0xsodium (>=0.2.0 <=0.14.0), 1password-config (=0.0.1) +11410 more potentially affected by CVE-2022-32210 via undici (>=4.9.3 <=5.4.0)

undici NPM version =4.9.3, =0.2.0, =1.0.0, =0.2.0, =0.4.0, =0.1.0, =0.0.1, =1.0.21, =1.0.1, =2.1.0, =2.1.0, =2.1.1 and more Source cves: CVE-2022-32210 Source advisory: OSV:GHSA-PGW7-WX7W-2W33...

CVE-2022-1833

A flaw was found in AMQ Broker Operator, installed via UI using the OperatorHub. In this vulnerability, a low-privilege user with access to the Operator deployed namespace has access to cluster-wide edit rights. This flaw allows an attacker to have full cluster management access. Mitigation In...

CVE-2022-32156

In Splunk Enterprise and Universal Forwarder versions before 9.0, the Splunk command-line interface CLI did not validate TLS certificates while connecting to a remote Splunk platform instance by default. After updating to version 9.0, see Configure TLS host name validation for the Splunk CLI...

Design/Logic Flaw

In Splunk Enterprise and Universal Forwarder versions before 9.0, the Splunk command-line interface CLI did not validate TLS certificates while connecting to a remote Splunk platform instance by default. After updating to version 9.0, see Configure TLS host name validation for the Splunk CLI...

Moderate: Red Hat Security Advisory: OpenShift Container Platform 4.9.38 packages and security update

Red Hat OpenShift Container Platform release 4.9.38 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.9. Red Hat Product Security has rated this update as having a...

CVE-2022-32156 Splunk Enterprise and Universal Forwarder CLI connections lacked TLS cert validation

In Splunk Enterprise and Universal Forwarder versions before 9.0, the Splunk command-line interface CLI did not validate TLS certificates while connecting to a remote Splunk platform instance by default. After updating to version 9.0, see Configure TLS host name validation for the Splunk CLI...

CVE-2022-32156

CVE-2022-32156 affects Splunk Enterprise and Universal Forwarder prior to 9.0, where the CLI did not validate TLS certificates when connecting to a remote Splunk platform. The issue’s root cause is missing TLS host-name validation by default, potentially enabling misconfigured nodes to bypass val...

CVE-2022-32564

An issue was discovered in Couchbase Server before 7.0.4. In couchbase-cli, server-eshell leaks the Cluster Manager cookie...

CVE-2022-32564

An issue was discovered in Couchbase Server before 7.0.4. In couchbase-cli, server-eshell leaks the Cluster Manager cookie...

npm CLI 信息泄露漏洞

npm CLI is a package manager from the US company npm. An information disclosure vulnerability exists in the npm CLI npm-packlist version v7.9.0 and v7.13.0, which stems from a runtime omission of the root-level .gitignore and .npmignore file exclusion directives...

ghost-in-the-machine (=0.0.70), restful-starlette (>=0.0.1 <=0.0.4) +3 more potentially affected by CVE-2022-2054 via nuitka (>=0.6.10 <=0.6.19.7)

nuitka PYPI version =0.6.10, =0.0.1, =0.0.8, =7.15.0, =7.15.3 - teamscale-cli =7.1.0 Source cves: CVE-2022-2054 Source advisory: OSV:PYSEC-2022-209...

Updated python-ujson packages fix security vulnerability

Benchmark refactor - argparse CLI. Fix segmentation faults when errors occur while handling unserialisable objects. Fix segmentation fault when an exception is raised while converting a dict key to a string. Fix memory leak dumping on non-string dict keys - Fix ref counting on repeated default...

MGASA-2022-0222 Updated python-ujson packages fix security vulnerability

Benchmark refactor - argparse CLI. Fix segmentation faults when errors occur while handling unserialisable objects. Fix segmentation fault when an exception is raised while converting a dict key to a string. Fix memory leak dumping on non-string dict keys - Fix ref counting on repeated default...

FortiAP-U - Relative path traversal vulnerability in CLI

A path traversal vulnerability CWE-22 in FortiAP-U CLI may allow an admin user to delete and access unauthorized files and data via specifically crafted CLI commands...

Exploit for Code Injection in Vmware Identity_Manager

CVE-2022-22954 PoC VMware Workspace ONE Access and Identity M...

Exploit for Code Injection in Vmware Identity_Manager

CVE-2022-22954 PoC VMware Workspace ONE Access and Identity M...

Exploit for Improper Privilege Management in Kramerav Viaware

CVE-2021-36356 and CVE-2021-35064 PoC Usage: bash...

The vulnerability of the CLI component of the Cisco IOS XE operating system for Cisco Catalyst 9000 Series network devices allows a perpetrator to escalate their privileges or execute arbitrary commands.

The vulnerability of the CLI component of the Cisco IOS XE operating system for Cisco Catalyst 9000 Series network devices is related to privilege assignment errors. Exploiting this vulnerability can allow an attacker to enhance their privileges or execute arbitrary commands...

Exploit for Code Injection in Vmware Identity_Manager

CVE-2022-22954 PoC VMware Workspace ONE Access and Identity M...

Fedora: Security Advisory for golang-github-opencontainers-runc (FEDORA-2022-d1f55f8fd0)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...