Medium - CVE-2024-22315 - IBM Fusion and IBM Fusion HCI 2.3.0 through...
IBM Fusion and IBM Fusion HCI 2.3.0 through 2.8.2 is vulnerable to insecure network connection by allowing an attacker who gains access to a Fusion container to establish an external network...
NA - CVE-2024-45336 - The HTTP client drops sensitive headers after...
The HTTP client drops sensitive headers after following a cross-domain redirect. For example, a request to a.com/ containing an Authorization header which is redirected to b.com/ will not send that...
NA - CVE-2024-45339 - When logs are written to a widely-writable...
When logs are written to a widely-writable directory (the default), an unprivileged attacker may predict a privileged process's log file path and pre-create a symbolic link to a sensitive file...
NA - CVE-2024-45340 - Credentials provided via the new GOAUTH feature...
Credentials provided via the new GOAUTH feature were not being properly segmented by domain, allowing a malicious server to request credentials they should not have access to. By default, unless...
NA - CVE-2024-45341 - A certificate with a URI which has a IPv6...
A certificate with a URI which has a IPv6 address with a zone ID may incorrectly satisfy a URI name constraint that applies to the certificate chain. Certificates containing URIs are not permitted...
NA - CVE-2024-0135 - NVIDIA Container Toolkit contains an improper...
NVIDIA Container Toolkit contains an improper isolation vulnerability where a specially crafted container image could lead to modification of a host binary. A successful exploit of this...
NA - CVE-2024-0136 - NVIDIA Container Toolkit contains an improper...
NVIDIA Container Toolkit contains an improper isolation vulnerability where a specially crafted container image could lead to untrusted code obtaining read and write access to host devices. This...
NA - CVE-2024-0137 - NVIDIA Container Toolkit contains an improper...
NVIDIA Container Toolkit contains an improper isolation vulnerability where a specially crafted container image could lead to untrusted code running in the host’s network namespace. This...
NA - CVE-2024-0140 - NVIDIA RAPIDS contains a vulnerability in cuDF...
NVIDIA RAPIDS contains a vulnerability in cuDF and cuML, where a user could cause a deserialization of untrusted data issue. A successful exploit of this vulnerability might lead to code execution,...