908720 matches found
DLA-818-1 php5 - security update
Bulletin has no description...
DLA-522-1 python2.7 - security update
Bulletin has no description...
DSA-3566-1 openssl - security update
Bulletin has no description...
DSA-3142-1 eglibc - security update
Bulletin has no description...
DEBIAN-CVE-2022-49542
In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Move cfglogverbose check before calling lpfcdmpdbg In an attempt to log message 0126 with LOGTRACEEVENT, the following hard lockup call trace hangs the system. Call Trace: rawspinlockirqsave+0x32/0x40...
CGA-G8R9-VV23-F4JF
Bulletin has no description...
MGASA-2024-0344 Updated kernel-linus packages fix security vulnerabilities
Vanilla upstream kernel version 6.6.58 fixes bugs and vulnerabilities. For information about the vulnerabilities see the links...
RHSA-2024:1141 Red Hat Security Advisory: mysql security update
Bulletin has no description...
RHSA-2018:0279 Red Hat Security Advisory: rh-mariadb100-mariadb security update
Bulletin has no description...
CVE-2024-40898
SSRF in Apache HTTP Server on Windows with modrewrite in server/vhost context, allows to potentially leak NTML hashes to a malicious server via SSRF and malicious requests. Users are recommended to upgrade to version 2.4.62 which fixes this issue...
GHSA-6JJ6-GM7P-FCVV Remote Code Execution (RCE) vulnerability in geoserver
Summary Multiple OGC request parameters allow Remote Code Execution RCE by unauthenticated users through specially crafted input against a default GeoServer installation due to unsafely evaluating property names as XPath expressions. Details The GeoTools library API that GeoServer calls evaluates...
CGA-C49Q-4CQQ-XWX4
Bulletin has no description...
BIT-GITLAB-2021-39890
It was possible to bypass 2FA for LDAP users and access some specific pages with Basic Authentication in GitLab 14.1.1 and above...
BIT-TOMCAT-2023-46589 Apache Tomcat: HTTP request smuggling via malformed trailer headers
Improper Input Validation vulnerability in Apache Tomcat.Tomcat from 11.0.0 through 11.0.0, from 10.1.0 through 10.1.15, from 9.0.0 through 9.0.82 and from 8.5.0 through 8.5.95 did not correctly parse HTTP trailer headers. A trailer header that exceeded the header size limit could cause Tomcat to...
GO-2023-2394 Spoofed source IP address in github.com/shift72/caddy-geo-ip
The caddy-geo-ip aka GeoIP middleware for Caddy 2 allows attackers to spoof their source IP address via an X-Forwarded-For header, which may bypass a protection mechanism trustedproxy directive in reverseproxy or IP address range restrictions...
CVE-2023-2861
A flaw was found in the 9p passthrough filesystem 9pfs implementation in QEMU. The 9pfs server did not prohibit opening special files on the host side, potentially allowing a malicious client to escape from the exported 9p tree by creating and opening a device file in the shared folder...
GHSA-62PR-QQF7-HH89 XWiki Platform vulnerable to remote code execution through the section parameter in Administration as guest
Impact XWiki doesn't properly escape the section URL parameter that is used in the code for displaying administration sections. This allows any user with read access to the document XWiki.AdminSheet by default, everyone including unauthenticated users to execute code including Groovy code. This...
GHSA-M425-MQ94-257G gRPC-Go HTTP/2 Rapid Reset vulnerability
Impact In affected releases of gRPC-Go, it is possible for an attacker to send HTTP/2 requests, cancel them, and send subsequent requests, which is valid by the HTTP/2 protocol, but would cause the gRPC-Go server to launch more concurrent method handlers than the configured maximum stream limit...
CVE-2023-38545
This flaw makes curl overflow a heap based buffer in the SOCKS5 proxy handshake. When curl is asked to pass along the host name to the SOCKS5 proxy to allow that to resolve the address instead of it getting done by curl itself, the maximum length that host name can be is 255 bytes. If the host na...
CVE-2023-44487
The HTTP/2 protocol allows a denial of service server resource consumption because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023...
RSEC-2023-7 Denial of Service (DoS) and Arbitrary Code Execution (ACE) vulnerabilities
cmark-gfm, GitHub's extended CommonMark library, has multiple vulnerabilities. Versions prior to 0.29.0.gfm.6 suffer from a polynomial time complexity issue in the autolink extension, causing denial of service. Also, versions before 0.29.0.gfm.3 and 0.28.3.gfm.21 contain an integer overflow in...
RSEC-2023-5 Infinite loop, memory leak, and heap-based buffer over-read vulnerabilities
The haven R package is exposed to multiple vulnerabilities due to issues in its underlying ReadStat library. The specific flaws include an infinite loop condition, a memory leak associated with an iconvopen call, and a heap-based buffer over-read via an unterminated string. Exploitation of these...
PYSEC-2023-179
This affects versions of the package pydash before 6.0.0. A number of pydash methods such as pydash.objects.invoke and pydash.collections.invokemap accept dotted paths Deep Path Strings to target a nested Python object, relative to the original source object. These paths can be used to target...
DLA-3555-1 php7.3 - security update
Bulletin has no description...
GHSA-V86X-5FM3-5P7J Alertmanager UI is vulnerable to stored XSS via the /api/v1/alerts endpoint
Impact An attacker with the permission to perform POST requests on the /api/v1/alerts endpoint could be able to execute arbitrary JavaScript code on the users of Prometheus Alertmanager. Patches Users can upgrade to Alertmanager v0.2.51. Workarounds Users can setup a reverse proxy in front of the...
CVE-2022-41804
Unauthorized error injection in IntelR SGX or IntelR TDX for some IntelR XeonR Processors may allow a privileged user to potentially enable escalation of privilege via local access...
ALSA-2023:4419 Important: openssh security update
OpenSSH is an SSH protocol implementation supported by a number of Linux, UNIX, and similar operating systems. It includes the core files necessary for both the OpenSSH client and server. Security Fixes: openssh: Remote code execution in ssh-agent PKCS11 support CVE-2023-38408 For more details...
PYSEC-2023-113
Products.CMFCore are the key framework services for the Zope Content Management Framework CMF. The use of Python's marshal module to handle unchecked input in a public method on PortalFolder objects can lead to an unauthenticated denial of service and crash situation. The code in question is...
PYSEC-2023-90
Gradio is an open-source Python library that is used to build machine learning and data science. Due to a lack of path filtering Gradio does not properly restrict file access to users. Additionally Gradio does not properly restrict the what URLs are proxied. These issues have been addressed in...
GHSA-2CCF-FFRJ-M4QW CSRF token fixation in fastify-passport
The CSRF protection enforced by the @fastify/csrf-protection library, when combined with @fastify/passport, can be bypassed by network and same-site attackers. Details fastify/csrf-protection implements the synchronizer token pattern using plugins @fastify/session and @fastify/secure-session by...
DSA-5372-1 rails - security update
Bulletin has no description...
GO-2022-1118 Improper validation of UUIDs in github.com/codenotary/immudb
A malicious server can trick a client into treating it as a different server by changing the reported UUID. immudb client SDKs use the server's UUID to distinguish between different server instance so that the client can connect to different immudb instances and keep the state for multiple server...
CVE-2022-47629
Libksba before 1.6.3 is prone to an integer overflow vulnerability in the CRL signature parser...
GHSA-7GPW-FRPH-FWRG TYPO3-EXT-SA-2022-018: Multiple vulnerabilities in extension "Master-Quiz" (fp_masterquiz)
An issue was discovered in the fpmasterquiz aka Master-Quiz extension before 2.2.1, and 3.x before 3.5.1, for TYPO3. An attacker can continue the quiz of a different user. In doing so, the attacker can view that user's answers and modify those answers...
DLA-3236-1 openexr - security update
Bulletin has no description...
CVE-2022-41946 TemporaryFolder on unix-like systems does not limit access to created files in pgjdbc
pgjdbc is an open source postgresql JDBC Driver. In affected versions a prepared statement using either PreparedStatement.setTextint, InputStream or PreparedStatemet.setByteaint, InputStream will create a temporary file if the InputStream is larger than 2k. This will create a temporary file which...
DSA-5272-1 xen - security update
Bulletin has no description...
PYSEC-2022-270
indy-node is the server portion of Hyperledger Indy, a distributed ledger purpose-built for decentralized identity. In vulnerable versions of indy-node, an attacker can max out the number of client connections allowed by the ledger, leaving the ledger unable to be used for its intended purpose...
DSA-5207-1 linux - security update
Bulletin has no description...
DSA-5188-1 openjdk-11 - security update
Bulletin has no description...
PYSEC-2022-207
An issue was discovered in Couchbase Sync Gateway 3.x before 3.0.2. Admin credentials are not verified when using X.509 client-certificate authentication from Sync Gateway to Couchbase Server. When Sync Gateway is configured to authenticate with Couchbase Server using X.509 client certificates, t...
GHSA-7PXG-6P87-8C9V Magento 2 Community Edition RCE via Unsafe File Upload
Magento versions 2.4.0 and 2.3.5p1 and earlier are affected by an unsafe file upload vulnerability that could result in arbitrary code execution. This vulnerability could be abused by authenticated users with administrative permissions to the System/Data and Transfer/Import components...
GO-2021-0412 Incorrect authorization in github.com/containerd/imgcrypt
The imgcrypt library provides API extensions for containerd to support encrypted container images and implements the ctd-decoder command line tool for use by containerd to decrypt encrypted container images. The imgcrypt function CheckAuthorization is supposed to check whether the current used is...
GHSA-X4JG-MJRX-434G Improper Verification of Cryptographic Signature in node-forge
Impact RSA PKCS1 v1.5 signature verification code does not check for tailing garbage bytes after decoding a DigestInfo ASN.1 structure. This can allow padding bytes to be removed and garbage data added to forge a signature when a low public exponent is being used. Patches The issue has been...
DSA-5092-1 linux - security update
Bulletin has no description...
ASB-A-193149550
In NotificationStackScrollLayout of NotificationStackScrollLayout.java, there is a possible way to bypass Factory Reset Protections. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
GHSA-WF43-55JJ-VWQ8 DNS Rebinding in etcd
DNS rebinding vulnerability found in etcd 3.3.1 and earlier. An attacker can control his DNS records to direct to localhost, and trick the browser into sending requests to localhost or any other address...
GHSA-H5RH-W6VM-9GHC Denial of service in Grafana
The snapshot feature in Grafana before 7.4.2 can allow an unauthenticated remote attackers to trigger a Denial of Service via a remote API call if a commonly used configuration is set. Specific Go Packages Affected github.com/grafana/grafana/pkg/middleware...
GHSA-XGXP-9X8P-GCW4 SQL Injection
A flaw was found in PostgreSQL versions before 13.1, before 12.5, before 11.10, before 10.15, before 9.6.20 and before 9.5.24. An attacker having permission to create non-temporary objects in at least one schema can execute arbitrary SQL functions under the identity of a superuser. The highest...
DLA-2907-1 apache2 - security update
Bulletin has no description...