UBUNTU-CVE-2023-30581

The use of proto in process.mainModule.proto.require can bypass the policy mechanism and require modules outside of the policy.json definition. This vulnerability affects all users using the experimental policy mechanism in all active release lines: v16, v18 and, v20. Please note that at the time...

samba: "rpcecho" development server allows denial of service via sleep() call on AD DC

A vulnerability was found in Samba's "rpcecho" development server, a non-Windows RPC server used to test Samba's DCE/RPC stack elements. This vulnerability stems from an RPC function that can be blocked indefinitely. The issue arises because the "rpcecho" service operates with only one worker in...

DrayTek Vigor2960 Path Traversal Vulnerability

DrayTek Vigor2960 is a dual WAN broadband router/VPN gateway from China's DrayTek. A path traversal vulnerability exists in the Draytek Vigor2960 v1.5.1.4 , v1.5.1.5 versions, which stems from a vulnerable directory traversal attack on the option parameter in the mainfunction.cgi dumpSyslog,...

PT-2024-19522 · D Link · D-Link Dir-815

Name of the Vulnerable Software and Affected Versions: D-Link DIR-815 router firmware version 1.04 Description: There is a command injection issue in the ssdpcgi main function of the cgibin binary. This affects the D-Link DIR-815 router firmware. Recommendations: For D-Link DIR-815 router firmwar...

RUSTSEC-2023-0121 `libusb1-main` was removed from crates.io for malicious code

This crate was part of a typosquatting malware cluster published by the user Kraded to run an arbitrary malware payload on Windows hosts. This advisory is to retrospectively document this attempted attack. The version information and download records of the malicious crate are no longer available...

`lfest-main` was removed from crates.io for malicious code

This crate was part of a typosquatting malware cluster published by the user Kraded to run an arbitrary malware payload on Windows hosts. This advisory is to retrospectively document this attempted attack. The version information and download records of the malicious crate are no longer available...

RUSTSEC-2023-0106 `lfest-main` was removed from crates.io for malicious code

This crate was part of a typosquatting malware cluster published by the user Kraded to run an arbitrary malware payload on Windows hosts. This advisory is to retrospectively document this attempted attack. The version information and download records of the malicious crate are no longer available...

SUSE CVE-2023-42814

Kyverno is a policy engine designed for Kubernetes. A security vulnerability was found in Kyverno where an attacker could cause denial of service of Kyverno. The vulnerable component in Kyvernos Notary verifier. An attacker would need control over the registry from which Kyverno would fetch...

SUSE CVE-2023-42815

Kyverno is a policy engine designed for Kubernetes. A security vulnerability was found in Kyverno where an attacker could cause denial of service of Kyverno. The vulnerability was in Kyvernos Notary verifier. An attacker would need control over the registry from which Kyverno would fetch...

SUSE CVE-2023-42813

Kyverno is a policy engine designed for Kubernetes. A security vulnerability was found in Kyverno where an attacker could cause denial of service of Kyverno. The vulnerable component in Kyvernos Notary verifier. An attacker would need control over the registry from which Kyverno would fetch...

SUSE CVE-2023-42816

Kyverno is a policy engine designed for Kubernetes. A security vulnerability was found in Kyverno where an attacker could cause denial of service of Kyverno. The vulnerability was in Kyvernos Notary verifier. An attacker would need control over the registry from which Kyverno would fetch...

PT-2023-28603 · Kyverno · Kyverno

Name of the Vulnerable Software and Affected Versions: Kyverno versions 1.11.0 and later, built from the main branch Description: A security issue was found in Kyverno, a policy engine for Kubernetes, where an attacker could cause a denial of service. The issue lies in Kyverno's Notary verifier. ...

PT-2023-28601 · Kyverno · Kyverno

Name of the Vulnerable Software and Affected Versions: Kyverno versions 1.11.0 and later, built from the main branch Description: A security issue was found in Kyverno, a policy engine for Kubernetes, where an attacker could cause denial of service. The vulnerable component is Kyverno's Notary...

PT-2023-28602 · Kyverno · Kyverno

Name of the Vulnerable Software and Affected Versions: Kyverno version 1.11.0 Description: A security issue was found in Kyverno, a policy engine for Kubernetes, where an attacker could cause denial of service. The issue is in Kyverno's Notary verifier. An attacker would need control over the...

PT-2023-28600 · Kyverno · Kyverno

Name of the Vulnerable Software and Affected Versions: Kyverno versions 1.11.0 and later built from the main branch Description: A security issue was found in Kyverno, a policy engine for Kubernetes, where an attacker could cause denial of service. The vulnerable component is Kyverno's Notary...

NewStart CGSL MAIN 6.06 : containerd.io Multiple Vulnerabilities (NS-SA-2023-0139)

The remote NewStart CGSL host, running version MAIN 6.06, has containerd.io packages installed that are affected by multiple vulnerabilities: - runc is a CLI tool for spawning and running containers according to the OCI specification. In affected versions it was found that rootless runc makes...

NewStart CGSL MAIN 6.06 : dhcp Multiple Vulnerabilities (NS-SA-2023-0134)

The remote NewStart CGSL host, running version MAIN 6.06, has dhcp packages installed that are affected by multiple vulnerabilities: - In ISC DHCP 4.4.0 - 4.4.3, ISC DHCP 4.1-ESV-R1 - 4.1-ESV-R16-P1, when the function optioncodehashlookup is called from addoption, it increases the option's refcou...

NewStart CGSL MAIN 6.06 : ctags Vulnerability (NS-SA-2023-0143)

The remote NewStart CGSL host, running version MAIN 6.06, has ctags packages installed that are affected by a vulnerability: - A flaw was found in Exuberant Ctags in the way it handles the -o option. This option specifies the tag filename. A crafted tag filename specified in the command line or i...

NewStart CGSL MAIN 6.06 : python3 Multiple Vulnerabilities (NS-SA-2023-0130)

The remote NewStart CGSL host, running version MAIN 6.06, has python3 packages installed that are affected by multiple vulnerabilities: - A flaw was found in python. In algorithms with quadratic time complexity using non-binary bases, when using inttext, a system could take 50ms to parse an int...

NewStart CGSL MAIN 6.06 : libldb Vulnerability (NS-SA-2023-0133)

The remote NewStart CGSL host, running version MAIN 6.06, has libldb packages installed that are affected by a vulnerability: - A flaw was found in the Samba AD LDAP server. The AD DC database audit logging module can access LDAP message values freed by a preceding database module, resulting in a...