MiracleLinux 7 : cups-filters-1.0.35-21.el7 (AXSA:2015-746:01)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2015-746:01 advisory. Contains backends, filters, and other software that was once part of the core CUPS distribution but is no longer maintained by Apple Inc. In addition...

CVE-2023-54210 Bluetooth: hci_sync: Avoid use-after-free in dbg for hci_remove_adv_monitor()

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hcisync: Avoid use-after-free in dbg for hciremoveadvmonitor KASAN reports that there's a use-after-free in hciremoveadvmonitor. Trawling through the disassembly, you can see that the complaint is from the access in...

EUVD-2015-2101

Malware in sbrugna...

EUVD-2019-8653

Malware in sbrugna...

EUVD-2024-53830

Malicious code in bioql PyPI...

EUVD-2024-28063

Malicious code in bioql PyPI...

CVE-2024-45314

Flask-AppBuilder is an application development framework. Prior to version 4.5.1, the auth DB login form default cache directives allows browser to locally store sensitive data. This can be an issue on environments using shared computer resources. Version 4.5.1 contains a patch for this issue. If...

CVE-2023-37517 HCL Domino Volt and Domino Leap are affected by missing "no cache" headers

Missing "no cache" headers in HCL Leap permits sensitive data to be cached...

HCL Leap 安全漏洞

HCL Leap is a low-code development platform from HCL India. HCL Leap has a security vulnerability that stems from the lack of a no cache header, which could lead to caching of sensitive data...

CVE-2024-30127

Missing "no cache" headers in HCL Leap permits sensitive data to be cached...

Synapse denial of service through media disk space consumption

Impact Synapse versions before 1.106 are vulnerable to a disk fill attack, where an unauthenticated adversary can induce Synapse to download and cache large amounts of remote media. The default rate limit strategy is insufficient to mitigate this. This can lead to a denial of service, ranging fro...

CVE-2024-45314

Flask-AppBuilder is an application development framework. Prior to version 4.5.1, the auth DB login form default cache directives allows browser to locally store sensitive data. This can be an issue on environments using shared computer resources. Version 4.5.1 contains a patch for this issue. If...

CVE-2024-45314

CVE-2024-45314 affects Flask-AppBuilder: the auth DB login form allows the browser to cache sensitive data. Affected component is the login form; root cause is default cache directives exposing data in shared environments. Version 4.5.1 fixes the issue. If upgrading is not possible, a workaround ...

ROS-20240412-01

Vulnerability of authfile.c file of memcached data caching software is related to buffer overflow in dynamic memory. buffer overflow in dynamic memory. Exploitation of the vulnerability could allow an attacker to cause a denial of denial of service using a specially crafted authentication file...

CVE-2020-15085

In Saleor Storefront before version 2.10.3, request data used to authenticate customers was inadvertently cached in the browser's local storage mechanism, including credentials. A malicious user with direct access to the browser could extract the email and password. In versions prior to 2.10.0...

PT-2020-6879 · Abb · Esoms

Name of the Vulnerable Software and Affected Versions: ABB eSOMS versions 4.0 through 6.0.3 Description: The issue is related to the improper configuration of the Cache-Control and Pragma HTTP headers within the application response. This can potentially allow browsers and proxies to cache...

CVE-2019-2309

While storing calibrated data from firmware in cache, An integer overflow may occur since data length received may exceed real data length. in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice &...

IBM QRadar SIEM Information Disclosure Vulnerability (CNVD-2018-25033)

IBM QRadar SIEM is an IBM USA solution that utilizes security intelligence to protect assets and information from advanced threats. The solution provides oversight of the entire scope of the IT architecture, generates detailed reports on data access and user activity, and more. A security...

F5 BIG-IP Denial of Service Vulnerability (CNVD-2019-19064)

F5 BIG-IP is an all-in-one network appliance that integrates network traffic management, application security management, load balancing and other functions from F5 USA. A denial-of-service vulnerability exists in F5 BIG-IP versions 13.0.0 through 13.1.0, 12.1.0 through 12.1.3, and 11.2.1 through...

Security Bulletin: Information disclosure in WebSphere Application Server shipped with Jazz for Service Management (CVE-2017-1381)

Summary There is an information disclosure in the WebSphere Application Server Proxy Server or On-Demand-Router ODR. This only occurs when the system clock is changed. If the system clock is changed it could cause stale data to be cached and served. Vulnerability Details CVEID: CVE-2017-1381...