.NET 6.0 bugfix update

An update is available for dotnet6.0. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list .NET Core is a managed-software framework. It implements a subset of the .N...

.NET 7.0 security update

An update is available for dotnet7.0. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list .NET is a managed-software framework. It implements a subset of the .NET...

Cisco Firepower Management Center Software Object Group Access Control List Bypass (cisco-sa-fmc-object-bypass-fTH8tDjq)

A vulnerability in the Object Groups for Access Control Lists ACLs feature of Cisco Firepower Management Center FMC Software could allow an unauthenticated, remote attacker to bypass configured access controls on managed devices that are running Cisco Firepower Threat Defense FTD Software. This...

Enabling Proactive Security with Continuous Threat Exposure Management (CTEM) for Managed Service Providers

...

CVE-2021-47314

In the Linux kernel, the following vulnerability has been resolved: memory: fslifc: fix leak of private memory on probe failure On probe error the driver should free the memory allocated for private structure. Fix this by using resource-managed allocation...

Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

Overview Affected versions of this package are vulnerable to Concurrent Execution using Shared Resource with Improper Synchronization 'Race Condition' in the authentication process. An attacker can elevate privileges by exploiting race conditions during the token validation steps. This is only...

Mitsubishi Electric CC-Link IE TSN Industrial Managed Switch

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 5.1 ATTENTION : Exploitable remotely/low attack complexity Vendor : Mitsubishi Electric Equipment : CC-Link IE TSN Industrial Managed Switch Vulnerability : Allocation of Resources Without Limits or Throttling 2. RISK EVALUATION Successful exploitation of...

Microsoft Azure SQL Managed Instance Documentation SAS Token Incorrect Permission Assignment Authentication Bypass Vulnerability

This vulnerability allows remote attackers to bypass authentication on Microsoft Azure. Authentication is not required to exploit this vulnerability. The specific flaw exists within the permissions granted to an SAS token. An attacker can leverage this vulnerability to launch a supply-chain attac...

The vulnerability of the TIBCO Managed File Transfer Platform Server stems from deficiencies in authentication procedures. This allows attackers to circumvent security restrictions, increase their privileges, and execute arbitrary commands.

The vulnerability of the TIBCO Managed File Transfer Platform Server is related to deficiencies in the authentication process. Exploiting this vulnerability allows a malicious actor to bypass security restrictions using the user’s identifier and password, thereby increasing their privileges and...

SUSE CVE-2024-36940

In the Linux kernel, the following vulnerability has been resolved: pinctrl: core: delete incorrect free in pinctrlenable The "pctldev" struct is allocated in devmpinctrlregisterandinit. It's a devm managed pointer that is freed by devmpinctrldevrelease, so freeing it in pinctrlenable will lead t...

CVE-2024-36940

In the Linux kernel, the following vulnerability has been resolved: pinctrl: core: delete incorrect free in pinctrlenable The "pctldev" struct is allocated in devmpinctrlregisterandinit. It's a devm managed pointer that is freed by devmpinctrldevrelease, so freeing it in pinctrlenable will lead t...

CVE-2024-36940 pinctrl: core: delete incorrect free in pinctrl_enable()

In the Linux kernel, the following vulnerability has been resolved: pinctrl: core: delete incorrect free in pinctrlenable The "pctldev" struct is allocated in devmpinctrlregisterandinit. It's a devm managed pointer that is freed by devmpinctrldevrelease, so freeing it in pinctrlenable will lead t...

TIBCO Security Advisory: May 28, 2024 - TIBCO Managed File Transfer Platform Server for Unix - CVE-2024-4407

TIBCO Managed File Transfer Platform Server for Unix and z/Linux privilege escalation vulnerability Original release date: May 28, 2024 Last revised: --- CVE-2024-4407 Source: TIBCO Software Inc. Products Affected TIBCO Managed File Transfer Platform Server for Unix versions 8.0.0, 8.0.1, 8.1.0,...

SUSE CVE-2021-47314

In the Linux kernel, the following vulnerability has been resolved: memory: fslifc: fix leak of private memory on probe failure On probe error the driver should free the memory allocated for private structure. Fix this by using resource-managed allocation...

TotalCloud Insights: Uncovering the Hidden Dangers in Google Cloud Dataproc

Summary The Apache Hadoop Distributed File System HDFS can be vulnerable to data compromise when a Compute Engine cluster is in a public-facing virtual private cloud VPC or shares the VPC with other Compute Engine instances. Google Cloud Platform GCP provides a default VPC called default. This VP...

CVE-2024-20361

A vulnerability in the Object Groups for Access Control Lists ACLs feature of Cisco Firepower Management Center FMC Software could allow an unauthenticated, remote attacker to bypass configured access controls on managed devices that are running Cisco Firepower Threat Defense FTD Software. This...

CVE-2024-20361

Cisco CVE-2024-20361 affects Firepower Management Center (FMC) Software, enabling an unauthenticated remote attacker to bypass access controls on managed Firepower Threat Defense (FTD) devices. The root cause is the incorrect deployment of the Object Groups for ACLs feature from FMC to FTD in hig...

CVE-2021-47314

In the Linux kernel, the following vulnerability has been resolved: memory: fslifc: fix leak of private memory on probe failure On probe error the driver should free the memory allocated for private structure. Fix this by using resource-managed allocation...

CVE-2021-47314

In the Linux kernel, the following vulnerability has been resolved: memory: fslifc: fix leak of private memory on probe failure On probe error the driver should free the memory allocated for private structure. Fix this by using resource-managed allocation...

CVE-2021-47314

In the Linux kernel, the following vulnerability has been resolved: memory: fslifc: fix leak of private memory on probe failure On probe error the driver should free the memory allocated for private structure. Fix this by using resource-managed allocation...