[SECURITY] Fedora 36 Update: podman-4.0.3-1.fc36

podman Pod Manager is a fully featured container engine that is a simple daemonless tool. podman provides a Docker-CLI comparable command line that eases the transition from other container engines and allows the management of pods, containers and images. Simply put: alias docker=3Dpodman. Most...

Security Bulletin: A vulnerability in Docker CLI affects IBM Cloud Pak System (CVE-2021-41092)

Summary Docker CLI is vulnerable to attacks to obtain sensitive information. Docker CLI is used by Cloud Pak System as part to the infrastructure to manage the images and containers in the system. Cloud Pak System addressed this vulnerability. Vulnerability Details CVEID: CVE-2021-41092...

CVE-2022-24884

ecdsautils is a tiny collection of programs used for ECDSA keygen, sign, verify. ecdsaverifypreparelegacy does not check whether the signature values r and s are non-zero. A signature consisting only of zeroes is always considered valid, making it trivial to forge signatures. Requiring multiple...

Improper access control

An improper access control vulnerability CWE-284 in FortiOS versions 6.4.8 and prior and 7.0.3 and prior may allow an authenticated attacker with a restricted user profile to gather sensitive information and modify the SSL-VPN tunnel status of other VDOMs using specific CLI commands...

CVE-2021-41032

An improper access control vulnerability CWE-284 in FortiOS versions 6.4.8 and prior and 7.0.3 and prior may allow an authenticated attacker with a restricted user profile to gather sensitive information and modify the SSL-VPN tunnel status of other VDOMs using specific CLI commands...

CVE-2021-41032

CVE-2021-41032 is an improper access control vulnerability in FortiOS where an authenticated user with a restricted profile can gather sensitive information and modify the SSL-VPN tunnel state of other VDOMs via specific CLI commands. Affected products are FortiOS 6.4.8 and prior and 7.0.3 and pr...

CVE-2021-41032

An improper access control vulnerability CWE-284 in FortiOS versions 6.4.8 and prior and 7.0.3 and prior may allow an authenticated attacker with a restricted user profile to gather sensitive information and modify the SSL-VPN tunnel status of other VDOMs using specific CLI commands...

Moderate: Red Hat Security Advisory: OpenShift Container Platform 4.6.57 security and extras update

Red Hat OpenShift Container Platform release 4.6.57 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.6. Red Hat Product Security has rated this update as having a...

CVE-2022-20729

A vulnerability in CLI of Cisco Firepower Threat Defense FTD Software could allow an authenticated, local attacker to inject XML into the command parser. This vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by including crafted input in commands...

CVE-2022-20729

Cisco Firepower Threat Defense (FTD) Software CLI is affected by an XML injection vulnerability due to insufficient input validation in the command parser. An authenticated, local attacker could supply crafted input to inject XML, potentially causing unexpected command processing and output. Cisc...

CVE-2022-20729 Cisco Firepower Threat Defense Software XML Injection Vulnerability

A vulnerability in CLI of Cisco Firepower Threat Defense FTD Software could allow an authenticated, local attacker to inject XML into the command parser. This vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by including crafted input in commands...

Moderate: Red Hat Security Advisory: OpenShift Container Platform 4.10.12 security update

Red Hat OpenShift Container Platform release 4.10.12 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.10. Red Hat Product Security has rated this update as having a...

CVE-2022-28571

D-link 882 DIR882A1FW130B06 was discovered to contain a command injection vulnerability in/usr/bin/cli...

Command injection

D-link 882 DIR882A1FW130B06 was discovered to contain a command injection vulnerability in/usr/bin/cli...

CVE-2022-28571

D-link 882 DIR882A1FW130B06 was discovered to contain a command injection vulnerability in/usr/bin/cli...

D-link 882 操作系统命令注入漏洞

The D-Link 882 is a router from China-based AUO D-Link. The D-Link 882 suffers from an operating system command injection vulnerability that stems from the inclusion of a command injection vulnerability in /usr/bin/cli...

[SECURITY] Fedora 35 Update: podman-3.4.7-1.fc35

podman Pod Manager is a fully featured container engine that is a simple daemonless tool. podman provides a Docker-CLI comparable command line that eases the transition from other container engines and allows the management of pods, containers and images. Simply put: alias docker=3Dpodman. Most...

Fedora: Security Advisory for golang-github-spf13-cobra (FEDORA-2022-5cbd6de569)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Fedora: Security Advisory for golang-github-spf13-cobra (FEDORA-2022-3a63897745)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

[SECURITY] Fedora 34 Update: golang-github-spf13-cobra-1.4.0-2.fc34

Cobra is a library providing a simple interface to create powerful modern CLI interfaces similar to git & go tools. Cobra is also an application that will generate your application scaffolding to rapidly develop a Cobra-based application. Cobra provides: - Easy subcommand-based CLIs: app server,...