MiracleLinux 8 : curl-7.61.1-18.el8.1 (AXSA:2021-2446:04)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2021-2446:04 advisory. curl: Content not matching hash in Metalink is not being discarded CVE-2021-22922 curl: Metalink download sends credentials CVE-2021-22923 curl: Bad...

The vulnerability of the allowPassThrough method implemented in the Ivanti Avalanche mobile device management system allows a hacker to circumvent existing security restrictions.

The vulnerability of the allowPassThrough method in the Ivanti Avalanche mobile device management system is related to an incorrect restriction on the path name to the restricted access catalog. Exploiting this vulnerability could allow a malicious actor to bypass existing security restrictions...

The vulnerability of SAP NetWeaver AS ABAP and SAP NetWeaver ABAP integration platforms lies in incorrect restrictions on path names to restricted catalogs, allowing attackers to overwrite arbitrary files.

The vulnerability of SAP NetWeaver AS ABAP and SAP NetWeaver ABAP programming integration platforms is related to incorrect restrictions on the path name to the restricted access catalog. Exploiting this vulnerability allows a malicious actor to re-record arbitrary files remotely...

The vulnerability of the Moxa MXView network control software lies in its lack of functionality for checking the path name of the restricted access directory. This allows a violator to execute arbitrary code.

The vulnerability of the Moxa MXView network control software is related to deficiencies in checking the path name to the restricted-access directory. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code remotely...

The vulnerability of the Application Server of the IBM Planning Analytics ERP system allows attackers to escalate their privileges and execute arbitrary code.

The vulnerability of the IBM Planning Analytics ERP system’s application server is related to deficiencies in the checking of path names to the restricted access catalog. Exploiting this vulnerability allows a malicious actor to enhance their privileges and execute arbitrary code using the TM1...

Moderate: Red Hat Security Advisory: curl security update

An update for curl is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the C...

curl security update

An update is available for curl. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The curl packages provide the libcurl library and the curl utility for downloadi...

[SECURITY] [DLA 2734-1] curl security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-2734-1 [email protected] https://www.debian.org/lts/security/ Adrian Bunk August 09, 2021 https://wiki.debian.org/LTS -...

The vulnerability of the Adobe InCopy text creation and editing software lies in its lack of path name checking for restricted access directories, allowing attackers to execute arbitrary code.

The vulnerability of the Adobe InCopy text creation and editing software is related to deficiencies in checking the path to the restricted directory. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code in the context of the current user, through a specially craft...