Important: Red Hat Security Advisory: Red Hat Hardened Images RPMs bug fix and enhancement update

An update for Red Hat Hardened Images RPMs is now available. This update includes the following RPMs: gnutls: gnutls-3.8.12-1.1.hum1 aarch64, x8664 gnutls-c++-3.8.12-1.1.hum1 aarch64, x8664 gnutls-dane-3.8.12-1.1.hum1 aarch64, x8664 gnutls-devel-3.8.12-1.1.hum1 aarch64, x8664...

EUVD-2022-1501

Malicious code in bioql PyPI...

CVE-2023-6803

A race condition in GitHub Enterprise Server allows an outside collaborator to be added while a repository is being transferred. This vulnerability affected all versions of GitHub Enterprise Server since 3.8 and was fixed in version 3.8.12, 3.9.7, 3.10.4, and 3.11.1...

Path traversal

A path traversal vulnerability was identified in GitHub Enterprise Server that allowed arbitrary file reading when building a GitHub Pages site. To exploit this vulnerability, an attacker would need permission to create and build a GitHub Pages site on the GitHub Enterprise Server instance. This...

Improper access control

Improper access control in all versions of GitHub Enterprise Server allows unauthorized users to view private repository names via the "Get a check run" API endpoint. This vulnerability did not allow unauthorized access to any repository content besides the name. This vulnerability affected GitHu...

CVE-2023-6690

A race condition in GitHub Enterprise Server allowed an existing admin to maintain permissions on transferred repositories by making a GraphQL mutation to alter repository permissions during the transfer. This vulnerability affected GitHub Enterprise Server version 3.8.0 and above and was fixed i...

PT-2023-32741 · Github · Github Enterprise Server

Name of the Vulnerable Software and Affected Versions: GitHub Enterprise Server versions 3.8.0 through 3.8.11 GitHub Enterprise Server versions 3.9.0 through 3.9.6 GitHub Enterprise Server versions 3.10.0 through 3.10.3 GitHub Enterprise Server versions 3.11.0 Description: A race condition in...

PT-2023-30139 · Github · Github Enterprise Server

Name of the Vulnerable Software and Affected Versions: GitHub Enterprise Server versions 3.8 through 3.8.11 GitHub Enterprise Server versions 3.9 through 3.9.6 GitHub Enterprise Server versions 3.10 through 3.10.3 GitHub Enterprise Server versions 3.11 through 3.11.0 Description: An insufficient...

GitHub: Bypassing Collaborator Restrictions: Retaining Admin Access Post-Repository Transfer

A race condition was discovered in GitHub Enterprise Server that allowed an outside collaborator to be added while a repository was being transferred. This vulnerability affected all versions of GitHub Enterprise Server since 3.8 and was addressed in version 3.8.12, 3.9.7, 3.10.4, and 3.11.1...

CVE-2023-25478

Cross-Site Request Forgery CSRF vulnerability in Jason Rouet Weather Station plugin = 3.8.12 versions...

CVE-2011-2085

Multiple cross-site request forgery CSRF vulnerabilities in Best Practical Solutions RT before 3.8.12 and 4.x before 4.0.6 allow remote attackers to hijack the authentication of arbitrary users...

[SECURITY] Fedora 16 Update: rt3-3.8.12-1.fc16

RT is an enterprise-grade ticketing system which enables a group of people to intelligently and efficiently manage tasks, issues, and requests submitt ed by a community of users...