com.amazonaws.serverless:aws-serverless-java-container-struts (>=1.9 <=1.9.4), com.jgeppert.struts2.bootstrap:struts2-bootstrap-plugin (>=4.0.2 <=5.0.6) +77 more potentially affected by CVE-2025-64775 via org.apache.struts:struts2-core (>=6.0.0 <=6.7.4)

org.apache.struts:struts2-core MAVEN version =6.0.0, =1.9, =4.0.2, =4.0.2, =5.0.0, =5.0.0, =5.0.0, =5.0.0, =5.0.0, =5.0.0, =5.0.0, =5.0.0, =5.0.0, =1.4.0, =1.4.1, =1.4.0, =1.4.3 and more Source cves: CVE-2025-64775 Source advisory: SNYK:JAVA-ORG...

Lazywarden - Automatic Bitwarden Backup

Secure, Automated, and Multi-Cloud Bitwarden Backup and Import System Lazywarden is a Python automation tool designed to Backup and Restore data from your vault, including Bitwarden attachments. It allows you to upload backups to multiple cloud storage services and receive notifications across...

fence-agents security update

4.10.0-62.3 - bundled jinja2: fix CVE-2024-34064 Resolves: RHEL-36482 4.10.0-62.2 - fenceeps: add fenceepsr2 for ePowerSwitch R2 and newer Resolves: RHEL-35273 4.10.0-62.1 - ha-cloud-support: upgrade bundled pyroute2 libs to fix issue in gcp-vpc-move-route's stop-action Resolves: RHEL-29668...

com.amazonaws.serverless:aws-serverless-java-container-struts (>=1.9 <=1.9.3), com.jgeppert.struts2.bootstrap:struts2-bootstrap-plugin (>=5.0.0 <=5.0.2) +52 more potentially affected by CVE-2023-50164 via org.apache.struts:struts2-core (>=6.0.0 <=6.3.0.1)

org.apache.struts:struts2-core MAVEN version =6.0.0, =1.9, =5.0.0, =5.0.0, =5.0.0, =5.0.0, =5.0.0, =5.0.0, =5.0.0, =5.0.0, =5.0.0, =5.0.0, =5.0.0, =1.4.0, =1.4.1, =1.4.0, =1.4.3 and more Source cves: CVE-2023-50164 Source advisory: OSV:GHSA-2J...

Agile Approach to Mass Cloud Credential Harvesting and Crypto Mining Sprints Ahead

Developers are not the only people who have adopted the agile methodology for their development processes. From 2023-06-15 to 2023-07-11, Permiso Security's p0 Labs team identified and tracked an attacker developing and deploying eight 8 incremental iterations of their credential harvesting malwa...

com.amazonaws.serverless:aws-serverless-java-container-struts (>=1.9 <=1.9.3), com.jgeppert.struts2.bootstrap:struts2-bootstrap-plugin (>=5.0.0 <=5.0.2) +50 more potentially affected by CVE-2023-34149 via org.apache.struts:struts2-core (>=6.0.0 <=6.1.2)

org.apache.struts:struts2-core MAVEN version =6.0.0, =1.9, =5.0.0, =5.0.0, =5.0.0, =5.0.0, =5.0.0, =5.0.0, =5.0.0, =5.0.0, =5.0.0, =5.0.0, =5.0.0, =1.4.0, =1.4.1, =1.4.0, =1.4.3 and more Source cves: CVE-2023-34149 Source advisory: OSV:GHSA-8F6X...

Arista Networks CloudEOS 资源管理错误漏洞

Arista Networks CloudEOS is a new platform version of EOS Arista Networks Extensible Operating System that supports Amazon Web Service AWS, Microsoft Azure and other public clouds. A security vulnerability exists in Arista Networks CloudEOS that results in a denial-of-service attack by sending...

SUSE-SU-2022:0593-1 Security update for SUSE Manager Server 4.2

This update fixes the following issues: c3p0: - Build with log4j mapper dhcpd-formula: - Update to version 0.1.1641480250.d5bd14c make routers option optional hibernate5: - Fix potential SQL injection CVE-2020-25638 bsc1193832 mgr-libmod: - Version 4.2.7-1 require python macros for building...

Expanded Cloud Misconfiguration & IaaS Security

Cloud One – Conformity has expanded its support for multi-clouds and Terraform users to add even more configuration checks so cloud projects are built on a foundation of best practice security and compliance...

Expanded Cloud Misconfiguration & IaaS Security

Cloud One – Conformity has expanded its support for multi-clouds and Terraform users to add even more configuration checks so cloud projects are built on a foundation of best practice security and compliance...

OPENSUSE-SU-2021:2106-1 Security update for salt

This update for salt fixes the following issues: Update to Salt release version 3002.2 jscECO-3212, jscSLE-18033, jscSLE-18028 - Check if dpkgnotify is executable bsc1186674 - Drop support for Python2. Obsoletes python2-salt package jscSLE-18028 - virt module updates network: handle missing ipv4...

Security update for salt (critical)

openSUSE Security Update: Security update for salt Announcement ID: openSUSE-SU-2021:2106-1 Rating: critical References: 1171257 1176293 1179831 1181368 1182281 1182293 1182382 1185092 1185281 1186674 ECO-3212 SLE-18028 SLE-18033 Cross-References: CVE-2018-15750 CVE-2018-15751 CVE-2020-11651...

SUSE-SU-2021:2102-1 Security update for Salt

This update fixes the following issues: salt: - Parsing Epoch out of version provided during pkg remove bsc1173692 - Fix issue parsing errors in ansiblegate state module - Prevent command injection in the snapper module bsc1185281 CVE-2021-31607 - Transactionalupdate: detect recursion in the...

Protecting multi-cloud environments with Azure Security Center

We’ve heard from many of you that multi-cloud adoption is becoming a standard operating model for your organization and that it’s challenging to have the right security controls and posture across your environment. Historically, security teams have not had effective tools to secure multi-cloud...

Security Bulletin: Vyatta 5600 vRouter Software Patches - Release 1801-zb

Summary AT&T has released versions 1801-zb for the Vyatta 5600. Details of these releases can be found at https://cloud.ibm.com/docs/infrastructure/virtual-router-appliance?topic=virtual-router-appliance-at-t-vyatta-5600-vrouter-software-patchesat-t-vyatta-5600-vrouter-software-patches...

Security Bulletin: IBM Cloud Kubernetes Service is affected by a privilege escalation vulnerability in Kubernetes API server

Summary IBM Cloud Kubernetes Service is affected by a security vulnerability in Kubernetes which in some cases can allow unauthorized access to the Kubernetes API Server and/or trusted user privilege escalation. Vulnerability Details CVEID: CVE-2018-1002105 DESCRIPTION: Kubernetes could allow a...

Aker - SSH Bastion/Jump Host/Jumpserver

Aker is a security tool that helps you configure your own Linux ssh jump/bastion host. Named after an Egyptian mythology deity who guarded the borders, Aker would act as choke point through which all your sysadmins and support staff access Linux production servers. Aker SSH gateway includes a lot...

Olive File Manager 1.0.1 iOS - Multiple Vulnerabilities

No description provided by source. Title: ====== Olive File Manager v1.0.1 iOS - Multiple Vulnerabilities Date: ===== 2013-07-13 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=1009 VL-ID: ===== 1009 Common Vulnerability Scoring System:...