Moderate: java-1.8.0-openjdk security update

The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Security Fixes: giflib: Heap-Buffer Overflow during Image Saving in DumpScreen2RGB Function CVE-2023-48161 JDK: Array indexing integer overflow 8328544 CVE-2024-21210 JD...

CVE-2024-21250

Vulnerability in the Oracle Process Manufacturing Product Development product of Oracle E-Business Suite component: Quality Manager Specification. Supported versions that are affected are 12.2.13-12.2.14. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP...

Oracle E-Business Suite 安全漏洞

Oracle E-Business Suite is a set of fully integrated global business management software from Oracle USA. The software provides customer relationship management, service management, financial management and other functions. A security vulnerability exists in Oracle Process Manufacturing Product...

Oracle Java SE 安全漏洞

Oracle Java SE is a U.S. Oracle Oracle company for the development and deployment of desktop, server and embedded devices and real-time environments in the Java application. A security vulnerability exists in Oracle Java SE, Oracle GraalVM for JDK, and Oracle GraalVM Enterprise Edition, which can...

CVE-2024-46980 Tuleap vulnerable to XSS in the HTML mail content of the cross reference field

Tuleap is a tool for end to end traceability of application and system developments. Prior to Tuleap Community Edition 15.13.99.37, Tuleap Enterprise Edition 15.13-3, and Tuleap Enterprise Edition 15.12-6, a site administrator could create an artifact link type with a forward label allowing them ...

SUSE: Security Advisory (SUSE-SU-2024:3596-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Exploit for CVE-2023-22098

CVE-2023-22098 - Oracle VM VirtualBox 7.0.10 r158379 Escape H...

Microsoft Security Update Validation Report October 2024

Microsoft’s October 2024 security updates have passed Citrix testing the updates are listed below. The testing is not all-inclusive; all tests are executed against English only environments and issues may still be found upon implementation. Follow best practices for testing and installing softwar...

SUSE: Security Advisory (SUSE-SU-2024:3570-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2024:3586-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2024-35215

NULL pointer dereference in IP socket options processing of the Networking Stack in QNX Software Development Platform SDP versions 7.1 and 7.0 could allow an attacker with local access to cause a denial-of-service condition in the context of the Networking Stack process...

CVE-2024-35215

NULL pointer dereference in IP socket options processing of the Networking Stack in QNX Software Development Platform SDP versions 7.1 and 7.0 could allow an attacker with local access to cause a denial-of-service condition in the context of the Networking Stack process...

CVE-2024-35215

The CVE-2024-35215 issue affects QNX Software Development Platform (SDP) 7.0 and 7.1, where a NULL pointer dereference in the IP socket options processing of the Networking Stack can allow a local attacker to cause a denial-of-service in the Networking Stack process. This is the explicit root cau...

SUSE: Security Advisory (SUSE-SU-2024:3526-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

How Cloud-Based Solutions Are Transforming Software Quality Assurance

Cloud-based solutions are transforming the software quality assurance QA industry. As organizations increasingly migrate their development and verification…...

AZL-49716 CVE-2024-38796 affecting package edk2 for versions less than 20230301gitf80f052277c8-42

EDK2 contains a vulnerability in the PeCoffLoaderRelocateImage. An Attacker may cause memory corruption due to an overflow via an adjacent network. A successful exploit of this vulnerability may lead to a loss of Confidentiality, Integrity, and/or Availability...

AZL-49713 CVE-2024-38796 affecting package hvloader for versions less than 1.0.1-13

EDK2 contains a vulnerability in the PeCoffLoaderRelocateImage. An Attacker may cause memory corruption due to an overflow via an adjacent network. A successful exploit of this vulnerability may lead to a loss of Confidentiality, Integrity, and/or Availability...

CVE-2024-47186 Filament has unvalidated ColorColumn and ColorEntry values that can be used for Cross-site Scripting

Filament is a collection of full-stack components for Laravel development. Versions of Filament from v3.0.0 through v3.2.114 are affected by a cross-site scripting XSS vulnerability. If values passed to a ColorColumn or ColumnEntry are not valid and contain a specific set of characters,...

CVE-2024-47186 Filament has unvalidated ColorColumn and ColorEntry values that can be used for Cross-site Scripting

Filament is a collection of full-stack components for Laravel development. Versions of Filament from v3.0.0 through v3.2.114 are affected by a cross-site scripting XSS vulnerability. If values passed to a ColorColumn or ColumnEntry are not valid and contain a specific set of characters,...

EDK2 安全漏洞

EDK2 is a set of cross-platform firmware development environments from the Tianocore community based on the UEFI and PI specifications. A security vulnerability exists in EDK2 that originates in the PeCoffLoaderRelocateImage function, where an attacker may be able to cause memory corruption via a...