8653 matches found
CentralSquare eTRAKiT.Net SQL injection vulnerability
RISK EVALUATION eTRAKiT is a public online portal that provides the public with easily accessible information related to permits, projects, licenses, code compliance, land, and inspections. An SQL injection vulnerability in the CRM feature of eTRAKiT.net release 3.2.1.77 allows a remote,...
Cybersecurity communities. Small hacker groups, big impact
TL;DR Cybersecurity communities and groups are an excellent opportunity to network and learn There are OWASP, DEF CON, 2600, university hacking societies, Meetup communities and more to choose from They provide workshops, talks, and practical learning opportunities benefiting both newcomers and...
[SECURITY] Fedora 40 Update: python-django4.2-4.2.20-1.fc40
Django is a high-level Python Web framework that encourages rapid development and a clean, pragmatic design. It focuses on automating as much as possible and adhering to the DRY Don't Repeat Yourself principle...
[SECURITY] Fedora 42 Update: python-django4.2-4.2.20-1.fc42
Django is a high-level Python Web framework that encourages rapid development and a clean, pragmatic design. It focuses on automating as much as possible and adhering to the DRY Don't Repeat Yourself principle...
OPENSUSE-SU-2025:14903-1 assimp-devel-5.4.3-4.1 on GA media
These are all security issues fixed in the assimp-devel-5.4.3-4.1 package on the GA media of openSUSE Tumbleweed...
[SECURITY] Fedora 40 Update: python-django-4.2.20-1.fc40
Django is a high-level Python Web framework that encourages rapid development and a clean, pragmatic design. It focuses on automating as much as possible and adhering to the DRY Don't Repeat Yourself principle...
[SECURITY] Fedora 41 Update: python-django-4.2.20-1.fc41
Django is a high-level Python Web framework that encourages rapid development and a clean, pragmatic design. It focuses on automating as much as possible and adhering to the DRY Don't Repeat Yourself principle...
[SECURITY] Fedora 42 Update: python-django5-5.1.7-1.fc42
Django is a high-level Python Web framework that encourages rapid development and a clean, pragmatic design. It focuses on automating as much as possible and adhering to the DRY Don't Repeat Yourself principle...
AZL-58803 CVE-2025-2295 affecting package edk2 for versions less than 20240524git3e722403cd16-14
EDK2 contains a vulnerability in BIOS where a user may cause an Integer Overflow or Wraparound by network means. A successful exploitation of this vulnerability may lead to denial of service...
EDK2 输入验证错误漏洞
EDK2 is a set of cross-platform firmware development environments from the Tianocore community based on the UEFI and PI specifications. A security vulnerability exists in EDK2 that stems from an integer overflow or wrap-around error that could result in a denial of service...
Moderate: Red Hat Security Advisory: Red Hat OpenShift Dev Spaces 3.19.0 release
Red Hat OpenShift Dev Spaces 3.19 has been released. All containers have been updated to include feature enhancements, bug fixes and CVE fixes. Following the Red Hat Product Security standards this update is rated as having a security impact of Important. The Common Vulnerability Scoring System...
The vulnerability of the TIFF Image development platform QNX SDP allows attackers to disclose protected information.
The vulnerability of the TIFF Image development platform QNX SDP is related to an off-by-one error. Exploiting this vulnerability can allow a remote attacker to disclose sensitive information that is protected by the system’s security measures...
The vulnerability of the PCX Image development platform’s SDP code base allows attackers to trigger a service failure.
The vulnerability of the PCX Image development platform’s SDP is related to improper validation of the specified data type. Exploiting this vulnerability can allow an attacker to cause service failures remotely...
The vulnerability of the PCX Image development platform’s SDP code allows attackers to execute arbitrary code.
The vulnerability of the PCX Image development platform’s SDP code base relates to the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code...
The vulnerability of the PCX Image development platform’s SDP code base allows attackers to trigger a service failure.
The vulnerability of the PCX Image development platform’s SDP code base is related to the manipulation of the zero pointer. Exploiting this vulnerability could allow a malicious actor to cause service failures remotely...
New XCSSET malware adds new obfuscation, persistence techniques to infect Xcode projects
Microsoft Threat Intelligence has uncovered a new variant of XCSSET, a sophisticated modular macOS malware that infects Xcode projects, in the wild during routine threat hunting. Its first known variant since 2022, this latest XCSSET malware features enhanced obfuscation methods, updated...
SUSE CVE-2025-27607
Python JSON Logger is a JSON Formatter for Python Logging. Between 30 December 2024 and 4 March 2025 Python JSON Logger was vulnerable to RCE through a missing dependency. This occurred because msgspec-python313-pre was deleted by the owner leaving the name open to being claimed by a third party...
CVE-2024-12742
A deserialization of untrusted data vulnerability exists in NI G Web Development Software that may result in arbitrary code execution. Successful exploitation requires an attacker to get a user to open a specially crafted project file. This vulnerability affects G Web Development Software 2022 Q3...
Unsafe Dependency Resolution
Overview python-json-logger is a JSON Log Formatter for the Python Logging Package Affected versions of this package are vulnerable to Unsafe Dependency Resolution through the deletion of a critical dependency which could be maliciously claimed by a third party. An attacker can execute arbitrary...
CVE-2025-27607 Python JSON Logger has a Potential RCE via missing `msgspec-python313-pre` dependency
Python JSON Logger is a JSON Formatter for Python Logging. Between 30 December 2024 and 4 March 2025 Python JSON Logger was vulnerable to RCE through a missing dependency. This occurred because msgspec-python313-pre was deleted by the owner leaving the name open to being claimed by a third party...