30465 matches found
Photon OS 3.0: Sqlite PHSA-2020-3.0-0049
An update of the sqlite package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2020-3.0-0049. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...
Photon OS 5.0: Httpd PHSA-2024-5.0-0242
An update of the httpd package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2024-5.0-0242. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...
Security Bulletin: IBM InfoSphere Information Server is affected by an information disclosure vulnerability (CVE-2024-37533)
Summary An information disclosure vulnerability in InfoSphere Information Server was addressed. Vulnerability Details CVEID:CVE-2024-37533 DESCRIPTION: IBM InfoSphere Information Server could disclose sensitive user information to another user with physical access to the machine. CVSS Base score:...
CVE-2020-24347 affecting package nginx for versions less than 1.25.4-1
CVE-2020-24347 affecting package nginx for versions less than 1.25.4-1. A patched version of the package is available...
CVE-2017-18214 affecting package ntopng for versions less than 5.2.1-4
CVE-2017-18214 affecting package ntopng for versions less than 5.2.1-4. A patched version of the package is available...
Security Bulletin: IBM Information Governance Catalog is vulnerable to unrestricted file upload (CVE-2024-40705)
Summary An unrestricted file upload vulnerability in Information Governance Catalog was addressed. Vulnerability Details CVEID:CVE-2024-40705 DESCRIPTION: IBM Information Governance Catalog could allow an authenticated user to consume file space resources due to unrestricted file uploads. CVSS Ba...
CVE-2024-41663 Canarytoken "Cloned Website" Vulnerable to Stored Cross-Site Scripting
Canarytokens help track activity and actions on a network. A Cross-Site Scripting vulnerability was identified in the "Cloned Website" Canarytoken, whereby the Canarytoken's creator can attack themselves. The creator of a slow-redirect Canarytoken can insert Javascript into the destination URL of...
CVE-2021-43565 affecting package moby-buildx for versions less than 0.7.1-20
CVE-2021-43565 affecting package moby-buildx for versions less than 0.7.1-20. A patched version of the package is available...
Unbreakable Enterprise kernel security update
4.1.12-124.87.2.2 - net/mlx5e: drop shorter ethernet frames Manjunath Patil Orabug: 36660755...
Photon OS 4.0: Logrotate PHSA-2023-4.0-0349
An update of the logrotate package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2023-4.0-0349. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...
Photon OS 4.0: Pixman PHSA-2022-4.0-0279
An update of the pixman package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2022-4.0-0279. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...
Photon OS 4.0: Linux PHSA-2024-4.0-0575
An update of the linux package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2024-4.0-0575. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...
Photon OS 4.0: Linux PHSA-2022-4.0-0195
An update of the linux package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2022-4.0-0195. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...
Photon OS 3.0: Go PHSA-2019-3.0-0023
An update of the go package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2019-3.0-0023. The text itself is copyright C VMware, Inc. include'compat.inc'; if description scriptid203036...
Photon OS 4.0: Redis PHSA-2023-4.0-0328
An update of the redis package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2023-4.0-0328. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...
Photon OS 5.0: Vim PHSA-2023-5.0-0009
An update of the vim package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2023-5.0-0009. The text itself is copyright C VMware, Inc. include'compat.inc'; if description scriptid20355...
Photon OS 4.0: Nghttp2 PHSA-2023-4.0-0379
An update of the nghttp2 package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2023-4.0-0379. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...
CVE-2024-20977 affecting package mysql for versions less than 8.0.36-1
CVE-2024-20977 affecting package mysql for versions less than 8.0.36-1. An upgraded version of the package is available that resolves this issue...
CVE-2023-50230 affecting package bluez for versions less than 5.63-5
CVE-2023-50230 affecting package bluez for versions less than 5.63-5. A patched version of the package is available...
Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint
Summary This report details a security vulnerability in Argo CD, where an unauthenticated attacker can send a specially crafted large JSON payload to the /api/webhook endpoint, causing excessive memory allocation that leads to service disruption by triggering an Out Of Memory OOM kill. The issue...