Important: Red Hat Security Advisory: OpenShift Container Platform 4.5.33 bug fix and security update

Red Hat OpenShift Container Platform release 4.5.33 is now available with updates to packages and images that fix several bugs and add enhancements. This release also includes a security update for Red Hat OpenShift Container Platform 4.5. Red Hat Product Security has rated this update as having ...

Fake-Sms - A Simple Command Line Tool Using Which You Can Skip Phone Number Based SMS Verification By Using A Temporary Phone Number That Acts Like A Proxy

A simple command line tool using which you can skip phone number based SMS verification by using a temporary phone number that acts like a proxy. Note-1: This is just an experimental tool, do not use this in any banking transactions. Unethical use of this tool is strictly not encouraged." Note-2:...

docsify-cli (>=0.1.0 <=1.3.0) potentially affected by CVE-2021-23342 via docsify (=0.0.5)

docsify NPM version =0.0.5 is affected by a known vulnerability. The following packages have a transitive dependency on docsify and may be impacted: - docsify-cli =0.1.0, =1.3.0 Source cves: CVE-2021-23342 Source advisory: OSV:GHSA-2MM9-C2FX-C7M4...

[SECURITY] Fedora 33 Update: podman-3.0.1-1.fc33

podman Pod Manager is a fully featured container engine that is a simple daemonless tool. podman provides a Docker-CLI comparable command line that eases the transition from other container engines and allows the management of pods, containers and images. Simply put: alias docker=3Dpodman. Most...

CVE-2021-24087

Azure IoT CLI extension Elevation of Privilege Vulnerability...

Privilege escalation

Azure IoT CLI extension Elevation of Privilege Vulnerability...

CVE-2021-24087

CVE-2021-24087 is an Elevation of Privilege vulnerability affecting the Azure IoT CLI extension. The CVE is documented by NVD with CVSSv3.1 base score 7.8 (high) and a local, low-attack-complexity vector, indicating attacker requires local access and low privileges to exploit, with no user intera...

CVE-2021-24087 Azure IoT CLI extension Elevation of Privilege Vulnerability

...

Moderate: Red Hat Security Advisory: OpenShift Container Platform 4.7.0 extras and security update

Red Hat OpenShift Container Platform release 4.7.0 is now available with updates to packages and images that fix several bugs and add enhancements. This release also includes a security update for Red Hat OpenShift Container Platform 4.7. Red Hat Product Security has rated this update as having a...

OSV-2021-435 Stack-buffer-overflow in ot::Cli::Interpreter::OutputFormatV

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=31232 Crash type: Stack-buffer-overflow READ Crash state: ot::Cli::Interpreter::OutputFormatV ot::Cli::Interpreter::OutputLine ot::Cli::Interpreter::HandleDnsServiceResponse...

OSV-2021-411 UNKNOWN READ in ot::Cli::Interpreter::OutputFormatV

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=31002 Crash type: UNKNOWN READ Crash state: ot::Cli::Interpreter::OutputFormatV ot::Cli::Interpreter::OutputLine ot::Cli::SrpServer::ProcessDomain...

CVE-2021-23338

This affects all versions of package qlib. The workflow function in cli part of qlib was using an unsafe YAML load function...

CVE-2021-23338

CVE-2021-23338 affects all versions of the qlib package. The CLI workflow function uses an unsafe YAML load, enabling Deserialization of Untrusted Data. There is no explicit exploitation detail provided in the initial documents. Several connected advisories corroborate a Deserialization of Untrus...

CVE-2021-27171

An issue was discovered on FiberHome HG6245D devices through RP2613. It is possible to start a Linux telnetd as root on port 26/tcp by using the CLI interface commands of ddd and shell or tshell...

CVE-2021-27173

An issue was discovered on FiberHome HG6245D devices through RP2613. There is a telnet?enable=0&key=calculatedBR0MAC backdoor API, without authentication, provided by the HTTP server. This will remove firewall rules and allow an attacker to reach the telnet server used for the CLI...

Design/Logic Flaw

An issue was discovered on FiberHome HG6245D devices through RP2613. It is possible to start a Linux telnetd as root on port 26/tcp by using the CLI interface commands of ddd and shell or tshell...

CVE-2021-27171

The CVE-2021-27171 issue affects FiberHome HG6245D devices through RP2613. It allows starting a Linux telnetd as root on port 26/tcp by issuing CLI commands (ddd and shell/tshell), enabling complete control per the connected sources. Root-level access is the stated impact; no explicit exploitatio...

CVE-2021-27171

An issue was discovered on FiberHome HG6245D devices through RP2613. It is possible to start a Linux telnetd as root on port 26/tcp by using the CLI interface commands of ddd and shell or tshell...

CVE-2021-27173

An issue was discovered on FiberHome HG6245D devices through RP2613. There is a telnet?enable=0&key=calculatedBR0MAC backdoor API, without authentication, provided by the HTTP server. This will remove firewall rules and allow an attacker to reach the telnet server used for the CLI...

Important: Red Hat Security Advisory: OpenShift Container Platform 4.5.31 bug fix and security update

Red Hat OpenShift Container Platform release 4.5.31 is now available with updates to packages and images that fix several bugs. This release also includes a security update for Red Hat OpenShift Container Platform 4.5. Red Hat Product Security has rated this update as having a security impact of...