907404 matches found
RHSA-2023:7077 Red Hat Security Advisory: kernel security, bug fix, and enhancement update
Bulletin has no description...
GO-2023-1940 1Panel command injection vulnerability in Firewall ip functionality in github.com/1Panel-dev/1Panel
1Panel command injection vulnerability in Firewall ip functionality in github.com/1Panel-dev/1Panel...
GO-2024-2989 projectdiscovery/nuclei allows unsigned code template execution through workflows in github.com/projectdiscovery/nuclei
projectdiscovery/nuclei allows unsigned code template execution through workflows in github.com/projectdiscovery/nuclei...
SUSE-SU-2024:2360-1 Security update for the Linux Kernel
The SUSE Linux Enterprise 12 SP5 Azure kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2021-47103: net: sock: preserve kabi for sock bsc1221010. - CVE-2021-47191: Fix out-of-bound read in respreadcap16 bsc1222866. - CVE-2021-47267: usb: fix...
RLSA-2024:3618 Moderate: kernel update
The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: Marvin vulnerability side-channel leakage in the RSA decryption operation CVE-2023-6240 kernel: Information disclosure in vhost/vhost.c:vhostnewmsg CVE-2024-0340 kernel: untrusted VMM can...
CVE-2024-4577
In PHP versions 8.1. before 8.1.29, 8.2. before 8.2.20, 8.3. before 8.3.8, when using Apache and PHP-CGI on Windows, if the system is set up to use certain code pages, Windows may use "Best-Fit" behavior to replace characters in command line given to Win32 API functions. PHP CGI module may...
GO-2024-2875 Wiki.js Stored XSS through Client Side Template Injection in github.com/requarks/wiki
Wiki.js Stored XSS through Client Side Template Injection in github.com/requarks/wiki...
GHSA-X3WM-HFFR-CHWM Amazon JDBC Driver for Redshift SQL Injection via line comment generation
Impact SQL injection is possible when using the non-default connection property preferQueryMode=simple in combination with application code which has a vulnerable SQL that negates a parameter value. There is no vulnerability in the driver when using the default, extended query mode. Note that...
ALSA-2024:2551 Important: bind security update
The Berkeley Internet Name Domain BIND is an implementation of the Domain Name System DNS protocols. BIND includes a DNS server named; a resolver library routines for applications to use when interfacing with DNS; and tools for verifying that the DNS server is operating correctly. Security Fixes:...
CVE-2024-31446 OpenComputers Denial of Service using xpcall
OpenComputers is a Minecraft mod that adds programmable computers and robots to the game. A user can use OpenComputers to get a Computer thread stuck in the Lua VM, which eventually blocks the Server thread, requiring the server to be forcibly shut down. This can be accomplished using any device ...
ALSA-2024:1687 Important: nodejs:20 security update
Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Security Fixes: nodejs: vulnerable to timing variant of the Bleichenbacher attack against PKCS1 v1.5 padding Marvin CVE-2023-46809 nodejs: reading unprocessed HTT...
GHSA-V8VJ-CV27-HJV8 LangChain Experimental vulnerable to arbitrary code execution
langchainexperimental aka LangChain Experimental before 0.0.52, part of LangChain before 0.1.8, allows an attacker to bypass the CVE-2023-44467 fix and execute arbitrary code via the import, subclasses, builtins, globals, getattribute, bases, mro, or base attribute in Python code. These are not...
CVE-2023-38545
This flaw makes curl overflow a heap based buffer in the SOCKS5 proxy handshake. When curl is asked to pass along the host name to the SOCKS5 proxy to allow that to resolve the address instead of it getting done by curl itself, the maximum length that host name can be is 255 bytes. If the host na...
ALSA-2023:5863 Moderate: grafana security update
Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, InfluxDB & OpenTSDB. Security Fixes: grafana: golang: net/http, x/net/http2: rapid stream resets can cause excessive work CVE-2023-39325 HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS...
RSEC-2023-6 Denial of Service (DoS) vulnerability
The commonmark package, specifically in its dependency on GitHub Flavored Markdown before version 0.29.0.gfm.1, has a vulnerability related to time complexity. Parsing certain crafted markdown tables can take On n time, leading to potential Denial of Service attacks. This issue does not affect th...
CVE-2023-39523 ScanCode.io command injection in docker image fetch process
ScanCode.io is a server to script and automate software composition analysis with ScanPipe pipelines. Prior to version 32.5.1, the software has a possible command injection vulnerability in the docker fetch process as it allows to append malicious commands in the dockerreference parameter. In the...
ALSA-2023:4419 Important: openssh security update
OpenSSH is an SSH protocol implementation supported by a number of Linux, UNIX, and similar operating systems. It includes the core files necessary for both the OpenSSH client and server. Security Fixes: openssh: Remote code execution in ssh-agent PKCS11 support CVE-2023-38408 For more details...
DLA-3469-1 lua5.3 - security update
Bulletin has no description...
ALSA-2023:2758 Moderate: container-tools:rhel8 security, bug fix, and enhancement update
The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Security Fixes: golang: net/http: improper sanitization of Transfer-Encoding header CVE-2022-1705 golang: go/parser: stack exhaustion in all Parse functions CVE-2022-1962 golang:...
DSA-5372-1 rails - security update
Bulletin has no description...
ALSA-2023:0318 Moderate: postgresql-jdbc security update
PostgreSQL is an advanced object-relational database management system. The postgresql-jdbc package includes the .jar files needed for Java programs to access a PostgreSQL database. Security Fixes: postgresql: SQL Injection in ResultSet.refreshRow with malicious column names CVE-2022-31197 For mo...
CVE-2022-47629
Libksba before 1.6.3 is prone to an integer overflow vulnerability in the CRL signature parser...
DLA-3236-1 openexr - security update
Bulletin has no description...
DSA-5272-1 xen - security update
Bulletin has no description...
PYSEC-2022-270
indy-node is the server portion of Hyperledger Indy, a distributed ledger purpose-built for decentralized identity. In vulnerable versions of indy-node, an attacker can max out the number of client connections allowed by the ledger, leaving the ledger unable to be used for its intended purpose...
DSA-5205-1 samba - security update
Bulletin has no description...
DSA-5188-1 openjdk-11 - security update
Bulletin has no description...
CVE-2022-2056
Divide By Zero error in tiffcrop in libtiff 4.4.0 allows attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit f3a5e010...
GSD-2022-1001906 ext4: make mb_optimize_scan performance mount option work with extents
ext4: make mboptimizescan performance mount option work with extents This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.33 by commit...
CVE-2022-24822 Denial of Service in @podium/layout and @podium/proxy
Podium is a library for building micro frontends. @podium/layout is a module for building a Podium layout server, and @podium/proxy is a module for proxying HTTP requests from a layout server to a podlet server. In @podium/layout prior to version 4.6.110 and @podium/proxy prior to version 4.2.74,...
GHSA-XGXP-9X8P-GCW4 SQL Injection
A flaw was found in PostgreSQL versions before 13.1, before 12.5, before 11.10, before 10.15, before 9.6.20 and before 9.5.24. An attacker having permission to create non-temporary objects in at least one schema can execute arbitrary SQL functions under the identity of a superuser. The highest...
DLA-2907-1 apache2 - security update
Bulletin has no description...
PYSEC-2021-855
Incomplete string comparison in the numpy.core component in NumPy1.9.x, which allows attackers to fail the APIs via constructing specific string objects...
DSA-4982-1 apache2 - security update
Bulletin has no description...
GHSA-CCW8-7688-VQX4 HashiCorp Consul Privilege Escalation Vulnerability
HashiCorp Consul and Consul Enterprise 1.10.1 Raft RPC layer allows non-server agents with a valid certificate signed by the same CA to access server-only functionality, enabling privilege escalation. Fixed in 1.8.15, 1.9.9 and 1.10.2...
CVE-2020-15180
A flaw was found in the mysql-wsrep component of mariadb. Lack of input sanitization in wsrepsstmethod allows for command injection that can be exploited by a remote attacker to execute arbitrary commands on galera cluster nodes. This threatens the system's confidentiality, integrity, and...
CVE-2021-29447
Wordpress is an open source CMS. A user with the ability to upload files like an Author can exploit an XML parsing issue in the Media Library leading to XXE attacks. This requires WordPress installation to be using PHP 8. Access to internal files is possible in a successful XXE attack. This has...
GHSA-4QWP-7C67-JMCC Unauthenticated remote code execution in Ignition
Ignition before 2.5.2, as used in Laravel and other products, allows unauthenticated remote attackers to execute arbitrary code because of insecure usage of filegetcontents and fileputcontents. This is exploitable on sites using debug mode with Laravel before 8.4.2...
DSA-4824-1 chromium - security update
Bulletin has no description...
CVE-2020-35913
An issue was discovered in the lockapi crate before 0.4.2 for Rust. A data race can occur because of RwLockReadGuard unsoundness...
CVE-2020-35912
An issue was discovered in the lockapi crate before 0.4.2 for Rust. A data race can occur because of MappedRwLockWriteGuard unsoundness...
RLSA-2020:4751 Moderate: httpd:2.4 security, bug fix, and enhancement update
The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. The following packages have been upgraded to a later upstream version: modhttp2 1.15.7. BZ1814236 Security Fixes: httpd: memory corruption on early pushes CVE-2019-10081 httpd: read-after-free in ...
DSA-4774-1 linux - security update
Bulletin has no description...
ASB-A-150693748
In lockswakeupblocks of locks.c, there is a possible out of bounds write due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
ASB-A-135368228
In i915gemexecbuffer2ioctl of i915gemexecbuffer.c, there is a possible arbitrary kernel memory write due to a missing validation of a userspace pointer. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
DLA-1883-1 tomcat8 - security update
Bulletin has no description...
DLA-1878-1 php5 - security update
Bulletin has no description...
PYSEC-2019-194
An access-control flaw was found in the Octavia service when the cloud platform was deployed using Red Hat OpenStack Platform Director. An attacker could cause new amphorae to run based on any arbitrary image. This meant that a remote attacker could upload a new amphorae image and, if requested t...
DSA-4410-1 openjdk-8 - security update
Bulletin has no description...
DSA-4384-1 libgd2 - security update
Bulletin has no description...