CVE-2024-31138

In JetBrains TeamCity before 2024.03 xSS was possible via Agent Distribution settings...

CVE-2024-31138

In JetBrains TeamCity before 2024.03 xSS was possible via Agent Distribution settings...

CVE-2024-31138

In JetBrains TeamCity before 2024.03 xSS was possible via Agent Distribution settings...

CVE-2024-31138

In JetBrains TeamCity before 2024.03 xSS was possible via Agent Distribution settings...

CVE-2024-31138

JetBrains TeamCity is affected by a cross-site scripting (XSS) vulnerability in the Agent Distribution settings component, with confirmed details across multiple sources. The issue exists in TeamCity versions prior to 2024.03 and arises from inadequate handling/validation in the AgentDistribution...

Rrgen - A Header Only C++ Library For Storing Safe, Randomly Generated Data Into Modern Containers

This library was developed to combat insecure methods of storing random data into modern C++ containers. For example, old and clunky PRNGs. Thus, rrgen uses STL's distribution engines in order to efficiently and safely store a random number distribution into a given C++ container. Installation 1...

JetBrains TeamCity 安全漏洞

JetBrains TeamCity is a set of distributed build management and continuous integration tools from the Czech company JetBrains. The tool provides continuous unit testing, code quality analysis and build problem analysis reports and other features. A cross-site scripting vulnerability exists in...

CLSA-2024-1711563079 Update of zlib

Rebuild with dist .el79...

firefox security update

115.9.1-1.0.1 - Remove upstream references Orabug: 30143292 - Update distribution for Oracle Linux Orabug: 30143292 - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file 115.9.1-1 - Update to 115.9.1 115.9.0-2 - Update to 115.9.0 build2 115.9.0-1 - Update to 115.9.0 buil...

AndroxGh0st Malware Targets Laravel Apps to Steal Cloud Credentials

Cybersecurity researchers have shed light on a tool referred to as AndroxGh0st that's used to target Laravel applications and steal sensitive data. "It works by scanning and taking out important information from .env files, revealing login details linked to AWS and Twilio," Juniper Threat Labs...

The Updated APT Playbook: Tales from the Kimsuky threat actor group

Co-authors are Christiaan Beek and Raj Samani Within Rapid7 Labs we continually track and monitor threat groups. This is one of our key areas of focus as we work to ensure that our ability to protect customers remains constant. As part of this process, we routinely identify evolving tactics from...

UBUNTU-CVE-2024-28231

eprosima Fast DDS is a C++ implementation of the Data Distribution Service standard of the Object Management Group. Prior to versions 2.14.0, 2.13.4, 2.12.3, 2.10.4, and 2.6.8, manipulated DATA Submessage can cause a heap overflow error in the Fast-DDS process, causing the process to be terminate...

CVE-2024-28231 Manipulated DATA Submessage causes a heap-buffer-overflow error

eprosima Fast DDS is a C++ implementation of the Data Distribution Service standard of the Object Management Group. Prior to versions 2.14.0, 2.13.4, 2.12.3, 2.10.4, and 2.6.8, manipulated DATA Submessage can cause a heap overflow error in the Fast-DDS process, causing the process to be terminate...

CVE-2024-28231 Manipulated DATA Submessage causes a heap-buffer-overflow error

eprosima Fast DDS is a C++ implementation of the Data Distribution Service standard of the Object Management Group. Prior to versions 2.14.0, 2.13.4, 2.12.3, 2.10.4, and 2.6.8, manipulated DATA Submessage can cause a heap overflow error in the Fast-DDS process, causing the process to be terminate...

CVE-2024-28231

eprosima Fast DDS is a C++ implementation of the Data Distribution Service standard of the Object Management Group. Prior to versions 2.14.0, 2.13.4, 2.12.3, 2.10.4, and 2.6.8, manipulated DATA Submessage can cause a heap overflow error in the Fast-DDS process, causing the process to be terminate...

The vulnerability of the software for managing, monitoring, configuring, and automating IT infrastructure of Hitachi Ops Center Common Services arises from the unlimited distribution of resources. This allows a malicious actor to cause service failures.

The vulnerability of the software for managing, monitoring, configuring, and automating IT infrastructure of the Hitachi Ops Center Common Services is related to the unlimited distribution of resources. Exploiting this vulnerability can allow a malicious actor to cause service interruptions...

Siemens SENTRON 3KC ATC6 Ethernet Module Hidden Function Vulnerability

The Siemens SENTRON 3KC ATC6 Expansion Module is a power distribution protection device from Siemens, Germany, for monitoring and protecting power systems. A hidden function vulnerability exists in the Siemens SENTRON 3KC ATC6 Ethernet Module due to affected devices exposing unused and unstable...

org.apache.pulsar:pulsar-server-distribution (=3.1.0) potentially affected by CVE-2022-34321 via org.apache.pulsar:pulsar-proxy (=3.1.0)

org.apache.pulsar:pulsar-proxy MAVEN version =3.1.0 is affected by a known vulnerability. The following packages have a transitive dependency on org.apache.pulsar:pulsar-proxy and may be impacted: - org.apache.pulsar:pulsar-server-distribution =3.1.0 Source cves: CVE-2022-34321 Source advisory:...

org.apache.pulsar:pulsar-broker (>=3.1.0 <=3.1.2), org.apache.pulsar:pulsar-broker-auth-athenz (>=3.1.0 <=3.1.2) +3 more potentially affected by CVE-2024-27317 via org.apache.pulsar:pulsar-functions-worker (>=3.1.0 <=3.1.2)

org.apache.pulsar:pulsar-functions-worker MAVEN version =3.1.0, =3.1.0, =3.1.0, =3.1.0, =3.1.0, =3.1.0, =3.1.2 Source cves: CVE-2024-27317 Source advisory: OSV:GHSA-JG2G-4RJG-CMQH...

org.apache.pulsar:pulsar-broker (=3.2.0), org.apache.pulsar:pulsar-broker-auth-athenz (=3.2.0) +3 more potentially affected by CVE-2024-27135 via org.apache.pulsar:pulsar-functions-worker (=3.2.0)

org.apache.pulsar:pulsar-functions-worker MAVEN version =3.2.0 is affected by a known vulnerability. The following packages have a transitive dependency on org.apache.pulsar:pulsar-functions-worker and may be impacted: - org.apache.pulsar:pulsar-broker =3.2.0 -...