RHSA-2021:2104 Red Hat Security Advisory: rh-ruby25-ruby security, bug fix, and enhancement update

Bulletin has no description...

RHSA-2021:1184 Red Hat Security Advisory: RHV RHEL Host (ovirt-host) 4.4.z [ovirt-4.4.5] security, bug fix, enhancement

Bulletin has no description...

RHSA-2020:5325 Red Hat Security Advisory: Red Hat Ceph Storage 4.1 security and bug fix update

Bulletin has no description...

RHSA-2017:1859 Red Hat Security Advisory: golang security, bug fix, and enhancement update

Bulletin has no description...

RHSA-2016:2592 Red Hat Security Advisory: subscription-manager security, bug fix, and enhancement update

Bulletin has no description...

RHSA-2017:3392 Red Hat Security Advisory: java-1.7.0-openjdk security and bug fix update

Bulletin has no description...

RHSA-2013:1076 Red Hat Security Advisory: rhev-hypervisor6 security and bug fix update

Bulletin has no description...

RHSA-2009:1540 Red Hat Security Advisory: kernel-rt security, bug fix, and enhancement update

Bulletin has no description...

RHSA-2010:0758 Red Hat Security Advisory: kernel-rt security and bug fix update

Bulletin has no description...

CVE-2024-45593 Nix affected by unsafe NAR unpacking

Nix is a package manager for Linux and other Unix systems. A bug in Nix 2.24 prior to 2.24.6 allows a substituter or malicious user to craft a NAR that, when unpacked by Nix, causes Nix to write to arbitrary file system locations to which the Nix process has access. This will be with root...

CVE-2024-44999

In the Linux kernel, the following vulnerability has been resolved: gtp: pull network headers in gtpdevxmit syzbot/KMSAN reported use of uninit-value in getdevxmit 1 We must make sure the IPv4 or Ipv6 header is pulled in skb-head before accessing fields in them. Use pskbinetmaypull to fix this...

Oracle DB SQL Injection Via SYS.DBMS_METADATA.GET_GRANTED_XML

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Oracle DB SQL Injection via SYS.DBMSMETADATA.GETGRANTEDXML', 'Description' = %q This module will escalate an Oracle DB user to DBA by exploiting ...

CVE-2024-34739

In shouldRestrictOverlayActivities of UsbProfileGroupSettingsManager.java, there is a possible escape from SUW due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation...

Exploit for Deserialization of Untrusted Data in Clear Clearml

Clearml-CVE-2024-24590 CVE-2024-24590 is a vulnerability that...

CVE-2024-39844

In ZNC before 1.9.1, remote code execution can occur in modtcl via a KICK...

Exploit for Unrestricted Upload of File with Dangerous Type in Likeshop

Badges !MIT Licensehttps://img.shields.io/badge/Licens...

GHSA-V994-F8VW-G7J4 `docker cp` allows unexpected chmod of host files in Moby Docker Engine

Impact A bug was found in Moby Docker Engine where attempting to copy files using docker cp into a specially-crafted container can result in Unix file permission changes for existing files in the host’s filesystem, widening access to others. This bug does not directly allow files to be read,...

`docker cp` allows unexpected chmod of host files in Moby Docker Engine

Impact A bug was found in Moby Docker Engine where attempting to copy files using docker cp into a specially-crafted container can result in Unix file permission changes for existing files in the host’s filesystem, widening access to others. This bug does not directly allow files to be read,...

Exploit for Path Traversal in Oracle Weblogic_Server

Badges !MIT Licensehttps://img.shields.io/badge/Licens...

Exploit for Missing Authorization in Myeventon Eventon

Badges !MIT Licensehttps://img.shields.io/badge/Licens...