Security update for kubernetes1.18

This update of kubernetes1.18 fixes the following issues: This update was retracted due to non working kubectl. CVE-2025-22872: Fixed golang.org/x/net/html: incorrectly interpreted tags can cause content to be placed wrong scope during DOM construction bsc1241865 rebuild the package with the...

Security update for rsync

This update for rsync fixes the following issues: NOTE: This update was retracted as one of the fixes was broken. A new update will be issued. CVE-2024-12085: leak of uninitialized stack data on the server leading to possible ASLR bypass. bsc1234101 CVE-2024-12086: leak of a client machine's file...

openSUSE: Security Advisory for the Linux Kernel (SUSE-SU-2023:3683-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2023:4287-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Severe Security Flaw Found in "jsonwebtoken" Library Used by 22,000+ Projects

UPDATE: CVE-2022-23529 Retracted Following Review Auth0 and Unit 42 said they are formally retracting CVE-2022-23529 CVSS score: 7.6 based on the fact that several prerequisites are essential for exploitation. The cybersecurity company said "important security checks" have been added to fix the...

CVE-2022-45046

This flaw targets the camel-ldap package. According to the maintainers this CVE should be retracted soon. Mitigation Maintainers have added a documentation detail regarding LDAP Injection in Camel LDAP component. Please check the link for more information...

openSUSE: Security Advisory for cpio (openSUSE-SU-2021:2689-1)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Security update for cpio (important)

openSUSE Security Update: Security update for cpio Announcement ID: openSUSE-SU-2021:2689-1 Rating: important References: 1189206 Cross-References: CVE-2021-38185 CVSS scores: CVE-2021-38185 SUSE: 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Affected Products: openSUSE Leap 15.3 An update tha...

Command Injection

Amendment This was deemed not a vulnerability. Overview Affected versions of this package are vulnerable to Command Injection via the lib/utils.js file, which is required by main entry of the package. Note: CVE-2020-28432 has been retracted because it was found to be invalid. Further investigatio...

RETRACTED

...

CVE-2011-5042

Cross-site scripting XSS vulnerability in inc/lib/lib.base.php in SASHA 0.2.0 allows remote attackers to inject arbitrary web script or HTML via the instructors parameter. NOTE: the original disclosure also mentions the sectiontitle parameter, but this was disputed by the vendor and retracted by...

CVE-2007-2056

Rejected reason: The getlock function in aimage/aimage.cpp in AFFLIB 2.2.8 and earlier allows local users to overwrite arbitrary files via a symlink attack on temporary lock files aka "time-of-check-time-of-use file race". NOTE: the researcher has retracted the original advisory, stating that "th...

PT-2006-4244 · Mozilla · Firefox

Name of the Vulnerable Software and Affected Versions: No vulnerable software versions are specified, as the reported issue was retracted and disputed. Description: A reported cross-domain issue in Mozilla Firefox was claimed to allow remote attackers to access restricted information from other...