6648 matches found
Important: kernel-livepatch-4.14.348-265.562
Issue Overview: In the Linux kernel, the following vulnerability has been resolved: kdb: Fix buffer overflow during tab-complete CVE-2024-39480 Affected Packages: kernel-livepatch-4.14.348-265.562 Issue Correction: Please ensure you have live patching enabled. Run yum update...
Important: kernel-livepatch-4.14.344-262.563
Issue Overview: In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: Fix potential data-race in nftexprtypeget CVE-2024-27020 Affected Packages: kernel-livepatch-4.14.344-262.563 Issue Correction: Please ensure you have live patching enabled. Run yum update...
GHSA-MQ69-4J5W-3QWP Capsule tenant owner with "patch namespace" permission can hijack system namespaces
Attack Vector Then, let me briefly explain the reasons for the errors mentioned above: 1. The 'kubectl edit' command was used to patch the namespace, but this operation requires both 'get' and 'patch' permissions, hence the error. One should use methods like 'curl' to directly send a PATCH reques...
CVE-2024-8003
A vulnerability was found in Go-Tribe gotribe-admin 1.0 and classified as problematic. Affected by this issue is the function InitRoutes of the file internal/app/routes/routes.go of the component Log Handler. The manipulation leads to deserialization. The patch is identified as...
sarabangel.loxblog.com Cross Site Scripting vulnerability OBB-3958400
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
jacob-company.com Cross Site Scripting vulnerability OBB-3957993
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
panelinios.gr Cross Site Scripting vulnerability OBB-3957905
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
New Windows IPv6 Zero-Click Vulnerability
The press is reporting a critical Windows vulnerability affecting IPv6. As Microsoft explained in its Tuesday advisory, unauthenticated attackers can exploit the flaw remotely in low-complexity attacks by repeatedly sending IPv6 packets that include specially crafted packets. Microsoft also share...
CVE-2024-42472 Flatpak may allow access to files outside sandbox for certain apps
Flatpak is a Linux application sandboxing and distribution framework. Prior to versions 1.14.0 and 1.15.10, a malicious or compromised Flatpak app using persistent directories could access and write files outside of what it would otherwise have access to, which is an attack on integrity and...
CVE-2024-42472
CVE-2024-42472 affects Flatpak before 1.14.0/1.15.10 and allows a malicious or compromised Flatpak app using persistent directories to access or write files outside the sandbox. The root cause is a symlink-following issue when mounting persistent (persist) directories, causing the bind mount to f...
CVE-2024-42472 Flatpak may allow access to files outside sandbox for certain apps
Flatpak is a Linux application sandboxing and distribution framework. Prior to versions 1.14.0 and 1.15.10, a malicious or compromised Flatpak app using persistent directories could access and write files outside of what it would otherwise have access to, which is an attack on integrity and...
CVE-2024-42472 Flatpak may allow access to files outside sandbox for certain apps
Flatpak is a Linux application sandboxing and distribution framework. Prior to versions 1.14.0 and 1.15.10, a malicious or compromised Flatpak app using persistent directories could access and write files outside of what it would otherwise have access to, which is an attack on integrity and...
CVE-2024-42472
Flatpak is a Linux application sandboxing and distribution framework. Prior to versions 1.14.0 and 1.15.10, a malicious or compromised Flatpak app using persistent directories could access and write files outside of what it would otherwise have access to, which is an attack on integrity and...
Exploit for Use of Password Hash With Insufficient Computational Effort in Redhat Enterprise_Linux
CVE-2024-3183-POC POC for CVE-2024-3183 FreeIPA Rosting Imp...
tesorplus.com Cross Site Scripting vulnerability OBB-3956604
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
Important: kernel-livepatch-5.10.217-205.860
Issue Overview: In the Linux kernel, the following vulnerability has been resolved: kdb: Fix buffer overflow during tab-complete CVE-2024-39480 Affected Packages: kernel-livepatch-5.10.217-205.860 Issue Correction: Please ensure you have live patching enabled. Run yum update...
ochnik.com Cross Site Scripting vulnerability OBB-3955163
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
sf3939.bubuwan.com Cross Site Scripting vulnerability OBB-3953357
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
adec.es Cross Site Scripting vulnerability OBB-3953240
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a problem with the way it is patched at maygoto, which should be patched differently when the offset is...