822 matches found
PT-2025-2938 · Teradata · Teradata Vantage Editor
Name of the Vulnerable Software and Affected Versions: Teradata Vantage Editor version 1.0.1 Description: The issue concerns unintended functionality in the software, including the presence of Chromium Developer Tools, which can allow a client user to access arbitrary remote websites. This can...
CVE-2024-52870
CVE-2024-52870 concerns Teradata Vantage Editor 1.0.1, which is primarily a SQL editor but exposes unintended functionality, including Chromium Developer Tools, that can let a client user access arbitrary remote websites. The Red Hat/NVD entries confirm the affected product and behavior; the issu...
CVE-2024-52870
Teradata Vantage Editor 1.0.1 is mostly intended for SQL database access and docs.teradata.com access, but provides unintended functionality including Chromium Developer Tools that can result in a client user accessing arbitrary remote websites...
CVE-2024-52870
Teradata Vantage Editor 1.0.1 is mostly intended for SQL database access and docs.teradata.com access, but provides unintended functionality including Chromium Developer Tools that can result in a client user accessing arbitrary remote websites...
KLA78978 Multiple vulnerabilities in Microsoft Developer Tools
Multiple vulnerabilities were found in Microsoft Developer Tools. Malicious users can exploit these vulnerabilities to execute arbitrary code, gain privileges, obtain sensitive information, bypass security restrictions. Below is a complete list of vulnerabilities: 1. A remote code execution...
[SECURITY] Fedora 40 Update: python3.9-3.9.21-1.fc40
Python 3.9 package for developers. This package exists to allow developers to test their code against an older version of Python. This is not a full Python stack and if you wish to run your applications with Python 3.9, see other distributions that support it, such as CentOS or RHEL or older Fedo...
KLA78026 ACE vulnerability in Microsoft Developer Tools
A remote code vulnerability was found in Microsoft Developer Tools. Malicious users can exploit this vulnerability to execute arbitrary code. Original advisories CVE-2024-49063 Related products Microsoft-Dynamics-365 CVE list CVE-2024-49063 high Solution Install necessary updates from the KB...
KLA77107 Multiple vulnerabilities in Microsoft Developer Tools
Multiple vulnerabilities were found in Microsoft Developer Tools. Malicious users can exploit these vulnerabilities to execute arbitrary code, cause denial of service, gain privileges. Below is a complete list of vulnerabilities: 1. A remote code execution vulnerability in .NET and Visual Studio...
Supply Chain Attacks Can Exploit Entry Points in Python, npm, and Open-Source Ecosystems
Cybersecurity researchers have found that entry points could be abused across multiple programming ecosystems like PyPI, npm, Ruby Gems, NuGet, Dart Pub, and Rust Crates to stage software supply chain attacks. "Attackers can leverage these entry points to execute malicious code when specific...
Cybercriminals Use Unicode to Hide Mongolian Skimmer in E-Commerce Platforms
Cybersecurity researchers have shed light on a new digital skimmer campaign that leverages Unicode obfuscation techniques to conceal a skimmer dubbed Mongolian Skimmer. "At first glance, the thing that stood out was the script's obfuscation, which seemed a bit bizarre because of all the accented...
KLA73906 Multiple vulnerabilities in Microsoft Developer Tools
Multiple vulnerabilities were found in Microsoft Developer Tools. Malicious users can exploit these vulnerabilities to gain privileges, execute arbitrary code, cause denial of service. Below is a complete list of vulnerabilities: 1. An elevation of privilege vulnerability in Visual C++...
CVE-2024-7259
The CVE-2024-7259 entry covers a vulnerability in oVirt-engine where an administrator (including ReadOnlyAdmin) can view provider credentials in cleartext via browser developer tools. Affected product: oVirt-engine (as described in CVE context); root cause: exposure of provider passwords via the ...
CVE-2024-7259 Ovirt-engine: potential exposure of cleartext provider passwords via web ui
A flaw was found in oVirt. A user with administrator privileges, including users with the ReadOnlyAdmin permission, may be able to use browser developer tools to view Provider passwords in cleartext...
oVirt Node 安全漏洞
oVirt Node is an open source virtualization management platform. A security vulnerability exists in oVirt Node that stems from the fact that a user with administrator privileges may be able to view provider passwords in plaintext using browser developer tools...
PT-2024-38216 · Ovirt · Ovirt
Name of the Vulnerable Software and Affected Versions: oVirt affected versions not specified Description: A flaw was found in oVirt, allowing a user with administrator privileges, including those with the ReadOnlyAdmin permission, to potentially view Provider passwords in cleartext using browser...
RHSA-2023:1064 Red Hat Security Advisory: OpenShift Developer Tools and Services for OCP 4.12 security update
Bulletin has no description...
mozilla: Internal event interfaces were exposed to web content when browser EventHandler listener callbacks ran
The Mozilla Foundation's Security Advisory: Internal browser event interfaces were exposed to web content when privileged EventHandler listener callbacks ran for those events. Web content that tried to use those interfaces would not be able to use them with elevated privileges, but their presence...
mozilla: Internal event interfaces were exposed to web content when browser EventHandler listener callbacks ran
The Mozilla Foundation's Security Advisory: Internal browser event interfaces were exposed to web content when privileged EventHandler listener callbacks ran for those events. Web content that tried to use those interfaces would not be able to use them with elevated privileges, but their presence...
mozilla: Internal event interfaces were exposed to web content when browser EventHandler listener callbacks ran
The Mozilla Foundation's Security Advisory: Internal browser event interfaces were exposed to web content when privileged EventHandler listener callbacks ran for those events. Web content that tried to use those interfaces would not be able to use them with elevated privileges, but their presence...
KLA71478 Multiple vulnerabilities in Microsoft Developer Tools
Multiple vulnerabilities were found in Microsoft Developer Tools. Malicious users can exploit these vulnerabilities to cause denial of service, execute arbitrary code, obtain sensitive information. Below is a complete list of vulnerabilities: 1. A denial of service vulnerability in .NET and Visua...