Path traversal, lead to arbitrary file write, lead to remote code execution

Description Anythingllm use multer library to handle http multi-part file upload. Anything llm use the following code to handle non-ascii file name file.originalname = Buffer.fromfile.originalname, "latin1".toString "utf8" ; This way of manipulating filename is will lead to path traversal. multer...

RLSA-2022:8506 Important: Satellite 6.12 Release

Rocky Enterprise Software Foundation Satellite is a systems management tool for Linux-based infrastructure. It allows for provisioning, remote management, and monitoring of multiple Linux deployments with a single centralized tool. Security Fixes: netty-codec: Bzip2Decoder doesn't allow setting...

Scanvus – my open source Vulnerability Scanner for Linux hosts and Docker images

Hello everyone! This video was recorded for the VMconf 22 Vulnerability Management conference, vmconf.pw. I will be talking about my open source project Scanvus. This project is already a year old and I use it almost every day. Alternative video link for Russia: Scanvus Simple Credentialed...

Moderate: Red Hat Security Advisory: Satellite 6.10 Release

An update is now available for Red Hat Satellite 6.10 for RHEL 7. Red Hat Satellite is a systems management tool for Linux-based infrastructure. It allows for provisioning, remote management, and monitoring of multiple Linux deployments with a single centralized tool. Security Fixes: python-ecdsa...

Red Hat Satellite Licensing Issue Vulnerability

Red Hat Satellite is a systems management platform from Red Hat, Inc. The platform can be used to extend the Linux infrastructure and provide system management functions such as administration, configuration, and monitoring.A security vulnerability exists in Red Hat Satellite. No details of the...

RHEL 7 : Satellite 6.7 . (Important) (RHSA-2020:1454)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:1454 advisory. Red Hat Satellite is a systems management tool for Linux-based infrastructure. It allows for provisioning, remote management, and monitoring...

Important: Red Hat Security Advisory: Satellite 6.7 release.

An update is now available for Red Hat Satellite 6.7 for RHEL 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE...

Moderate: Red Hat Security Advisory: Satellite 6.5 Release

Red Hat Satellite 6.5 for RHEL 7 is now available containing security fixes, bug fixes, and enhancements. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

Important: Red Hat Security Advisory: Red Hat Satellite Tools security update

An update is now available for Satellite Tools 6.5. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the...

A Way Forward

Carbon Black recently published a report on the challenges of securing Linux-based operating systems and how Carbon Black is redesigning the approach. For more information about how the CB Predictive Security Cloud, Carbon Black's consolidated endpoint security platform, helps enterprises cut cos...

Moderate: Red Hat Bug Fix Advisory: Red Hat Satellite 6.2 Capsule and Server

Red Hat Satellite 6.2 now available for Red Hat Enterprise Linux 6 and 7 Red Hat Satellite is a systems management tool for Linux-based infrastructures. It allows for provisioning, remote management and monitoring of multiple Linux deployments with a single, centralized tool. It performs...