6345 matches found
ansible-freeipa bug fix and enhancement update
An update is available for ansible-freeipa. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The ansible-freeipa package provides Ansible roles and playbooks to...
Introducing Spring Modulith
When designing software systems, architects and developers have plenty of architectural options to choose from. Microservice-based systems have become ubiquitous in the last couple of years. However, the idea of monolithic, modular systems has also regained popularity recently. Independent of the...
GHSA-WHPX-Q3RQ-W8JC Hardening of TypedArrays with non-canonical numeric property names in SES
Impact What kind of vulnerability is it? Who is impacted? In Hardened JavaScript, programs can harden objects to safely share objects with co-tenant programs without risk of these other programs tampering with their API surface. Hardening does not guarantee that objects are pure or immutable, so ...
Dell Container Storage Modules Operating System Command Injection Vulnerability
Dell Container Storage Modules are a set of modules from Dell, Inc. It is designed to provide additional functionality beyond what is available in container storage. An operating system command injection vulnerability exists in Dell Container Storage Modules versions 1.3.0 and later, prior to...
DRUPAL-CONTRIB-2022-058
This module enables themers to get partial data from field render arrays. It gives them more control over the output without drilling deep into the render array or using preprocess functions. The module doesn't sufficiently apply access restrictions when using the filters field\label, field\value...
CVE-2022-34427
Dell Container Storage Modules 1.2 contains an OS Command Injection in goiscsi and gobrick libraries. A remote unauthenticated attacker could exploit this vulnerability leading to modification of intended OS command execution...
CVE-2022-34426
Dell Container Storage Modules 1.2 contains an Improper Limitation of a Pathname to a Restricted Directory in goiscsi and gobrick libraries which could lead to OS command injection. A remote unauthenticated attacker could exploit this vulnerability leading to unintentional access to path outside ...
Command injection
Dell Container Storage Modules 1.2 contains an Improper Limitation of a Pathname to a Restricted Directory in goiscsi and gobrick libraries which could lead to OS command injection. A remote unauthenticated attacker could exploit this vulnerability leading to unintentional access to path outside ...
CVE-2022-34427
Dell Container Storage Modules 1.2 contains an OS Command Injection in goiscsi and gobrick libraries. A remote unauthenticated attacker could exploit this vulnerability leading to modification of intended OS command execution...
CVE-2022-34427
Dell Container Storage Modules 1.2 contains an OS Command Injection in goiscsi and gobrick libraries. A remote unauthenticated attacker could exploit this vulnerability leading to modification of intended OS command execution...
CVE-2022-34427
CVE-2022-34427 affects Dell Container Storage Modules 1.2, with an OS command injection in the goiscsi and gobrick libraries. The root cause is a vulnerability that allows a remote unauthenticated attacker to modify intended OS commands, potentially leading to arbitrary command execution. Public ...
CVE-2022-34426
Dell Container Storage Modules 1.2 contains an Improper Limitation of a Pathname to a Restricted Directory in goiscsi and gobrick libraries which could lead to OS command injection. A remote unauthenticated attacker could exploit this vulnerability leading to unintentional access to path outside ...
CVE-2022-34426
Dell Container Storage Modules 1.2 contains an Improper Limitation of a Pathname to a Restricted Directory in goiscsi and gobrick libraries which could lead to OS command injection. A remote unauthenticated attacker could exploit this vulnerability leading to unintentional access to path outside ...
CVE-2022-34426
Dell Container Storage Modules 1.2 is affected by CVE-2022-34426 due to an Improper Limitation of a Pathname to a Restricted Directory in the goiscsi and gobrick libraries, which could allow a remote unauthenticated attacker to perform OS command injection and obtain unintended access to paths ou...
Dell Container Storage Modules 操作系统命令注入漏洞
Dell Container Storage Modules are a set of modules from Dell, Inc. It is designed to provide additional functionality beyond what is available in container storage. An operating system command injection vulnerability exists in Dell Container Storage Modules versions 1.3.0 and later, prior to...
Dell Container Storage Modules 路径遍历漏洞
Dell Container Storage Modules are a set of modules from Dell, Inc. It is designed to provide additional functionality beyond what is available in Container Storage. A security vulnerability exists in Dell Container Storage Modules version 1.2, which stems from an improper restriction on the...
The vulnerability of the web page rendering modules in WebKitGTK and WPE WebKit, related to the use of memory after it is freed, allows attackers to execute arbitrary code or cause service interruptions.
The vulnerability of the Web page rendering modules in WebKitGTK and WPE WebKit relates to the use of memory after it is freed. Exploiting this vulnerability can allow an attacker to execute arbitrary code or cause a service failure by using a specially created website...
OPENSUSE-SU-2022:10132-1 Security update for lighttpd
This update for lighttpd fixes the following issues: lighttpd was updated to 1.4.66: a number of bug fixes Fix HTTP/2 downloads = 4GiB Fix SIGUSR1 graceful restart with TLS futher bug fixes CVE-2022-37797: null pointer dereference in modwstunnel, possibly a remotely triggerable crash boo1203358 I...
编号撤回
Python is an open source, object-oriented programming language from the Python Foundation. The language is extensible, supports modules and packages, and supports multiple platforms. This CVE number has been withdrawn...
CVE-2022-38335
Vtiger CRM v7.4.0 was discovered to contain a stored cross-site scripting XSS vulnerability via the e-mail template modules...