OPENSUSE-SU-2022:10132-1 Security update for lighttpd

This update for lighttpd fixes the following issues: lighttpd was updated to 1.4.66: a number of bug fixes Fix HTTP/2 downloads = 4GiB Fix SIGUSR1 graceful restart with TLS futher bug fixes CVE-2022-37797: null pointer dereference in modwstunnel, possibly a remotely triggerable crash boo1203358 I...

编号撤回

Python is an open source, object-oriented programming language from the Python Foundation. The language is extensible, supports modules and packages, and supports multiple platforms. This CVE number has been withdrawn...

CVE-2022-38335

Vtiger CRM v7.4.0 was discovered to contain a stored cross-site scripting XSS vulnerability via the e-mail template modules...

CVE-2022-38335

Vtiger CRM v7.4.0 was discovered to contain a stored cross-site scripting XSS vulnerability via the e-mail template modules...

CVE-2022-38335

Vtiger CRM v7.4.0 was discovered to contain a stored cross-site scripting XSS vulnerability via the e-mail template modules...

PT-2022-24373 · Vtiger · Vtiger Crm

Name of the Vulnerable Software and Affected Versions: Vtiger CRM version 7.4.0 Description: A stored cross-site scripting XSS issue was found in the e-mail template modules. This allows for malicious scripts to be stored and executed when the module is accessed. Recommendations: For Vtiger CRM...

Ubuntu 20.04 LTS : Linux kernel (Azure CVM) vulnerabilities (USN-5639-1)

The remote Ubuntu 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-5639-1 advisory. It was discovered that the framebuffer driver on the Linux kernel did not verify size limits when changing font or screen size, leading to an out-of-...

Huawei EulerOS: Security Advisory for samba (EulerOS-SA-2022-2401)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

PT-2022-28248 · Go · Github.Com/Mohammed90/Caddy-Ssh

Name of the Vulnerable Software and Affected Versions: No specific software or version is mentioned, however, the issue is related to PAM Pluggable Authentication Modules and its implementation in a certain project, implying that the affected software is a PAM-based authentication system, but the...

PT-2022-24832 · Arvados · Arvados

Name of the Vulnerable Software and Affected Versions: Arvados versions prior to 2.4.3 Description: The issue affects Arvados, an open source platform for managing and analyzing biomedical big data. When using Portable Authentication Modules PAM for user authentication, if a user presents valid...

CVE-2022-28321

The Linux-PAM package before 1.5.2-6.1 for openSUSE Tumbleweed allows authentication bypass for SSH logins. The pamaccess.so module doesn't correctly restrict login if a user tries to connect from an IP address that is not resolvable via DNS. In such conditions, a user with denied access to a...

animl (>=1.1.2 <=1.1.4), arekit (>=0.21.0 <=0.22.1) +182 more potentially affected by CVE-2022-35981 via tensorflow-gpu (>=1.10.1 <=2.7.0)

tensorflow-gpu PYPI version =1.10.1, =1.1.2, =0.21.0, =0.23.0, =0.9.2, =1.0.0, =0.1.0, =0.0.1, =0.0.9, =0.1.0, =0.0.1, =1.0.0, =1.0.3 - brainhance =0.0.1 and more Source cves: CVE-2022-35981 Source advisory: OSV:GHSA-VXV8-R8Q2-63XW...

animl (>=1.1.2 <=1.1.4), arekit (>=0.21.0 <=0.22.1) +182 more potentially affected by CVE-2022-35979 via tensorflow-gpu (>=1.10.1 <=2.7.0)

tensorflow-gpu PYPI version =1.10.1, =1.1.2, =0.21.0, =0.23.0, =0.9.2, =1.0.0, =0.1.0, =0.0.1, =0.0.9, =0.1.0, =0.0.1, =1.0.0, =1.0.3 - brainhance =0.0.1 and more Source cves: CVE-2022-35979 Source advisory: OSV:GHSA-V7VW-577F-VP8X...

animl (>=1.1.2 <=1.1.4), arekit (>=0.21.0 <=0.22.1) +182 more potentially affected by CVE-2022-35967 via tensorflow-gpu (>=1.10.1 <=2.7.0)

tensorflow-gpu PYPI version =1.10.1, =1.1.2, =0.21.0, =0.23.0, =0.9.2, =1.0.0, =0.1.0, =0.0.1, =0.0.9, =0.1.0, =0.0.1, =1.0.0, =1.0.3 - brainhance =0.0.1 and more Source cves: CVE-2022-35967 Source advisory: OSV:GHSA-V6H3-348G-6H5X...

animl (>=1.1.2 <=1.1.4), arekit (>=0.21.0 <=0.22.1) +182 more potentially affected by CVE-2022-35992 via tensorflow-gpu (>=1.10.1 <=2.7.0)

tensorflow-gpu PYPI version =1.10.1, =1.1.2, =0.21.0, =0.23.0, =0.9.2, =1.0.0, =0.1.0, =0.0.1, =0.0.9, =0.1.0, =0.0.1, =1.0.0, =1.0.3 - brainhance =0.0.1 and more Source cves: CVE-2022-35992 Source advisory: OSV:GHSA-9V8W-XMR4-WGXP...

animl (>=1.1.2 <=1.1.4), arekit (>=0.21.0 <=0.22.1) +182 more potentially affected by CVE-2022-35995 via tensorflow-gpu (>=1.10.1 <=2.7.0)

tensorflow-gpu PYPI version =1.10.1, =1.1.2, =0.21.0, =0.23.0, =0.9.2, =1.0.0, =0.1.0, =0.0.1, =0.0.9, =0.1.0, =0.0.1, =1.0.0, =1.0.3 - brainhance =0.0.1 and more Source cves: CVE-2022-35995 Source advisory: OSV:GHSA-G9H5-VR8M-X2H4...

CVE-2020-36601

Out-of-bounds write vulnerability in the kernel modules. Successful exploitation of this vulnerability may cause a panic reboot...

CVE-2020-36601

Out-of-bounds write vulnerability in the kernel modules. Successful exploitation of this vulnerability may cause a panic reboot...

Cross site scripting

Out-of-bounds write vulnerability in the kernel modules. Successful exploitation of this vulnerability may cause a panic reboot...

CVE-2020-36601

CVE-2020-36601 is described as an out-of-bounds write vulnerability in kernel modules that may trigger a panic reboot on successful exploitation. The available connected records reiterate the kernel-level write issue and its impact, but do not specify concrete vulnerable products, versions, explo...