org.aksw.sparqlify:sparqlify-cli (=0.8.3), org.aksw.sparqlify:sparqlify-core (=0.8.3) +2 more potentially affected by CVE-2017-12625 via org.apache.hive:hive-service (=2.3.0)

org.apache.hive:hive-service MAVEN version =2.3.0 is affected by a known vulnerability. The following packages have a transitive dependency on org.apache.hive:hive-service and may be impacted: - org.aksw.sparqlify:sparqlify-cli =0.8.3 - org.aksw.sparqlify:sparqlify-core =0.8.3 -...

Security Bulletin: IBM BladeCenter Switch Modules are affected by vulnerability in OpenSSL (CVE-2018-0732)

Summary IBM BladeCenter Switch Modules have addressed the following vulnerability in OpenSSL. Vulnerability Details CVEID: CVE-2018-0732 DESCRIPTION: OpenSSL is vulnerable to a denial of service, caused by the sending of a very large prime value to the client by a malicious server during key...

The vulnerability of the linux-astra-modules package of the Astra Linux operating system, which allows a hacker to circumvent established security policy rules

The vulnerability of the linux-astra-modules package in the Astra Linux operating system is related to an access control permission assignment error, which allows for bypassing the closed software environment by writing to /proc/$PID/mem. Exploiting this vulnerability can enable a perpetrator to...

The vulnerability of the linux-astra-modules package of the Astra Linux operating system, which allows users to compromise data integrity

The vulnerability of the linux-astra-modules package in the Astra Linux operating system is related to an access control check failure, which allows a non-privileged user to modify file integrity markers. Exploiting this vulnerability could enable a user to compromise data integrity...

The vulnerability of the linux-astra-modules package of the Astra Linux operating system allows a hacker to gain unauthorized access to data.

The vulnerability of the linux-astra-modules package in the Astra Linux operating system is related to an error that causes information leakage through the prlimit utility for reading/setting limit values. Exploiting this vulnerability can allow a perpetrator to gain unauthorized access to data...

CVE-2019-1611 Cisco FXOS and NX-OS Software CLI Command Injection Vulnerability (CVE-2019-1611)

A vulnerability in the CLI of Cisco NX-OS Software and Cisco FXOS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system of an affected device. The vulnerability is due to insufficient validation of arguments passed to certain CLI...

CVE-2019-1615

CVE-2019-1615 concerns Cisco NX-OS Software Image Signature Verification. Affected: Nexus 3000 Series switches; Nexus 9000 Series Fabric Switches in ACI Mode; Nexus 9000 Series in Standalone NX-OS Mode; Nexus 9500 R‑Series Line Cards and Fabric Modules. Root cause: improper verification of digita...

CVE-2019-1611

A vulnerability in the CLI of Cisco NX-OS Software and Cisco FXOS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system of an affected device. The vulnerability is due to insufficient validation of arguments passed to certain CLI...

Input validation

A vulnerability in the Image Signature Verification feature of Cisco NX-OS Software could allow an authenticated, local attacker with administrator-level credentials to install a malicious software image on an affected device. The vulnerability is due to improper verification of digital signature...

Input validation

A vulnerability in the filesystem permissions of Cisco NX-OS Software could allow an authenticated, local attacker to access sensitive data that could be used to elevate their privileges to administrator. The vulnerability is due to improper implementation of filesystem permissions. An attacker...

CVE-2019-1604

A vulnerability in the user account management interface of Cisco NX-OS Software could allow an authenticated, local attacker to gain elevated privileges on an affected device. The vulnerability is due to an incorrect authorization check of user accounts and their associated Group ID GID. An...

CVE-2019-1603

A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker to escalate lower-level privileges to the administrator level. The vulnerability is due to insufficient authorization enforcement. An attacker could exploit this vulnerability by authenticating to the...

CVE-2019-1600

A vulnerability in the file system permissions of Cisco FXOS Software and Cisco NX-OS Software could allow an authenticated, local attacker to access sensitive information that is stored in the file system of an affected system. The vulnerability is due to improper implementation of file system...

CVE-2019-1600 Cisco FXOS and NX-OS Software Unauthorized Directory Access Vulnerability

A vulnerability in the file system permissions of Cisco FXOS Software and Cisco NX-OS Software could allow an authenticated, local attacker to access sensitive information that is stored in the file system of an affected system. The vulnerability is due to improper implementation of file system...

CVE-2019-1600

CVE-2019-1600 concerns Cisco FXOS and NX-OS software. The vulnerability arises from improper file system permissions, allowing an authenticated, local attacker to access or modify restricted files and potentially expose sensitive data stored on the system. Affected products include Cisco FXOS/NX-...

com.hubspot.mesos.rx.java.example:mesos-rxjava-example-framework (=0.1.0), com.hubspot.mesos.rx.java:mesos-rxjava-protobuf-client (=0.1.0) +4 more potentially affected by CVE-2018-11793 via org.apache.mesos:mesos (=1.6.1)

org.apache.mesos:mesos MAVEN version =1.6.1 is affected by a known vulnerability. The following packages have a transitive dependency on org.apache.mesos:mesos and may be impacted: - com.hubspot.mesos.rx.java.example:mesos-rxjava-example-framework =0.1.0 -...

Xoops 1.0.2 PD-Links 1.0 Database Disclosure

Exploit Title : Xoops 1.0.2 PD-Links Modules 1.0 Krobi Database Disclosure Author Discovered By : KingSkrupellos Team : Cyberizm Digital Security Army Date : 03/03/2019 Vendor Homepage : xoops.org power-dreams.com Software Download Link : xoops.org/modules/repository/visit.php?cid=40&lid=1491...

[SECURITY] Fedora 28 Update: ansible-2.7.8-1.fc28

Ansible is a radically simple model-driven configuration management, multi-node deployment, and remote task execution system. Ansible works over SSH and does not require any software or daemons to be installed on remote nodes. Extension modules can be written in any language and are transferred t...

[SECURITY] Fedora 29 Update: ansible-2.7.8-1.fc29

Ansible is a radically simple model-driven configuration management, multi-node deployment, and remote task execution system. Ansible works over SSH and does not require any software or daemons to be installed on remote nodes. Extension modules can be written in any language and are transferred t...

Moderate: Red Hat Security Advisory: ansible security and bug fix update

An update for ansible is now available for Ansible Engine 2.5. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE...