Insecure Certificate Validation

wp-cli/wp-cli uses insecure certificate validation. The vulnerability exists due to an improper error handling in HTTPS requests management...

Cisco Firepower Management Center Information Disclosure (cisco-sa-fmc-infodisc-RJdktM6f)

The version of Cisco Firepower Management Center installed on the remote host is prior to 6.7.0. It is, therefore, affected by a vulnerability as referenced in the cisco-sa-fmc-infodisc-RJdktM6f advisory. Specifically, a vulnerability in the storage of proxy server credentials of Cisco Firepower...

Improper Certificate Validation in WP-CLI framework

Impact An improper error handling in HTTPS requests management in WP-CLI version 0.12.0 and later allows remote attackers able to intercept the communication to remotely disable the certificate verification on WP-CLI side, gaining full control over the communication content, including the ability...

GHSA-RWGM-F83R-V3QJ Improper Certificate Validation in WP-CLI framework

Impact An improper error handling in HTTPS requests management in WP-CLI version 0.12.0 and later allows remote attackers able to intercept the communication to remotely disable the certificate verification on WP-CLI side, gaining full control over the communication content, including the ability...

Moderate: Red Hat Security Advisory: OpenShift Container Platform 4.7.11 security and bug fix update

Red Hat OpenShift Container Platform release 4.7.11 is now available with updates to packages and images that fix several bugs. This release includes a security update for Red Hat OpenShift Container Platform 4.7. Red Hat Product Security has rated this update as having a security impact of...

rxvt 2.7.0 / rxvt-unicode 9.22 Code Execution Exploit

rxvt version 2.7.0 and rxvt-unicode version 9.22 incorrectly handles ANSI escape sequences allowing for arbitrary code execution. !/usr/bin/env python Title: rxvt remote code execution over scp with $SHELL=/bin/bash 0day Version: rxvt 2.7.10, rxvt-unicode 9.22 Author: def Date: 2021-05-16 CVE: N/...

GHSA-5RCV-M4M3-HFH7 vulnerabilities

Vulnerabilities for packages: k3d, vt-cli...

GHSA-5RCV-M4M3-HFH7 vulnerabilities

Vulnerabilities for packages: vt-cli, k3d...

stratis-cli bug fix and enhancement update

For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section...

stratis-cli bug fix and enhancement update

An update is available for stratis-cli, stratisd. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the...

3.6 bug fix and enhancement update

An update is available for apache-commons-io, atinject, jsr-305, maven-shared-utils, plexus-cipher, aopalliance, plexus-classworlds, guava, apache-commons-cli, plexus-containers, plexus-sec-dispatcher, httpcomponents-client, maven-resolver, apache-commons-lang3, plexus-interpolation, sisu,...

nvme-cli bug fix and enhancement update

For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section...

nvme-cli bug fix and enhancement update

An update is available for nvme-cli. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rocky Enterpris...

docsify-cli (>=0.1.0 <=1.3.0) potentially affected by CVE-2020-7680 via docsify (=0.0.5)

docsify NPM version =0.0.5 is affected by a known vulnerability. The following packages have a transitive dependency on docsify and may be impacted: - docsify-cli =0.1.0, =1.3.0 Source cves: CVE-2020-7680 Source advisory: OSV:GHSA-QPQH-46QJ-VWCW...

openSUSE Security Update : syncthing (openSUSE-2021-688)

"This update for syncthing fixes the following issues : Update to 1.15.0/1.15.1 - This release fixes a vulnerability where Syncthing and the relay server can crash due to malformed relay protocol messages CVE-2021-21404 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and...

@0xgg/echomd (>=1.0.0 <=1.0.4), @budibase/client (>=3.8.2 <=3.24.3) +117 more potentially affected by CVE-2020-7690 via jspdf (>=1.0.272 <=1.5.2)

jspdf NPM version =1.0.272, =1.0.0, =3.8.2, =0.0.3, =1.0.0, =2.6.4, =1.54.0, =0.2.1, =1.1.4, =0.0.0-dev.0ebca38, =1.0.0, =0.0.98, =1.15.0-alpha.1, =1.18.11 and more Source cves: CVE-2020-7690 Source advisory: OSV:GHSA-VH59-V9R5-4MH4...

Improper Certificate Validation in WP-CLI framework

Description Impact An improper error handling in HTTPS requests management in WP-CLI version 0.12.0 and later allows remote attackers able to intercept the communication to remotely disable the certificate verification on WP-CLI side, gaining full control over the communication content, including...

Improper Certificate Validation in WP-CLI framework

Impact An improper error handling in HTTPS requests management in WP-CLI version 0.12.0 and later allows remote attackers able to intercept the communication to remotely disable the certificate verification on WP-CLI side, gaining full control over the communication content, including the ability...

openSUSE: Security Advisory for syncthing (openSUSE-SU-2021:0688-1)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

OPENSUSE-SU-2021:0713-1 Security update for syncthing

This update for syncthing fixes the following issues: Update to 1.15.0/1.15.1 This release fixes a vulnerability where Syncthing and the relay server can crash due to malformed relay protocol messages CVE-2021-21404; see GHSA-x462-89pf-6r5h. boo1184428 This release updates the CLI to use...