (/), which can cause VTAdmin (and in some references vtctldclient GetKeyspaces) to error when listing or viewing keyspaces. The underlying issue affects how keyspaces with a slash are handled and ma...

CVE-2023-29194 vitess allows users to create keyspaces that can deny access to already existing keyspaces

Vitess is a database clustering system for horizontal scaling of MySQL. Users can either intentionally or inadvertently create a keyspace containing / characters such that from that point on, anyone who tries to view keyspaces from VTAdmin will receive an error. Trying to list all the keyspaces...

CVE-2023-29194 vitess allows users to create keyspaces that can deny access to already existing keyspaces

Vitess is a database clustering system for horizontal scaling of MySQL. Users can either intentionally or inadvertently create a keyspace containing / characters such that from that point on, anyone who tries to view keyspaces from VTAdmin will receive an error. Trying to list all the keyspaces...

SUSE-SU-2023:1844-1 Security update for aws-nitro-enclaves-cli

This update for aws-nitro-enclaves-cli fixes the following issues: Update aws-nitro-enclaves-cli to version 1.2.2git0.4ccc639: CVE-2022-31394: Fixed DoS vulnerability in hyper crate bsc1208555. Update aws-nitro-enclaves-cli to version 1.2.0git2.841ef94: CVE-2022-24713: Fixed ReDoS vulnerability i...

CVE-2023-1326

A privilege escalation attack was found in apport-cli 2.26.0 and earlier which is similar to CVE-2023-26604. If a system is specially configured to allow unprivileged users to run sudo apport-cli, less is configured as the pager, and the terminal size can be set: a local attacker can escalate...

CVE-2023-1326

A privilege escalation attack was found in apport-cli 2.26.0 and earlier which is similar to CVE-2023-26604. If a system is specially configured to allow unprivileged users to run sudo apport-cli, less is configured as the pager, and the terminal size can be set: a local attacker can escalate...

Privilege escalation

A privilege escalation attack was found in apport-cli 2.26.0 and earlier which is similar to CVE-2023-26604. If a system is specially configured to allow unprivileged users to run sudo apport-cli, less is configured as the pager, and the terminal size can be set: a local attacker can escalate...

CVE-2023-1326 local privilege escalation in apport-cli

A privilege escalation attack was found in apport-cli 2.26.0 and earlier which is similar to CVE-2023-26604. If a system is specially configured to allow unprivileged users to run sudo apport-cli, less is configured as the pager, and the terminal size can be set: a local attacker can escalate...

CVE-2023-1326

Technical details for CVE-2023-1326 are not provided in the connected documents. Available sources reference the vulnerability and related CVEs (e.g., CVE-2023-26604) but do not expose affected products, versions, or fixes beyond the apport-cli context.