[SECURITY] Fedora 38 Update: golang-gopkg-alecthomas-kingpin-2-2.3.2-1.fc38

Kingpin is a fluent-style, type-safe command-line parser. It supports flags, nested commands, and positional arguments...

[SECURITY] Fedora 37 Update: golang-gopkg-alecthomas-kingpin-2-2.3.2-1.fc37

Kingpin is a fluent-style, type-safe command-line parser. It supports flags, nested commands, and positional arguments...

[SECURITY] Fedora 39 Update: golang-gopkg-alecthomas-kingpin-2-2.3.2-1.fc39

Kingpin is a fluent-style, type-safe command-line parser. It supports flags, nested commands, and positional arguments...

SUSE CVE-2023-41900

Jetty is a Java based web server and servlet engine. Versions 9.4.21 through 9.4.51, 10.0.15, and 11.0.15 are vulnerable to weak authentication. If a Jetty OpenIdAuthenticator uses the optional nested LoginService, and that LoginService decides to revoke an already authenticated user, then the...

How To Enable DsAuthAzureAdNestedGroups Feature For Azure AD Nested Groups

Adding a group as a member of another group nesting is supported with the DSAuthAzureAdNestedGroups feature enabled...

CVE-2022-20917

A vulnerability in the Extensible Messaging and Presence Protocol XMPP message processing feature of Cisco Jabber could allow an authenticated, remote attacker to manipulate the content of XMPP messages that are used by the affected application. This vulnerability is due to the improper handling ...

Oracle Linux 7 : Unbreakable Enterprise kernel (ELSA-2021-9452)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2021-9452 advisory. - KVM: do not allow mapping valid but non-reference-counted pages Nicholas Piggin Orabug: 33054089 CVE-2021-22543 CVE-2021-22543 - Input: joydev -...

snakeyaml: Denial of Service due to missing nested depth limitation for collections

A flaw was found in the org.yaml.snakeyaml package. This flaw allows an attacker to cause a denial of service DoS due to missing nested depth limitation for collections...

If the length of owners in the safe array is too large, may experience out of gas revert

Lines of code Vulnerability details Proof of Concept Function requireSafesEquivalent in SecurityCouncilMgmtUpgradeLib.sol checks whether the addresses in the two safe arrays are the same and of the same length. If the arrays are too large, like there are many addresses that manages a gnosis safe,...

CVE-2023-34623

A flaw was found in jtidy when parsing untrusted html. If the parser is running on unsanitized user input, an attacker could craft a request that causes the parser to crash by stack overflow, resulting in a denial of service DoS. Mitigation This flaw can be mitigated by implementing sanitization...

Debian: Security Advisory (DSA-5471-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2020-12243 - denial of service in filter.c in slapd in OpenLDAP

In filter.c in slapd in OpenLDAP before 2.4.50, LDAP search filters with nested boolean expressions can result in denial of service daemon crash. Products Confirmed Not Affected No Brocade Fiber Channel product from Broadcom products is affected by this vulnerability...

USN-6270-1 vim vulnerabilities

It was discovered that Vim incorrectly handled memory when opening certain files. If an attacker could trick a user into opening a specially crafted file, it could cause Vim to crash, or possibly execute arbitrary code. This issue only affected Ubuntu 22.04 LTS. CVE-2022-2182 It was discovered th...

SUSE CVE-2021-46662

MariaDB through 10.5.9 allows a setvar.cc application crash via certain uses of an UPDATE statement in conjunction with a nested subquery...

kernel: KVM: x86/mmu: race condition in direct_page_fault()

A flaw was found in the Linux kernel in the KVM. A race condition in directpagefault allows guest OS users to cause a denial of service host OS crash or host OS memory corruption when nested virtualization and the TDP MMU are enabled...

kernel: KVM: x86/mmu: race condition in direct_page_fault()

A flaw was found in the Linux kernel in the KVM. A race condition in directpagefault allows guest OS users to cause a denial of service host OS crash or host OS memory corruption when nested virtualization and the TDP MMU are enabled...

underscore-keypath Security Vulnerabilities

underscore-keypath is a JavaScript library for handling keypath operations on objects. A keypath operation is the reading, setting, and manipulation of nested properties or property paths on an object specified by a string. underscore-keypath library provides a set of simple and flexible methods...

Denial Of Service (DoS)

github.com/taosdata/TDengine is vulnerable to Denial Of Service DoS. The vulnerability exists due to the improper input validation of the library, which allows an attacker with the create function privilege to crash the application by providing a maliciously crafted UDF nested query...

CVE-2023-38502

TDengine is an open source, time-series database optimized for Internet of Things devices. Prior to version 3.0.7.1, TDengine DataBase crashes on UDF nested query. This issue affects TDengine Databases which let users connect and run arbitrary queries. Version 3.0.7.1 has a patch for this issue...

Design/Logic Flaw

TDengine is an open source, time-series database optimized for Internet of Things devices. Prior to version 3.0.7.1, TDengine DataBase crashes on UDF nested query. This issue affects TDengine Databases which let users connect and run arbitrary queries. Version 3.0.7.1 has a patch for this issue...