Fedora 37 : python3-docs / python3.11 (2022-dbb811d203)

The remote Fedora 37 host has packages installed that are affected by a vulnerability as referenced in the FEDORA-2022-dbb811d203 advisory. Update to 3.11.1 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not tested for this...

CVE-2024-21850

creationtimestamp| type| source ---|---|--- 2024-11-13 20:39:17+00:00| seen| https://infosec.exchange/users/cve/statuses/113477573493850683...

CVE-2024-51996

Symphony process is a module for the Symphony PHP framework which executes commands in sub-processes. When consuming a persisted remember-me cookie, Symfony does not check if the username persisted in the database matches the username attached with the cookie, leading to authentication bypass. Th...

CVE-2024-50313

creationtimestamp| type| source ---|---|--- 2024-11-12 14:06:59+00:00| seen| https://infosec.exchange/users/cve/statuses/113470368581389996 2024-11-12 14:41:39+00:00| seen| https://t.me/cvedetector/10605 2024-11-14 12:00:00+00:00| seen| https://www.cisa.gov/news-events/ics-advisories/icsa-24-319-...

GO-2024-3250 Improper error handling in ParseWithClaims and bad documentation may cause dangerous situations in github.com/golang-jwt/jwt

Improper error handling in ParseWithClaims and bad documentation may cause dangerous situations in github.com/golang-jwt/jwt...

kernel: PM / devfreq: Fix buffer overflow in trans_stat_show

In the Linux kernel, the following vulnerability has been resolved: PM / devfreq: Fix buffer overflow in transstatshow Fix buffer overflow in transstatshow. Convert simple snprintf to the more secure scnprintf with size of PAGESIZE. Add condition checking if we are exceeding PAGESIZE and exit ear...

ALSA-2024:9190 Moderate: python3.12 security update

Python 3.12 is an accessible, high-level, dynamically typed, interpreted programming language, designed with an emphasis on code readability. It includes an extensive standard library, and has a vast ecosystem of third-party libraries. The python3.12 package provides the "python3.12" executable:...

CVE-2024-50230

creationtimestamp| type| source ---|---|--- 2024-11-09 11:19:35+00:00| seen| https://infosec.exchange/users/cve/statuses/113452723368145362...

Security update for python311

This update for python311 fixes the following issues: CVE-2024-9287: Fixed quoted path names provided when creating a virtual environment bsc1232241. Bug fixes: Drop .pyc files from docdir for reproducible builds bsc1230906. Patch Instructions: To install this SUSE update use the SUSE recommended...

CVE-2024-10668

creationtimestamp| type| source ---|---|--- 2024-11-07 15:29:53+00:00| seen| https://infosec.exchange/users/cve/statuses/113442382992604234 2024-11-07 17:46:20+00:00| seen| https://t.me/cvedetector/10097 2025-04-03 06:21:00+00:00| seen|...

Important: Red Hat Security Advisory: OpenShift Container Platform 4.13.53 packages and security update

Red Hat OpenShift Container Platform release 4.13.53 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.13. Red Hat Product Security has rated this update as having a...

GHSA-HXF5-99XG-86HW cap-std doesn't fully sandbox all the Windows device filenames

Impact cap-std's filesystem sandbox implementation on Windows blocks access to special device filenames such as "COM1", "COM2", "LPT0", "LPT1", and so on, however it did not block access to the special device filenames which use superscript digits, such as "COM¹", "COM²", "LPT⁰", "LPT¹", and so o...

CLSA-2024-1730801437 openssl: Fix of CVE-2024-5535

CVE-2024-5535: Validate provided client list in ssl/ssllib.c. Clarify SSLselectnextproto documentation...

New Teams Deployment Guidance for App Layering or User Personalization Layer(UPL)

Microsoft Teams 2.x has changed its installation method and now installs under C:\Program Files\WindowsApps. Based on those changes this article provides the specific steps for the deployment of the Teams 2.x in an App LayeringAL or User Personalization LayerUPL environment. For the most current...

Moderate: Red Hat Security Advisory: OpenShift Container Platform 4.17.3 security update

Red Hat OpenShift Container Platform release 4.17.3 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.17. Red Hat Product Security has rated this update as having a...

CVE-2024-44144

creationtimestamp| type| source ---|---|--- 2024-10-28 21:39:15+00:00| seen| None...

[SECURITY] Fedora 41 Update: libdigidocpp-4.0.0-1.fc41

Libdigidocpp library offers creating, signing and verification of digitally signed documents, according to XAdES and XML-DSIG standards. Documentation http://open-eid.github.io/libdigidocpp...

Metasploit Weekly Wrap-Up 10/25/2024

Hackers and Vampires Agree: Every Byte Counts Headlining the release today is a new exploit module by jheysel-r7 that chains two vulnerabilities to target Magento/Adobe Commerce systems: the first, CVE-2024-34102 is an arbitrary file read used to determine the version and layout of the glibc...

NuGet Package 'Betalgo.OpenAI' Detection

The remote host has a 'Betalgo.OpenAI' with a Verified NuGet package status and is installed on the remote host. Nessus has not tested for this issue but has instead relied only on the application's self-reported version number. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if...

UBUNTU-CVE-2024-46478

HTMLDOC v1.9.18 contains a buffer overflow in parsepre function,ps-pdf.cxx:5681...