HIGH risk vulnerability in libndp – CVE-2024-5564
There is a HIGH-risk vulnerability CVE-2024-5564 in libndp. This flaw allows a local malicious user to cause a buffer overflow in NetworkManager, triggered by sending a malformed IPv6 router advertisement packet. Further information on this vulnerability can be found...
HIGH risk OpenSSH vulnerability – CVE-2024-6387
OpenSSH has a high-risk vulnerability, allowing an Unauthenticated Remote Code Execution due to a race condition in signal handling. The vulnerability only affects RHEL9 and derivates. Check our SVG Advisory to learn more about this vulnerability.
HIGH risk OpenStack arbitrary file access vulnerability
A vulnerability CVE-2024-32498 has been found in QCOW2 image processing for Cinder, Glance and Nova. By supplying a specially created QCOW2 image which references a specific data file path, an authenticated user may convince systems to return a copy of that file...
Docker and API security
Many sites use Docker for development or to provide automated deployment of software or containers via Gitlab runners or similar solutions. In the past weeks have seen some incidents related to Docker API misconfiguration and would like to address the security...
Slurm vulnerability in switch/hpe_slingshot and switch/nvidia_imex plugins
It has been reported that there is a vulnerability in the Slurm interconnect plugin switch/hpe_slingshot, which leverages the capabilities of Slingshot interconnect. There is a problem with isolating the communication from other channels. Same issue with...
Apptainer github/containers/image Vulnerability CVE-2024-3727
A flaw was found in the github.com/containers/image library. This flaw allows attackers to trigger unexpected authenticated registry accesses on behalf of a victim user, causing resource exhaustion, local path traversal, and other attacks. For further details, please...
