Adobe ColdFusion Improper Access Control Vulnerability (CNVD-2023-100305)

Adobe ColdFusion is the United States Odo than Adobe company's set of rapid application development platform. The platform includes an integrated development environment and scripting language. Adobe ColdFusion has a security vulnerability that can be exploited by attackers to bypass security...

WordPress Local Development Plugin <= 2.8.2 is vulnerable to Cross Site Request Forgery (CSRF)

Software Local Development Type Plugin Vulnerable versions = 2.8.2 Fixed in 2.8.3 OWASP Top 10 A1: Broken Access Control Classification Cross Site Request Forgery CSRF CVE N/A Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 17dad3e2a486 Credits Unknown Required privilege...

Benefits of hiring a Java web application development company

By Owais Sultan Are you considering developing a Java web application? While you may have the skills to do it yourself,… This is a post from HackRead.com Read the original post: Benefits of hiring a Java web application development company...

CVE-2023-35929

Tuleap is a free and open source suite to improve management of software development and collaboration. Prior to version 14.10.99.4 of Tuleap Community Edition and prior to versions 14.10-2 and 14.9-5 of Tuleap Enterprise Edition, content displayed in the "card fields" visible in the kanban and P...

CVE-2023-35929

Tuleap CVE-2023-35929 is a cross-site scripting vulnerability in card fields of the kanban and PV2 apps. The issue occurs when content displayed in card fields is not properly escaped, allowing a malicious user who can create an artifact or edit a card-field to cause script execution. Affected ve...

API Security in 2023: Major Insights from Postman’s State of the API Report

📣 Good news for all tech enthusiasts! The highly anticipated 2023 State of the API Report, conducted by Postman - one of the leading dev tools for building APIs, is now available. This comprehensive report, produced annually, is backed by an extensive survey and offers a deep dive into the...

Global CDN Service ‘jsdelivr’ Exposed Users to Phishing Attacks

By Habiba Rashid In the interconnected world of web development, open-source components play a vital role, facilitating collaboration and code sharing… This is a post from HackRead.com Read the original post: Global CDN Service jsdelivr Exposed Users to Phishing Attacks...

Moderate: Red Hat Security Advisory: java-1.8.0-openjdk security and bug fix update

An update for java-1.8.0-openjdk is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

Moderate: Red Hat Security Advisory: java-1.8.0-openjdk security and bug fix update

An update for java-1.8.0-openjdk is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

Moderate: Red Hat Security Advisory: java-11-openjdk security and bug fix update

An update for java-11-openjdk is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...

The vulnerability of the remember_Ktype function in the cplus-dem.c component of the GNU Binutils development environment allows a attacker to trigger a service failure.

The vulnerability of the rememberKtype function in the cplus-dem.c component of the GNU Binutils development environment is related to the allocation of unlimited memory. Exploiting this vulnerability allows a remote attacker to cause a service failure...

ALSA-2023:4175 Moderate: java-11-openjdk security and bug fix update

The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Security Fixes: OpenJDK: ZIP file parsing infinite loop 8302483 CVE-2023-22036 OpenJDK: weakness in AES implementation 8308682 CVE-2023-22041 OpenJDK: improper handling o...

Unspecified Vulnerability in Oracle Application Expresses

Oracle Application Express is the United States Oracle Oracle, a low-code development platform. A security vulnerability exists in the Application Express Customers Plugin for Oracle Application Express, which can be exploited by an attacker to cause the Application Express Customers Plugin to be...

Adobe ColdFusion 安全漏洞

Adobe ColdFusion is the United States Odo than Adobe company's set of rapid application development platform. The platform includes an integrated development environment and scripting language. Adobe ColdFusion has a security vulnerability that can be exploited by attackers to bypass security...

SUSE: Security Advisory (SUSE-SU-2023:2888-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

ALSA-2023:4177 Moderate: java-17-openjdk security and bug fix update

The java-17-openjdk packages provide the OpenJDK 17 Java Runtime Environment and the OpenJDK 17 Java Software Development Kit. Security Fixes: OpenJDK: ZIP file parsing infinite loop 8302483 CVE-2023-22036 OpenJDK: weakness in AES implementation 8308682 CVE-2023-22041 OpenJDK: improper handling o...

Moderate: java-11-openjdk security and bug fix update

The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Security Fixes: OpenJDK: ZIP file parsing infinite loop 8302483 CVE-2023-22036 OpenJDK: weakness in AES implementation 8308682 CVE-2023-22041 OpenJDK: improper handling o...

Moderate: Red Hat Security Advisory: java-1.8.0-openjdk security update

An update for java-1.8.0-openjdk is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

OpenJDK: array indexing integer overflow issue (8304468)

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK product of Oracle Java SE component: Hotspot. Supported versions that are affected are Oracle Java SE: 8u371, 8u371-perf, 11.0.19, 17.0.7, 20.0.1; Oracle GraalVM Enterprise Edition: 20.3.10, 21.3.6,...

Moderate: Red Hat Security Advisory: java-1.8.0-openjdk security update

An update for java-1.8.0-openjdk is now available for Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...