29 matches found
[SECURITY] Fedora 43 Update: pyp2spec-0.14.1-1.fc43
pyp2spec is a tech preview. It is a tool generating Fedora RPM spec files for Python distributions. It utilizes the benefits of pyproject-rpm-macros...
[SECURITY] Fedora 42 Update: pyp2spec-0.14.1-1.fc42
pyp2spec is a tech preview. It is a tool generating Fedora RPM spec files for Python distributions. It utilizes the benefits of pyproject-rpm-macros...
CVE-2021-31414
The unofficial vscode-rpm-spec extension before 0.3.2 for Visual Studio Code allows remote code execution via a crafted workspace configuration...
SUSE-SU-2026:0043-1 Security update for qemu
This update for qemu fixes the following issues: Security issues fixed: - CVE-2023-1544: out-of-bounds read in VMWare's paravirtual RDMA device operations can be exploited through a malicious guest driver to crash the QEMU process on the host bsc1209554. - CVE-2024-6505: heap-based buffer overflo...
EUVD-2017-18210
Malware in sbrugna...
EUVD-2021-18314
Malware in sbrugna...
Exploit for Missing Authentication for Critical Function in F5 Big-Ip_Access_Policy_Manager
Tippa My Tongue Tippa My Tongue is an exploit that uses CVE-2...
Fedora 37 : netconsd (2023-88629e9585)
The remote Fedora 37 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2023-88629e9585 advisory. Update to 0.2 to address CVE-2023-28753; Fixes: RHBZ2181655 Tenable has extracted the preceding description block directly from the Fedora security advisory...
F5 BIG-IP iControl Remote Command Execution
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'F5 BIG-IP iControl Authenticated RCE via RPM Creator', 'Description' = %q This module exploits a newline injection into an RPM .rpmspec file that...
CVE-2022-41622 and CVE-2022-41800 (FIXED): F5 BIG-IP and iControl REST Vulnerabilities and Exposures
Rapid7 discovered several vulnerabilities and exposures in F5 BIG-IP and BIG-IQ devices running a customized distribution of CentOS detailed in F5's Base Operating Systems support article. The affected products are detailed in the vendor advisories below: CVE-2022-41622: BIG-IP and BIG-IQ are...
glibc security update
2.28-151.0.1.el84 - merge RH patches for ol8-u4 release Review-exception: Patch merge - Provide glibc.pthread.mutexspincount tunable for pthread adaptive - spin mutex Orabug: 27982358. Reviewed-by: Qing Zhao - add Ampere emag to tunable cpu list Patrick McGehearty - add optimized memset for emag ...
CVE-2021-31414
The unofficial vscode-rpm-spec extension before 0.3.2 for Visual Studio Code allows remote code execution via a crafted workspace configuration...
CVE-2021-31414
The unofficial vscode-rpm-spec extension before 0.3.2 for Visual Studio Code allows remote code execution via a crafted workspace configuration...
CVE-2021-31414
CVE-2021-31414 affects the vscode-rpm-spec extension for Visual Studio Code (pre-0.3.2). The vulnerability enables remote code execution via a crafted workspace configuration. Multiple connected sources (NVD, Red Hat, OSV, CVE lists) confirm the issue and its impact, but detailed fix information ...
CVE-2017-9274
A shell command injection in the obs-service-sourcevalidator before 0.7 could be used to execute code as the packager when checking RPM SPEC files with specific macro constructs...
DEBIAN-CVE-2017-9274
A shell command injection in the obs-service-sourcevalidator before 0.7 could be used to execute code as the packager when checking RPM SPEC files with specific macro constructs...
CVE-2017-9274
A shell command injection in the obs-service-sourcevalidator before 0.7 could be used to execute code as the packager when checking RPM SPEC files with specific macro constructs...
Command injection
A shell command injection in the obs-service-sourcevalidator before 0.7 could be used to execute code as the packager when checking RPM SPEC files with specific macro constructs...
UBUNTU-CVE-2017-9274
A shell command injection in the obs-service-sourcevalidator before 0.7 could be used to execute code as the packager when checking RPM SPEC files with specific macro constructs...
CVE-2017-9274
A shell command injection in the obs-service-sourcevalidator before 0.7 could be used to execute code as the packager when checking RPM SPEC files with specific macro constructs...