EulerOS 2.0 SP9 : libssh (EulerOS-SA-2024-1197)

According to the versions of the libssh package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass...

Gitlab -- vulnerabilities

Gitlab reports: Restrict group access token creation for custom roles Project maintainers can bypass group's scan result policy blockbranchmodification setting ReDoS in CI/CD Pipeline Editor while verifying Pipeline syntax Resource exhaustion using GraphQL vulnerabilitiesCountByDay...

GitLab Security Breach

GitLab is an open source, end-to-end software development platform from GitLab, Inc. with built-in version control, issue tracking, code review, CI/CD Continuous Integration and Continuous Delivery, and other features. A security vulnerability exists in GitLab CE/EE prior to 16.8.2, prior to...

Ubuntu 16.04 ESM / 18.04 ESM : libssh vulnerabilities (USN-6592-2)

The remote Ubuntu 16.04 ESM / 18.04 ESM host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6592-2 advisory. USN-6592-1 fixed vulnerabilities in libssh. This update provides the corresponding updates for Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. Tenable...

Fedora: Security Advisory for indent (FEDORA-2024-74667e499e)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

GHSA-7F32-HM4H-W77Q github-slug-action use of `set-env` Runner commands which are processed via stdout

Impact This GitHub Action use set-env runner commands which are processed via stdout related to GHSA-mfwh-5m23-j46w Patches The following versions use the recommended Environment File Syntax. - 2.1.1 - 1.1.1 Workarounds None, it is strongly suggested that you upgrade as soon as possible. For more...

github-slug-action use of `set-env` Runner commands which are processed via stdout

Impact This GitHub Action use set-env runner commands which are processed via stdout related to GHSA-mfwh-5m23-j46w Patches The following versions use the recommended Environment File Syntax. - 2.1.1 - 1.1.1 Workarounds None, it is strongly suggested that you upgrade as soon as possible. For more...

PT-2024-40157 · Github · Github-Slug-Action

Name of the Vulnerable Software and Affected Versions: github-slug-action versions prior to 1.1.1 github-slug-action versions prior to 2.1.1 Description: The issue is related to the use of set-env runner commands processed via stdout. It is recommended to upgrade to a version that uses the...

OESA-2024-1123 libssh security update

The ssh library was designed to be used by programmers needing a working SSH implementation by the mean of a library. The complete control of the client is made by the programmer. With libssh, you can remotely execute programs, transfer files, use a secure and transparent tunnel for your remote...

[SECURITY] Fedora 38 Update: indent-2.2.13-5.fc38

Indent is a GNU program for beautifying C code, so that it is easier to read. Indent can also convert from one C writing style to a different one. Indent understands correct C syntax and tries to handle incorrect C syntax. Install the indent package if you are developing applications in C and you...

The vulnerability of the Delta Industrial Automation DOPSoft software for designing human-machine interfaces lies in buffer overflows in the stack. This allows an attacker to execute arbitrary code.

The vulnerability of the Delta Industrial Automation DOPSoft software for designing human-machine interfaces is related to buffer overflows in the stack during syntax analysis of the wLogTitlesPrevValueLen field. Exploitation of this vulnerability could allow a malicious actor to execute arbitrar...

Fedora: Security Advisory (FEDORA-2024-bfd13103eb)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

The vulnerability of the Delta Industrial Automation DOPSoft software for designing human-machine interfaces lies in the copying of buffers without checking the size of the input data. This allows a malicious actor to execute arbitrary code.

The vulnerability of the Delta Industrial Automation DOPSoft software for designing human-machine interfaces lies in the copying of buffers without checking the size of input data during syntax analysis of the wKPFStringLen field. Exploiting this vulnerability allows a malicious actor to execute...

The vulnerability of the Delta Industrial Automation DOPSoft software for designing human-machine interfaces lies in buffer overflows in the stack. This allows an attacker to execute arbitrary code.

The vulnerability of the Delta Industrial Automation DOPSoft software for designing human-machine interfaces is related to buffer overflows in the stack during syntax analysis of the wTitleTextLen field. Exploitation of this vulnerability could allow a malicious actor to execute arbitrary code...

Ubuntu 20.04 LTS / 22.04 LTS / 23.04 / 23.10 : libssh vulnerabilities (USN-6592-1)

The remote Ubuntu 20.04 LTS / 22.04 LTS / 23.04 / 23.10 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6592-1 advisory. It was discovered that libssh incorrectly handled the ProxyCommand and the ProxyJump features. A remote attacker could possib...

The vulnerability of the Packet Forwarding Engine (PFE) in Juniper Networks’ Junos operating system, which allows a attacker to trigger a service failure.

The vulnerability of the packet forwarding engine PFE in Juniper Networks’ Junos operating system is related to improper validation of syntax correctness in input data. Exploiting this vulnerability allows a remote attacker to cause service interruptions...

The vulnerability of the Object Flooding Protocol service in Juniper Networks’ Junos OS Evolved operating systems allows a attacker to cause a service failure.

The vulnerability of the Object Flooding Protocol OFP in Juniper Networks’ Junos OS Evolved operating systems is related to improper handling of syntactically incorrect structures. Exploiting this vulnerability can allow a malicious actor to cause service failures by sending specially crafted TCP...

The vulnerability of the Packet Forwarding Engine (PFE) module in JunOS operating systems for MX and SRX routers allows a hacker to cause a service failure.

The vulnerability of the Packet Forwarding Engine PFE module in JunOS operating systems for MX and SRX series routers is related to errors in syntax validation during the processing of SIP packets. Exploiting this vulnerability can allow a malicious actor to cause service failures...

OESA-2024-1044 libssh security update

The ssh library was designed to be used by programmers needing a working SSH implementation by the mean of a library. The complete control of the client is made by the programmer. With libssh, you can remotely execute programs, transfer files, use a secure and transparent tunnel for your remote...

OESA-2024-1040 libssh security update

The ssh library was designed to be used by programmers needing a working SSH implementation by the mean of a library. The complete control of the client is made by the programmer. With libssh, you can remotely execute programs, transfer files, use a secure and transparent tunnel for your remote...