57 matches found
PT-2026-47223
Name of the Vulnerable Software and Affected Versions guzzlehttp/psr7 versions prior to 2.10.2 Description The library fails to reject ASCII control characters, whitespace, or DEL in first-party URI host components. When an application uses a user-controlled URL to construct a PSR-7 Uri or Reques...
PT-2026-39248
Name of the Vulnerable Software and Affected Versions free5GC BSF version 4.2.1 Description An unsynchronized write occurs on the global Subscriptions map within the BSF handler for the endpoint '/nbsf-management/v1/subscriptions/subId'. While the handler reads the map using a read-lock via the...
Moderate: Red Hat Security Advisory: RHOSP 17.1.4 (python-zipp) security update
An update for python-zipp is now available for Red Hat OpenStack Platform RHOSP 17.1 Wallaby. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for eac...
CVE-2024-34618
Improper access control in System property prior to SMR Aug-2024 Release 1 allows local attackers to access cell related information...
CVE-2024-34618
Improper access control in System property prior to SMR Aug-2024 Release 1 allows local attackers to access cell related information...
Important: Red Hat Security Advisory: edk2 security update
An update for edk2 is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Telecommunications Update Service, and Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions. Red Hat Product Security has rated this update as havi...
Adversaries Leverage Social Media to Disseminate New Python-Based Stealer
Summary: A recently identified malicious campaign involves the use of WinRAR archive files with minimal detection to execute a multi-stage attack. The payload, known as Editbot, is a newly discovered Python-based stealer. Editbot is specifically designed to extract process information and data...
CVE-2023-41263
An issue was discovered in Plixer Scrutinizer before 19.3.1. It exposes debug logs to unauthenticated users at the /debug/ URL path. With knowledge of valid IP addresses and source types, an unauthenticated attacker can download debug logs containing application-related information...
Information disclosure
An issue was discovered in Plixer Scrutinizer before 19.3.1. It exposes debug logs to unauthenticated users at the /debug/ URL path. With knowledge of valid IP addresses and source types, an unauthenticated attacker can download debug logs containing application-related information...
CVE-2023-41263
An issue was discovered in Plixer Scrutinizer before 19.3.1. It exposes debug logs to unauthenticated users at the /debug/ URL path. With knowledge of valid IP addresses and source types, an unauthenticated attacker can download debug logs containing application-related information...
New Security Vulnerability Affects Thousands of Self-Managed GitLab Instances
Researchers have disclosed details of a new security vulnerability in GitLab, an open-source DevOps software, that could potentially allow a remote, unauthenticated attacker to recover user-related information. Tracked as CVE-2021-4191 CVSS score: 5.3, the medium-severity flaw affects all version...
java-17-openjdk security update
An update for java-17-openjdk is now available for Rocky Linux 8. Rocky Linux Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability. For mor...
GPAC Denial of Service Vulnerability (CNVD-2022-03628)
GPAC is an open source multimedia framework. gfdumpsetup function in GPAC version 1.0.1 has a denial of service vulnerability that stems from certain security-related information being missed and can be exploited by an attacker to cause a denial of service...
Privilege Escalation
jenkins is vulnerable to privilege escalation. The vulnerability exists due to an incorrect access restriction vulnerability was found in Jenkins. The directories agents are allowed to access include the directories where there are stored build-related information intended to allow agents to stor...
CVE-2021-21697
An incorrect access restriction vulnerability was found in Jenkins. The directories agents are allowed to access include the directories where there are stored build-related information intended to allow agents to store build-related metadata during build execution. As a consequence, this allows ...
Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2021-2.0-0390
An update of 'libgd' packages of Photon OS has been released...
Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2021-2.0-0375
An update of 'apache-tomcat' packages of Photon OS has been released...
Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2021-1.0-0408
An update of 'linux', 'linux-esx' packages of Photon OS has been released...
Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2021-2.0-0358
An update of 'libjpeg-turbo', 'nss', 'zookeeper' packages of Photon OS has been released...
Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2021-2.0-0351
An update of 'libwebp', 'libxml2', 'mariadb' packages of Photon OS has been released...