ROS-20260524-73-0043

Vulnerability in mariadb related to security configuration errors. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

TanStack Query 安全漏洞

TanStack Query is an open-source library developed by TanStack, featuring a complete set of functions and supporting TypeScript. There is a security vulnerability in TanStack Query. This vulnerability stems from attackers exploiting configuration errors in the pullrequesttarget, GitHub Actions...

HCL BigFix RunBookAI 安全漏洞

HCL BigFix RunBookAI is an AI-driven automation platform developed by the American company HCL. HCL BigFix RunBookAI has a security vulnerability, which stems from the continuous presence of insecure input texts. The processing of component inputs poses security risks, increasing the likelihood o...

uutils coreutils 安全漏洞

uutils coreutils is a cross-platform core command-line toolset developed by Uutils Open Source. uutils coreutils has a security vulnerability, which stems from an incorrect calculation of the groups= part in the output. This vulnerability may allow unauthorized access or lead to security...

Zscaler Client Connector 安全漏洞

The Zscaler Client Connector is a lightweight agent provided by Zscaler Inc. There is a security vulnerability associated with the Zscaler Client Connector, which stems from incorrect startup configurations. This vulnerability may cause a small amount of traffic to go unnoticed in rare instances...

EUVD-2021-32411

Malicious code in bioql PyPI...

EUVD-2024-51807

Malicious code in bioql PyPI...

ASUSTOR ADM 安全漏洞

ASUSTOR ADM is a specialized operating system for all ASUSTOR NAS devices from ASUS, China. A security vulnerability exists in ASUSTOR ADM versions prior to 4.3.1.R5A1, which stems from improper input validation and could result in a system configuration error...

sssd bug fix update

An update is available for sssd. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The System Security Services Daemon SSSD service provides a set of daemons to...

CVE-2024-42172 HCL MyXalytics is affected by broken authentication

HCL MyXalytics is affected by broken authentication. It allows attackers to compromise keys, passwords, and session tokens, potentially leading to identity theft and system control. This vulnerability arises from poor configuration, logic errors, or software bugs and can affect any application wi...

ROS-20240820-01

The vulnerability in Mozilla Firefox, Firefox ESR and Thunderbird email client is related to the use of memory after its release. memory usage after it has been freed. Exploitation of the vulnerability could allow an attacker, acting remotely, to execute arbitrary code using a specially crafted w...

5 Cloud Security Challenges Solved by CNAPP

Configuration errors are a major cause of cloud security challenges for modern DevOps teams, introducing a new attack surface with numerous potential points of vulnerability. Read on to discover some of the most common errors and learn how to resolve them...

PT-2022-5505

Name of the Vulnerable Software and Affected Versions Windows affected versions not specified Description A security feature bypass issue exists in the BitLocker Device Encryption of Windows operating systems due to security configuration errors. This flaw allows an attacker to bypass security...

Cyber Signals: 3 strategies for protection against ransomware

The “as a service” business model has gained widespread popularity as growing cloud adoption has made it possible for people to access important services through third-party providers. Given the convenience and agility of service offerings, perhaps it shouldn’t be surprising that the “as a servic...

ROS-20220714-02

A vulnerability in the passdb account database of the Dovecot mail server is related to errors in the configuration. Exploitation of the vulnerability could allow an attacker acting remotely to escalate their privileges...

Microsoft Windows iSCSI Target Service Information Disclosure Vulnerability

Microsoft Windows is a set of operating systems for use on personal devices from the American company Microsoft. An information disclosure vulnerability exists in Microsoft Windows iSCSI Target Service. The vulnerability arises from a configuration or other error in the operation of a networked...

Microsoft Windows Kernel 信息泄露漏洞

The Microsoft Windows Kernel is the kernel of the Windows operating system from the American company Microsoft. An information disclosure vulnerability exists in Microsoft Windows Kernel. The vulnerability arises from errors in configuration, etc. in the operation of a networked system or product...

PT-2022-3547 · Mendix · Mendix

Name of the Vulnerable Software and Affected Versions: Mendix Applications using Mendix 7 versions prior to 7.23.27 Mendix Applications using Mendix 8 versions prior to 8.18.14 Mendix Applications using Mendix 9 versions prior to 9.12.0 Mendix Applications using Mendix 9 V9.6 versions prior to...

Linux kernel 安全漏洞

Linux kernel is the kernel used by the Linux Foundation's open-source operating system Linux.KVM is one of the kernel-based virtual machines. Linux kernel suffers from an information disclosure vulnerability that arises from errors in configuration and other errors in the operation of a networked...

MCS catalog creation fails when using dedicated host

Administrators may encounter the following error message when using MCS with Amazon AWS hosting connections: Transaction ID: XXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX Action Name: MCAddMachineInitialzation Exception: : Domain name\machine-name$, Failed to create the virtual machine; Domain...