4422 matches found
SharpSCCM - A C# Utility For Interacting With SCCM
SharpSCCM is a post-exploitation tool designed to leverage Microsoft Endpoint Configuration Manager a.k.a. ConfigMgr, formerly SCCM for lateral movement and credential gathering without requiring access to the SCCM administration console GUI. SharpSCCM was initially created to execute user huntin...
[SECURITY] Fedora 36 Update: varnish-7.0.3-2.fc36
This is Varnish Cache, a high-performance HTTP accelerator. Varnish Cache stores web pages in memory so web servers don=EF=BF=BD=EF=BF=BD =EF=BF=BDt have to create the same web page over and over again. Varnish Cache serves pages much faster than any application server; giving the website a...
[SECURITY] Fedora 37 Update: varnish-7.1.2-1.fc37
This is Varnish Cache, a high-performance HTTP accelerator. Varnish Cache stores web pages in memory so web servers don=EF=BF=BD=EF=BF=BD =EF=BF=BDt have to create the same web page over and over again. Varnish Cache serves pages much faster than any application server; giving the website a...
CVE-2022-36449
creationtimestamp| type| source ---|---|--- 2022-11-22 21:05:00+00:00| seen| https://googleprojectzero.blogspot.com/2022/11/mind-the-gap.html 2022-11-24 12:08:24+00:00| published-proof-of-concept| https://t.me/truesecator/3742 2023-06-12 00:58:47+00:00| published-proof-of-concept|...
virt-v2v security, bug fix, and enhancement update
2.0.7-6.0.1 - Replaced bugzilla.oracle.com references Orabug: 34202300 - replaced upstream references Orabug:34089586 1:2.0.7-6 - Install qemu-ga package during conversion resolves: rhbz2028764 1:2.0.7-5 - Remove LVM2 devices file during conversion resolves: rhbz2112801 - Add support for Zstandar...
SUSE: Security Advisory (SUSE-SU-2022:4071-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE-SU-2022:4071-1 Security update for python39
This update for python39 fixes the following issues: Security fixes: - CVE-2022-42919: Fixed local privilege escalation via the multiprocessing forkserver start method bsc1204886. - CVE-2022-45061: Fixed a quadratic IDNA decoding time bsc1205244. Other fixes: - Allow building of documentation wit...
SUSE-SU-2022:4004-1 Security update for python310
This update for python310 fixes the following issues: Security fixes: - CVE-2022-42919: Fixed local privilege escalation via the multiprocessing forkserver start method bsc1204886. - CVE-2022-45061: Fixed a quadratic IDNA decoding time bsc1205244. Other fixes: - allow building of documentation wi...
SUSE-SU-2022:3999-1 Security update for systemd
This update for systemd fixes the following issues: - CVE-2022-3821: Fixed buffer overrun in formattimespan function bsc1204968. - Import commit 0cd50eedcc0692c1f907b24424215f8db7d3b428 0469b9f2bc pstore: do not try to load all known pstore modules ad05f54439 pstore: Run after modules are loaded...
containers-common bug fix and enhancement update
An update is available for containers-common. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The containers-common package contains common configuration files a...
The function _execute could be called externally
Lines of code Vulnerability details Author: rotcivegaf Impact The execute use a modifier to only can called internally, also specified in the documentation of the function: Must be called internally. But this modifier can be pass if a contract call the execute or bulkExecute and in the returnDust...
Initialization function can be front-run
Lines of code Vulnerability details Detailed description of the impact of this finding: Exchange.sol has initialization function that can be front-run, allowing an attacker to incorrectly initialize the contract. Due to the use of the delegatecall proxy pattern, Exchange.sol cannot be initialized...
Fedora: Security Advisory for python3-docs (FEDORA-2022-362bd01539)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Security Bulletin: IBM App Connect Enterprise Certified Container IntegrationServer operands that use the JDBC connector may be vulnerable to denial of service due to CVE-2022-25647
Summary Google Gson is used by IBM App Connect Enterprise Certified Container in the JDBC connector. IBM App Connect Enterprise Certified Container IntegrationServer operands that use the JDBC connector may be vulnerable to denial of service. This bulletin provides patch information to address th...
Security Bulletin: IBM App Connect Enterprise Certified Container operands may be vulnerable to arbitrary code execution due to CVE-2022-1292
Summary OpenSSL is used by IBM App Connect Enterprise Certified Container for processing certificates. IBM App Connect Enterprise Certified Container operands may be vulnerable to arbitrary code execution. This bulletin provides patch information to address the reported vulnerability CVE-2022-129...
Security Bulletin: IBM App Connect Enterprise Certified Container DesignerAuthoring operands that use Mapping Assistance may be vulnerable to loss of confidentiality due to CVE-2022-28615
Summary Apache HTTP Server is used by IBM App Connect Enterprise Certified Container for Mapping Assistance. IBM App Connect Enterprise Certified Container DesignerAuthoring operands that use Mapping Assistance may be vulnerable to loss of confidentiality. This bulletin provides patch information...
Security Bulletin: IBM App Connect Enterprise Certified Container DesignerAuthoring operands that use Mapping Assistance may be vulnerable to denial of service due to CVE-2020-13950
Summary Apache HTTP Server is used by IBM App Connect Enterprise Certified Container for Mapping Assistance. IBM App Connect Enterprise Certified Container DesignerAuthoring operands that use Mapping Assistance may be vulnerable to denial of service. This bulletin provides patch information to...
Security Bulletin: IBM App Connect Enterprise Certified Container operands may be vulnerable to denial of service due to CVE-2022-29824
Summary GNOME libxml2 is not used directly by IBM App Connect Enterprise Certified Container but is present in the operand images as part of the base operating system. Use of libxml2 within IBM App Connect Enterprise Certified Container operands may be vulnerable to arbitrary code execution and...
Security Bulletin: IBM App Connect Enterprise Certified Container operands may be vulnerable to arbitrary code execution due to CVE-2022-1586
Summary PCRE2 is provided as part of the base operating system in IBM App Connect Enterprise Certified Container operands. IBM App Connect Enterprise Certified Container operands may be vulnerable to arbitrary code execution. This bulletin provides patch information to address the reported...
Security Bulletin: IBM App Connect Enterprise Certified Container operands may be vulnerable to loss of confidentiality due to CVE-2022-0235
Summary Node.js module node-fetch is used by IBM App Connect Enterprise Certified Container for HTTP communications. IBM App Connect Enterprise Certified Container operands may be vulnerable to loss of confidentiality. This bulletin provides patch information to address the reported vulnerability...