8 matches found
Exploit for OS Command Injection in Apache Spark
CVE-2022-33891 Apache Spark Shell Command Injection Vulnerabil...
CVE-2022-33891
The Apache Spark UI offers the possibility to enable ACLs via the configuration option spark.acls.enable. With an authentication filter, this checks whether a user has access permissions to view or modify the application. If ACLs are enabled, a code path in HttpSecurityFilter can allow someone to...
Debian DSA-3397-1 : wpa - security update
Several vulnerabilities have been discovered in wpasupplicant and hostapd. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2015-4141 Kostya Kortchinsky of the Google Security Team discovered a vulnerability in the WPS UPnP function with HTTP chunked...
FreeBSD : suricata -- TLS/DER Parser Bug (DoS) (fe910ed6-f88d-11e4-9ae3-0050562a4d7b)
OISF Development Team reports : The OISF development team is pleased to announce Suricata 2.0.8. This release fixes a number of issues in the 2.0 series. The most important issue is a bug in the DER parser which is used to decode SSL/TLS certificates could crash Suricata. This issue was reported ...
[SECURITY] [DSA 3254-1] suricata security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3254-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso May 09, 2015 http://www.debian.org/security/faq -...
Debian: Security Advisory (DSA-3254-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
suricata -- TLS/DER Parser Bug (DoS)
OISF Development Team reports: The OISF development team is pleased to announce Suricata 2.0.8. This release fixes a number of issues in the 2.0 series. The most important issue is a bug in the DER parser which is used to decode SSL/TLS certificates could crash Suricata. This issue was reported b...
VMware Fixes Privilege Escalation Vulnerability
Virtualization software maker VMware issued an update last Thursday resolving a virtual machine communication interface VMCI vulnerability in its ESX Server, Workstation, Fusion and View products that could lead to a privilege escalation if unpatched. According to the VMware security advisory, a...