771 matches found
GSD-2022-1004116 iavf: Fix handling of dummy receive descriptors
iavf: Fix handling of dummy receive descriptors This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.18.15 by commit...
[SECURITY] Fedora 36 Update: reposurgeon-4.32-3.fc36
Reposurgeon enables risky operations that version-control systems don't want to let you do, such as editing past comments and metadata and removing commits. It works with any version control system that can export and import git fast-import streams, including git, hg, fossil, bzr, CVS and RCS. It...
br.com.ingenieux.jenkins.plugins:codecommit-url-helper (=0.0.1), com.amcbridge:build-configurator (>=1.0.5.0 <=1.0.6.1) +92 more potentially affected by CVE-2022-36882 via org.jenkins-ci.plugins:git (>=1.2.0 <=4.0.0-rc)
org.jenkins-ci.plugins:git MAVEN version =1.2.0, =1.0.5.0, =1.1.0, =1.9.2-beta, =1.9, =4.0.9, =1.1.0, =1.0.0, =1.0.1, =1.1.3, =1.7.2, =1.1.0, =1.0.0, =1.0.22, =1.0.57 and more Source cves: CVE-2022-36882 Source advisory: OSV:GHSA-8XWJ-2WGH-GPRH...
Fedora: Security Advisory for reposurgeon (FEDORA-2022-3e1ade35db)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] Fedora 35 Update: reposurgeon-4.31-2.fc35
Reposurgeon enables risky operations that version-control systems don't want to let you do, such as editing past comments and metadata and removing commits. It works with any version control system that can export and import git fast-import streams, including git, hg, fossil, bzr, CVS and RCS. It...
Fedora: Security Advisory for subversion (FEDORA-2022-2af658b090)
The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Fedora: Security Advisory for subversion (FEDORA-2022-13cc09ecf2)
The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
[SECURITY] Fedora 35 Update: subversion-1.14.2-5.fc35
Subversion is a concurrent version control system which enables one or more users to collaborate in developing and maintaining a hierarchy of files and directories while keeping a history of all changes. Subversion only stores the differences between versions, instead of every complete file...
[SECURITY] Fedora 36 Update: subversion-1.14.2-5.fc36
Subversion is a concurrent version control system which enables one or more users to collaborate in developing and maintaining a hierarchy of files and directories while keeping a history of all changes. Subversion only stores the differences between versions, instead of every complete file...
[SECURITY] Fedora 36 Update: reposurgeon-4.32-2.fc36
Reposurgeon enables risky operations that version-control systems don't want to let you do, such as editing past comments and metadata and removing commits. It works with any version control system that can export and import git fast-import streams, including git, hg, fossil, bzr, CVS and RCS. It...
U.S. Dept Of Defense: Exposed GIT repo on ██████████[HtUS]
Vulnerability description not provided...
GSD-2022-1002661 lkdtm/bugs: Check for the NULL pointer after calling kmalloc
lkdtm/bugs: Check for the NULL pointer after calling kmalloc This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.18.4 by commit...
HPE Version Control Repository Manager Elevation of Privilege Vulnerability
HPE Version Control Repository Manager is a version control repository manager from Wise and Technology HPE. An elevation of privilege vulnerability exists in HPE Version Control Repository Manager versions prior to 7.6.14.0, which stems from an incorrectly programmed call to an advanced local...
Design/Logic Flaw
The Security Team noticed that the termination condition of the for loop in the readExternal method is a controllable variable, which, if tampered with, may lead to CPU exhaustion. As a fix, we added an upper bound and termination condition in the read and write logic. We classify it as a...
parse-url 信息泄露漏洞
parse-url is an advanced url parser with git url support. An information disclosure vulnerability exists in versions of parse-url prior to 7.0.0, which can be exploited by attackers to expose sensitive information to unauthorized participants...
CVE-2022-28619
A potential security vulnerability has been identified in the installer of HPE Version Control Repository Manager. The vulnerability could allow local escalation of privilege. HPE has made the following software update to resolve the vulnerability in HPE Version Control Repository Manager install...
CVE-2022-28619
A potential security vulnerability has been identified in the installer of HPE Version Control Repository Manager. The vulnerability could allow local escalation of privilege. HPE has made the following software update to resolve the vulnerability in HPE Version Control Repository Manager install...
CVE-2022-28619
A potential security vulnerability has been identified in the installer of HPE Version Control Repository Manager. The vulnerability could allow local escalation of privilege. HPE has made the following software update to resolve the vulnerability in HPE Version Control Repository Manager install...
CVE-2022-28619
A potential security vulnerability has been identified in the installer of HPE Version Control Repository Manager. The vulnerability could allow local escalation of privilege. HPE has made the following software update to resolve the vulnerability in HPE Version Control Repository Manager install...
CVE-2022-28619
The CVE-2022-28619 issue affects the HPE Version Control Repository Manager installer. Affected component: the VCRM installer (version 7.6.14.0 fixes the vulnerability). Root cause: an incorrectly programmed call to an advanced local procedure leads to an elevation of privilege. Impact: local esc...