redhat/ansible_engine Vulnerability Summary Vendor name: redhat Product name: ansible_engine Total vulnerabilities: 26 (as 2023-05-04) redhat/ansible_engine Vulnerability List CVE-2021-3583: A flaw was found in Ansible, where a user’s controller is vulnerable to template injection. This… Published: 2021-09-22T12:15:00 Last Modified: 2021-10-05T16:12:00 Summary A flaw was found in Ansible, where a user’s controller is vulnerable to template injection. This issue can occur through facts used in the template if the user is trying to put templates in multi-line YAML strings and the facts being handled do not routinely include special template characters.

redhat/ansible_tower Vulnerability Summary Vendor name: redhat Product name: ansible_tower Total vulnerabilities: 65 (as 2023-05-04) redhat/ansible_tower Vulnerability List CVE-2021-3583: A flaw was found in Ansible, where a user’s controller is vulnerable to template injection. This… Published: 2021-09-22T12:15:00 Last Modified: 2021-10-05T16:12:00 Summary A flaw was found in Ansible, where a user’s controller is vulnerable to template injection. This issue can occur through facts used in the template if the user is trying to put templates in multi-line YAML strings and the facts being handled do not routinely include special template characters.

redhat/ansible Vulnerability Summary Vendor name: redhat Product name: ansible Total vulnerabilities: 105 (as 2023-05-04) redhat/ansible Vulnerability List CVE-2021-3583: A flaw was found in Ansible, where a user’s controller is vulnerable to template injection. This… Published: 2021-09-22T12:15:00 Last Modified: 2021-10-05T16:12:00 Summary A flaw was found in Ansible, where a user’s controller is vulnerable to template injection. This issue can occur through facts used in the template if the user is trying to put templates in multi-line YAML strings and the facts being handled do not routinely include special template characters.

redhat/enterprise_linux Vulnerability Summary Vendor name: redhat Product name: enterprise_linux Total vulnerabilities: 2390 (as 2023-05-04) redhat/enterprise_linux Vulnerability List CVE-2022-0487: A use-after-free vulnerability was found in rtsx_usb_ms_drv_remove in… Published: 2022-02-04T23:15:00 Last Modified: 2022-02-09T20:00:00 Summary A use-after-free vulnerability was found in rtsx_usb_ms_drv_remove in drivers/memstick/host/rtsx_usb_ms.c in memstick in the Linux kernel. In this flaw, a local attacker with a user privilege may impact system Confidentiality. This flaw affects kernel versions prior to 5.14 rc1.

redhat/etcd Vulnerability Summary Vendor name: redhat Product name: etcd Total vulnerabilities: 6 (as 2023-05-04) redhat/etcd Vulnerability List CVE-2020-15114: In etcd before versions 3.3.23 and 3.4.10, the etcd gateway is a simple TCP proxy to allow for… Published: 2020-08-06T23:15:00 Last Modified: 2021-11-18T18:31:00 Summary In etcd before versions 3.3.23 and 3.4.10, the etcd gateway is a simple TCP proxy to allow for basic service discovery and access. However, it is possible to include the gateway address as an endpoint.

redhat/fedora_core Vulnerability Summary Vendor name: redhat Product name: fedora_core Total vulnerabilities: 83 (as 2023-05-04) redhat/fedora_core Vulnerability List CVE-2008-2944: Double free vulnerability in the utrace support in the Linux kernel, probably 2.6.18, in Red Hat… Published: 2008-06-30T21:41:00 Last Modified: 2022-02-07T19:50:00 Summary Double free vulnerability in the utrace support in the Linux kernel, probably 2.6.18, in Red Hat Enterprise Linux (RHEL) 5 and Fedora Core 6 (FC6) allows local users to cause a denial of service (oops), as demonstrated by a crash when running the GNU GDB testsuite, a different vulnerability than CVE-2008-2365.

redhat/fedora Vulnerability Summary Vendor name: redhat Product name: fedora Total vulnerabilities: 526 (as 2023-05-04) redhat/fedora Vulnerability List CVE-2021-45417: AIDE before 0.17.4 allows local users to obtain root privileges via crafted file metadata (such… Published: 2022-01-20T18:15:00 Last Modified: 2022-01-26T19:49:00 Summary AIDE before 0.17.4 allows local users to obtain root privileges via crafted file metadata (such as XFS extended attributes or tmpfs ACLs), because of a heap-based buffer overflow. Common Weakness Enumeration (CWE): CWE-787: Out-of-bounds Write CWE Description: The software writes data past the end, or before the beginning, of the intended buffer.

redhat/openssl Vulnerability Summary Vendor name: redhat Product name: openssl Total vulnerabilities: 28 (as 2023-05-04) redhat/openssl Vulnerability List CVE-2018-16395: An issue was discovered in the OpenSSL library in Ruby before 2.3.8, 2.4.x before 2.4.5, 2.5.x… Published: 2018-11-16T18:29:00 Last Modified: 2019-10-03T00:03:00 Summary An issue was discovered in the OpenSSL library in Ruby before 2.3.8, 2.4.x before 2.4.5, 2.5.x before 2.5.2, and 2.6.x before 2.6.0-preview3. When two OpenSSL::X509::Name objects are compared using ==, depending on the ordering, non-equal objects may return true.

ruby-lang/openssl Vulnerability Summary Vendor name: ruby-lang Product name: openssl Total vulnerabilities: 2 (as 2023-05-04) ruby-lang/openssl Vulnerability List CVE-2018-16395: An issue was discovered in the OpenSSL library in Ruby before 2.3.8, 2.4.x before 2.4.5, 2.5.x… Published: 2018-11-16T18:29:00 Last Modified: 2019-10-03T00:03:00 Summary An issue was discovered in the OpenSSL library in Ruby before 2.3.8, 2.4.x before 2.4.5, 2.5.x before 2.5.2, and 2.6.x before 2.6.0-preview3. When two OpenSSL::X509::Name objects are compared using ==, depending on the ordering, non-equal objects may return true.

All the Common Weakness Enumeration (CWE) list in a single page. CWE is a catalog of vulnerabilities found in both software and hardware, created by the community. Its purpose is to provide a standardized vocabulary, establish a benchmark for security tools, and serve as a foundation for identifying, mitigating, and preventing weaknesses. CWE-2: 7PK - Environment Status: Draft Weakness Abstractions: Category This category has been deprecated. It was originally used for organizing weaknesses involving file names, which enabled access to files outside of a restricted directory (path traversal) or to perform operations on files that would otherwise be restricted (path equivalence).

The latest CVE Vulnerability list for popular products auth0 auth0/auth0 apache apache/http_server apache/hadoop apache/harmony apache/groovy apache/activemq apache/apr apache/apr-util apache/maven apache/log4j apache/log4net apache/lucene apache/mod_fcgid apache/mod_imap apache/mod_jk apache/mod_perl apache/mod_python apache/rocketmq apache/sentry apache/tomcat apache/xerces-c apache/zookeeper apache/hbase apache/hive apache-ssl apache-ssl/apache-ssl lua-openssl_project lua-openssl_project/lua-openssl nginx nginx/nginx node-openssl_project node-openssl_project/node-openssl openssl_project openssl_project/openssl openssl openssl/openssl pyopenssl_project pyopenssl_project/pyopenssl pyopenssl pyopenssl/pyopenssl redhat redhat/amq redhat/amq_online redhat/ansible redhat/ansible_engine redhat/ansible_tower redhat/enterprise_linux redhat/etcd redhat/fedora redhat/fedora_core redhat/openssl ruby-lang ruby-lang/openssl

The latest CVE Vulnerability list for popular products of apache apache/http_server apache/hadoop apache/harmony apache/groovy apache/activemq apache/apr apache/apr-util apache/maven apache/log4j apache/log4net apache/lucene apache/mod_fcgid apache/mod_imap apache/mod_jk apache/mod_perl apache/mod_python apache/rocketmq apache/sentry apache/tomcat apache/xerces-c apache/zookeeper apache/hbase apache/hive See also: All the last popular products CVE vulnerabilities

The latest CVE Vulnerability list for popular products of apache-ssl apache-ssl/apache-ssl See also: All the last popular products CVE vulnerabilities

The latest CVE Vulnerability list for popular products of auth0 auth0/auth0 See also: All the last popular products CVE vulnerabilities

The latest CVE Vulnerability list for popular products of lua-openssl_project lua-openssl_project/lua-openssl See also: All the last popular products CVE vulnerabilities

The latest CVE Vulnerability list for popular products of nginx nginx/nginx See also: All the last popular products CVE vulnerabilities

The latest CVE Vulnerability list for popular products of node-openssl_project node-openssl_project/node-openssl See also: All the last popular products CVE vulnerabilities

The latest CVE Vulnerability list for popular products of openssl openssl/openssl See also: All the last popular products CVE vulnerabilities

The latest CVE Vulnerability list for popular products of openssl_project openssl_project/openssl See also: All the last popular products CVE vulnerabilities

The latest CVE Vulnerability list for popular products of pyopenssl pyopenssl/pyopenssl See also: All the last popular products CVE vulnerabilities

The latest CVE Vulnerability list for popular products of pyopenssl_project pyopenssl_project/pyopenssl See also: All the last popular products CVE vulnerabilities

The latest CVE Vulnerability list for popular products of redhat redhat/amq redhat/amq_online redhat/ansible redhat/ansible_engine redhat/ansible_tower redhat/enterprise_linux redhat/etcd redhat/fedora redhat/fedora_core redhat/openssl See also: All the last popular products CVE vulnerabilities

The latest CVE Vulnerability list for popular products of ruby-lang ruby-lang/openssl See also: All the last popular products CVE vulnerabilities

redhat/analog_real-time_synthesizer Vulnerability Summary Vendor name: redhat Product name: analog_real-time_synthesizer Total vulnerabilities: 1 (as 2023-04-30) redhat/analog_real-time_synthesizer Vulnerability List CVE-2003-0459: KDE Konqueror for KDE 3.1.2 and earlier does not remove authentication credentials from URLs of… Published: 2003-08-27T04:00:00 Last Modified: 2017-10-11T01:29:00 Summary KDE Konqueror for KDE 3.1.2 and earlier does not remove authentication credentials from URLs of the “user:password@host” form in the HTTP-Referer header, which could allow remote web sites to steal the credentials for pages that link to the sites.

redhat/fedora_8 Vulnerability Summary Vendor name: redhat Product name: fedora_8 Total vulnerabilities: 1 (as 2023-04-30) redhat/fedora_8 Vulnerability List CVE-2008-2359: The default configuration of consolehelper in system-config-network before 1.5.10-1 on Fedora 8… Published: 2008-06-02T21:30:00 Last Modified: 2017-08-08T01:30:00 Summary The default configuration of consolehelper in system-config-network before 1.5.10-1 on Fedora 8 lacks the USER=root directive, which allows local users of the workstation console to gain privileges and change the network configuration. Common Weakness Enumeration (CWE): CWE-16 Scores

The latest CVE Vulnerability list for openssl/fips_object_module openssl/fips_object_module Vulnerability Summary Vendor name: openssl Product name: fips_object_module Total vulnerabilities: 1 (as 2023-04-30) openssl/fips_object_module Vulnerability List CVE-2007-5502: The PRNG implementation for the OpenSSL FIPS Object Module 1.1.1 does not perform auto-seeding… Published: 2007-12-01T06:46:00 Last Modified: 2017-07-29T01:33:00 Summary The PRNG implementation for the OpenSSL FIPS Object Module 1.1.1 does not perform auto-seeding during the FIPS self-test, which generates random data that is more predictable than expected and makes it easier for attackers to bypass protection mechanisms that rely on the randomness.

NIP-30 Custom Emoji draft optional Custom emoji may be added to kind 0, kind 1, kind 7 (NIP-25 ) and kind 30315 (NIP-38 ) events by including one or more "emoji" tags, in the form: ["emoji", <shortcode>, <image-url>] Where: <shortcode> is a name given for the emoji, which MUST be comprised of only alphanumeric characters and underscores. <image-url> is a URL to the corresponding image file of the emoji. For each emoji tag, clients should parse emoji shortcodes (aka “emojify”) like :shortcode: in the event to display custom emoji.

NIP-98 HTTP Auth draft optional This NIP defines an ephemeral event used to authorize requests to HTTP servers using nostr events. This is useful for HTTP services which are built for Nostr and deal with Nostr user accounts. Nostr event A kind 27235 (In reference to RFC 7235 ) event is used. The content SHOULD be empty. The following tags MUST be included. u - absolute URL method - HTTP Request Method Example event:

Free library catalog records and metadata Library websites Library of Congress Catalog: https://catalog.loc.gov/ British Library Catalogue: https://www.bl.uk/catalogues-and-collections/catalogue New York Public Library Catalog: https://catalog.nypl.org/ Library and Archives Canada Catalog: https://www.bac-lac.gc.ca/eng/search/Pages/search.aspx Library APIs Library of Congress API: https://www.loc.gov/developers/ British Library APIs: https://www.bl.uk/bibliographic-data-services/apis-for-library-data Open Library API: https://openlibrary.org/developers/api WorldCat Discovery API: https://developer.oclc.org/apis/worldcat-discovery/ Open data repositories: Open Library: https://openlibrary.org/ HathiTrust Digital Library: https://www.hathitrust.org/ Digital Public Library of America: https://dp.la/ Online metadata aggregators: WorldCat: https://www.worldcat.org/ LibraryThing: https://www.

This tool provides online X.509 certificate decoding for free. Privacy first: The certificate decoding process occurs locally in your browser, with no data sent to any external server. You can examine an X.509 certificate in PEM format using your browser without any need for external servers, similar to using openssl, but with greater privacy as there is no communication with a server. Input X.509 certificate (in PEM format) The certificate data will remain within your browser and will be decoded through JavaScript executed on the client-side, ensuring its privacy.