257 matches found
Mageia: Security Advisory (MGASA-2022-0294)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] Fedora 36 Update: skopeo-1.9.0-4.fc36
Command line utility to inspect images and repositories directly on Docker registries without the need to pull them...
Malformed CAR panics and excessive memory usage
Impact Versions impacted = [email protected] = [email protected] Description of user-facing changes...
container-tools:rhel8 bug fix update
The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Bug Fixes: Udica crashes when processing inspect file without capabilities BZ2077472...
ALBA-2022:2141 container-tools:rhel8 bug fix update
The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Bug Fixes: Udica crashes when processing inspect file without capabilities BZ2077472...
[SECURITY] Fedora 36 Update: skopeo-1.7.0-1.fc36
Command line utility to inspect images and repositories directly on Docker registries without the need to pull them...
Bazaar Web PHP Social Listings Shell Upload Vulnerability
-- Exploit Title: Bazaar Web PHP Social Listings Arbitrary File Upload Exploit Author: Sohel Yousef - email protected Software Link: https://codecanyon.net/item/bazaar-social-listing-shopping-web-php-template/23207913 Software Demo :https://xserver.app/apps/bazaar-web/index.php Category: webapps ...
Access Control Bypass
keepalived is vulberable to access control bypass. The vulnerability exists due to the lack of sanitization of the message destination, allowing any user to inspect and manipulate any property...
CVE-2019-5640
Rapid7 Nexpose versions prior to 6.6.114 suffer from an information exposure issue whereby, when the user's session has ended due to inactivity, an attacker can use the inspect element browser feature to remove the login panel and view the details available in the last webpage visited by previous...
Design/Logic Flaw
Rapid7 Nexpose versions prior to 6.6.114 suffer from an information exposure issue whereby, when the user's session has ended due to inactivity, an attacker can use the inspect element browser feature to remove the login panel and view the details available in the last webpage visited by previous...
PT-2021-9120 · Rapid7 · Rapid7 Nexpose
Name of the Vulnerable Software and Affected Versions: Rapid7 Nexpose versions prior to 6.6.114 Description: The issue allows an attacker to expose information when a user's session has ended due to inactivity. By using the inspect element browser feature, an attacker can remove the login panel a...
SUSE: Security Advisory (SUSE-SU-2021:1108-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
nodejs: DNS rebinding in --inspect
A flaw was found in nodejs. A denial of service is possible when the whitelist includes “localhost6”. When “localhost6” is not present in /etc/hosts, it is just an ordinary domain that is resolved via DNS over the network. If the attacker controls the victim's DNS server or can spoof its response...
nodejs: DNS rebinding in --inspect
A flaw was found in nodejs. A denial of service is possible when the whitelist includes “localhost6”. When “localhost6” is not present in /etc/hosts, it is just an ordinary domain that is resolved via DNS over the network. If the attacker controls the victim's DNS server or can spoof its response...
nodejs: DNS rebinding in --inspect
A flaw was found in nodejs. A denial of service is possible when the whitelist includes “localhost6”. When “localhost6” is not present in /etc/hosts, it is just an ordinary domain that is resolved via DNS over the network. If the attacker controls the victim's DNS server or can spoof its response...
CentOS 8 : nodejs:10 (CESA-2021:0735)
The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2021:0735 advisory. - nodejs: HTTP2 'unknownProtocol' cause DoS by resource exhaustion CVE-2021-22883 - nodejs: DNS rebinding in --inspect CVE-2021-22884 Note that Nessus...
nodejs: DNS rebinding in --inspect
A flaw was found in nodejs. A denial of service is possible when the whitelist includes “localhost6”. When “localhost6” is not present in /etc/hosts, it is just an ordinary domain that is resolved via DNS over the network. If the attacker controls the victim's DNS server or can spoof its response...
nodejs: DNS rebinding in --inspect
A flaw was found in nodejs. A denial of service is possible when the whitelist includes “localhost6”. When “localhost6” is not present in /etc/hosts, it is just an ordinary domain that is resolved via DNS over the network. If the attacker controls the victim's DNS server or can spoof its response...
CentOS 8 : nodejs:14 (CESA-2021:0744)
The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2021:0744 advisory. - nodejs: HTTP2 'unknownProtocol' cause DoS by resource exhaustion CVE-2021-22883 - nodejs: DNS rebinding in --inspect CVE-2021-22884 Note that Nessus...
Security update for nodejs10 (important)
openSUSE Security Update: Security update for nodejs10 Announcement ID: openSUSE-SU-2021:0372-1 Rating: important References: 1182333 1182619 1182620 Cross-References: CVE-2021-22883 CVE-2021-22884 CVE-2021-23840 CVSS scores: CVE-2021-22883 SUSE: 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H...