CVE-2023-38371 IBM Security Access Manager Docker information disclosure

IBM Security Access Manager Docker 10.0.0.0 through 10.0.7.1 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 261198...

CVE-2023-38371 IBM Security Access Manager Docker information disclosure

IBM Security Access Manager Docker 10.0.0.0 through 10.0.7.1 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 261198...

Exploit for Exposure of Sensitive Information to an Unauthorized Actor in Owncloud Graph_Api

🇮🇱 BringThemHome NeverAgainIsNow 🇮🇱 We demand the...

PT-2024-12251 · Ibm · Ibm Security Access Manager Docker

Name of the Vulnerable Software and Affected Versions: IBM Security Access Manager Docker versions 10.0.0.0 through 10.0.7.1 Description: The issue allows a local user to obtain root access due to improper access controls. Recommendations: For IBM Security Access Manager Docker versions 10.0.0.0...

PT-2024-12719 · Ibm · Ibm Security Access Manager Docker

Name of the Vulnerable Software and Affected Versions: IBM Security Access Manager Docker versions 10.0.0.0 through 10.0.7.1 Description: The issue is related to the use of weaker than expected cryptographic algorithms, which could allow an attacker to decrypt highly sensitive information...

PT-2024-12716 · Ibm · Ibm Security Access Manager

Name of the Vulnerable Software and Affected Versions: IBM Security Access Manager Docker versions 10.0.0.0 through 10.0.7.1 Description: The issue could disclose sensitive information to a local user due to improper permission controls. Recommendations: For versions 10.0.0.0 through 10.0.7.1,...

PT-2024-12250 · Ibm · Ibm Security Access Manager

Name of the Vulnerable Software and Affected Versions: IBM Security Access Manager Docker versions 10.0.0.0 through 10.0.7.1 Description: The issue allows a local user to obtain root access due to improper access controls. Recommendations: For versions 10.0.0.0 through 10.0.7.1, update to a versi...

Security Bulletin: IBM Edge Application Manager 4.5.6 addresses the security vulnerabilities listed in the CVEs below.

Summary IBM Edge Application Manager 4.5.6 addresses the security vulnerabilities listed in the CVEs below. Vulnerability Details CVEID:CVE-2024-29018 DESCRIPTION: moby could allow a remote attacker to obtain sensitive information, caused by incorrect resource transfer between spheres. By sending...

Security Bulletin: IBM Security Verify Access is vulnerable to multiple Security Vulnerabilities

Summary The IBM Security Verify Access Appliance and IBM Security Verify Access Container has addressed multiple vulnerabilities in release 10.0.8.0. Vulnerability Details CVEID:CVE-2023-38371 DESCRIPTION: IBM Security Access Manager uses weaker than expected cryptographic algorithms that could...

Automad 2.0.0-alpha.4 Cross Site Scripting

Exploit Title: Automad 2.0.0-alpha.4 - Stored Cross-Site Scripting XSS Date: 20-06-2024 Exploit Author: Jerry Thomas w3bn00b3r Vendor Homepage: https://automad.org Software Link: https://github.com/marcantondahmen/automad Category: Web Application Flat File CMS Version: 2.0.0-alpha.4 Tested on:...

Automad 2.0.0-alpha.4 - Stored Cross-Site Scripting (XSS)

Exploit Title: Automad 2.0.0-alpha.4 - Stored Cross-Site Scripting XSS Date: 20-06-2024 Exploit Author: Jerry Thomas w3bn00b3r Vendor Homepage: https://automad.org Software Link: https://github.com/marcantondahmen/automad Category: Web Application Flat File CMS Version: 2.0.0-alpha.4 Tested on:...

Malicious code in remove-docker-tag (npm)

--- -= Per source details. Do not edit below this line.=-...

MAL-2024-2956 Malicious code in remove-docker-tag (npm)

--- -= Per source details. Do not edit below this line.=-...

Malicious code in browserstack-docker-example (npm)

--- -= Per source details. Do not edit below this line.=-...

MAL-2024-1842 Malicious code in browserstack-docker-example (npm)

--- -= Per source details. Do not edit below this line.=-...

SUSE-SU-2024:2182-1 Security update for python-docker

This update for python-docker fixes the following issues: - CVE-2024-35195: Fixed missing certificate verification bsc1224788...

Critical RCE Vulnerability Discovered in Ollama AI Infrastructure Tool

Cybersecurity researchers have detailed a now-patched security flaw affecting the Ollama open-source artificial intelligence AI infrastructure platform that could be exploited to achieve remote code execution. Tracked as CVE-2024-37032, the vulnerability has been codenamed Probllama by cloud...

Improper line feed handling in zenml

A denial of service DoS vulnerability exists in zenml-io/zenml version 0.56.3 due to improper handling of line feed \n characters in component names. When a low-privileged user adds a component through the API endpoint api/v1/workspaces/default/components with a name containing a \n character, it...

GHSA-7GJR-HCC3-XFR4 Improper line feed handling in zenml

A denial of service DoS vulnerability exists in zenml-io/zenml version 0.56.3 due to improper handling of line feed \n characters in component names. When a low-privileged user adds a component through the API endpoint api/v1/workspaces/default/components with a name containing a \n character, it...

CVE-2024-4460

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...