Security
Headlines
HeadlinesLatestCVEs

Tag

#linux

CVE-2022-44643: Downloads | Grafana Enterprise Metrics documentation

A vulnerability in the label-based access control of Grafana Labs Grafana Enterprise Metrics allows an attacker more access than intended. If an access policy which has label selector restrictions also has been granted access to all tenants in the system, the label selector restrictions will not be applied when using this policy with the affected versions of the software. This issue affects: Grafana Labs Grafana Enterprise Metrics GEM 1.X versions prior to 1.7.1 on AMD64; GEM 2.X versions prior to 2.3.1 on AMD64.

CVE
#vulnerability#web#google#linux#redis#memcached#js#kubernetes#intel#perl#aws#amd#oauth#auth#rpm#docker#ssl
CVE-2022-45942: baijiacmsV4 后台RCE | This_is_Y

A Remote Code Execution (RCE) vulnerability was found in includes/baijiacms/common.inc.php in baijiacms v4.

Are 100% Security Guarantees Possible?

Large vendors are commoditizing capabilities that claim to provide absolute security guarantees backed up by formal verification. How significant are these promises?

CVE-2022-44940: Fix Out-of-bounds read in the function modifyRPath by xiaoxiaoafeifei · Pull Request #419 · NixOS/patchelf

Patchelf v0.9 was discovered to contain an out-of-bounds read via the function modifyRPath at src/patchelf.cc.

Gentoo Linux Security Advisory 202212-03

Gentoo Linux Security Advisory 202212-3 - Multiple vulnerabilities have been discovered in Oracle Virtualbox, the worst of which could result in privilege escalation from a guest to the host. Versions less than 6.1.40 are affected.

Gentoo Linux Security Advisory 202212-05

Gentoo Linux Security Advisory 202212-5 - Multiple vulnerabilities have been discovered in NSS, the worst of which could result in arbitrary code execution. Versions less than 3.79.2 are affected.

Gentoo Linux Security Advisory 202212-01

Gentoo Linux Security Advisory 202212-1 - Multiple vulnerabilities have been found in curl, the worst of which could result in arbitrary code execution. Versions less than 7.86.0 are affected.

Gentoo Linux Security Advisory 202212-04

Gentoo Linux Security Advisory 202212-4 - A vulnerability has been discovered in LibreOffice which could result in arbitrary script execution via crafted links. Versions less than 7.3.6.2 are affected.

Gentoo Linux Security Advisory 202212-02

Gentoo Linux Security Advisory 202212-2 - Multiple vulnerabilities have been discovered in Unbound, the worst of which could result in denial of service. Versions less than 1.16.3 are affected.

Debian Security Advisory 5303-1

Debian Linux Security Advisory 5303-1 - Multiple security issues were discovered in Thunderbird, which could result in the execution of arbitrary code or information disclosure.