7485 matches found
Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM License Metric Tool v9.
Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 8 used by IBM License Metric Tool. These issues were disclosed as part of the IBM Java SDK updates in Apr 2023. Vulnerability Details CVEID:CVE-2023-21930 DESCRIPTION: An unspecified vulnerability in Oracle...
CVE-2021-42307
Microsoft Edge Chromium-based Information Disclosure Vulnerability...
Design/Logic Flaw
The Malwarebytes EDR 1.0.11 for Linux driver doesn't properly ensure whitelisting of executable libraries loaded by executable files, allowing arbitrary code execution. The attacker can set LDLIBRARYPATH, set LDPRELOAD, or run an executable file in a debugger...
Malwarebytes 安全漏洞
Malwarebytes is an application that provides anti-malware functionality to devices from the US-based company Malwarebytes. The software is designed to defend against viruses, spyware, Trojans, worms, dial-up programs, and other malware. debug is a small JavaScript debugging utility open-sourced b...
CVE-2023-29145
The Malwarebytes EDR 1.0.11 for Linux driver doesn't properly ensure whitelisting of executable libraries loaded by executable files, allowing arbitrary code execution. The attacker can set LDLIBRARYPATH, set LDPRELOAD, or run an executable file in a debugger...
CVE-2023-29145
The Malwarebytes EDR 1.0.11 for Linux driver doesn't properly ensure whitelisting of executable libraries loaded by executable files, allowing arbitrary code execution. The attacker can set LDLIBRARYPATH, set LDPRELOAD, or run an executable file in a debugger...
DRUPAL-CONTRIB-2023-027
This module enables a UI to display all libraries provided by modules and themes on the Drupal site. The module doesn't sufficiently protect the libraries reporting page. It curently is using the 'access content' permission and not a proper administrative/access permission. The...
Libraries UI - Moderately critical - Access bypass - SA-CONTRIB-2023-027
This module enables a UI to display all libraries provided by modules and themes on the Drupal site. The module doesn't sufficiently protect the libraries reporting page. It curently is using the 'access content' permission and not a proper administrative/access permission. The...
Privilege escalation
Improper Neutralization of Argument Delimiters in a Command 'Argument Injection' vulnerability in Apache Software Foundation Apache Airflow ODBC Provider. In OdbcHook, A privilege escalation vulnerability exists in a system due to controllable ODBC driver parameters that allow the loading of...
CVE-2023-34395 Apache Airflow ODBC Provider: Remote code execution vulnerability
Improper Neutralization of Argument Delimiters in a Command 'Argument Injection' vulnerability in Apache Software Foundation Apache Airflow ODBC Provider. In OdbcHook, A privilege escalation vulnerability exists in a system due to controllable ODBC driver parameters that allow the loading of...
PT-2023-24858
Name of the Vulnerable Software and Affected Versions Apache Airflow ODBC Provider versions prior to 4.0.0 Description A privilege escalation vulnerability exists due to controllable ODBC driver parameters in OdbcHook, allowing the loading of arbitrary dynamic-link libraries and resulting in...
cc.ecore:spring-jfinal (=0.0.1), cc.ecore:spring-jfinal-plugin (>=0.1.0 <=0.1.2) +162 more potentially affected by CVE-2021-31635 via com.jfinal:jfinal (>=1.4 <=4.9.08)
com.jfinal:jfinal MAVEN version =1.4, =0.1.0, =0.1.1, =1.0.0, =1.0, =3.30.7-RELEASE, =0.0.8, =0.0.8, =0.0.8, =1.29.1.trial, =1.29.1.trial, =1.45.0 - cn.dreampie:jfinal-akka =0.1 - cn.dreampie:jfinal-captcha =0.1 and more Source cves: CVE-2021-31635 Source advisory: OSV:GHSA-CGMM-C2M9-FF7R...
SUSE SLES15: java-1_8_0-openjdk / java-1_8_0-openjdk-accessibility / etc (SUSE-SU-2023:2242-2)
The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:2242-2 advisory. - Updated to version jdk8u372 icedtea-3.27.0: - CVE-2023-21930: Fixed an issue in the JSSE component that could allow...
[SECURITY] Fedora 38 Update: dotnet7.0-7.0.107-1.fc38
.NET is a fast, lightweight and modular platform for creating cross platform applications that work on Linux, macOS and Windows. It particularly focuses on creating console applications, web applications and micro-services. .NET contains a runtime conforming to .NET Standards a set of framework...
[SECURITY] Fedora 37 Update: dotnet7.0-7.0.107-1.fc37
.NET is a fast, lightweight and modular platform for creating cross platform applications that work on Linux, macOS and Windows. It particularly focuses on creating console applications, web applications and micro-services. .NET contains a runtime conforming to .NET Standards a set of framework...
[SECURITY] Fedora 37 Update: dotnet6.0-6.0.118-1.fc37
.NET is a fast, lightweight and modular platform for creating cross platform applications that work on Linux, macOS and Windows. It particularly focuses on creating console applications, web applications and micro-services. .NET contains a runtime conforming to .NET Standards a set of framework...
SUSE-SU-2023:2242-2 Security update for java-1_8_0-openjdk
This update for java-180-openjdk fixes the following issues: - Updated to version jdk8u372 icedtea-3.27.0: - CVE-2023-21930: Fixed an issue in the JSSE component that could allow an attacker to access critical data without authorization bsc1210628. - CVE-2023-21937: Fixed an issue in the Networki...
ai.grakn:grakn-dist (>=0.15.0 <=0.17.0), ai.grakn:janus-factory (>=0.17.0 <=0.18.0) +1218 more potentially affected by unknown CVE via ch.qos.reload4j:reload4j (>=1.2.18.0 <=1.2.21)
ch.qos.reload4j:reload4j MAVEN version =1.2.18.0, =0.15.0, =0.17.0, =0.15.0, =1.6.0, =3.7.6, =0.6.2, =0.6.0, =0.8.0, =1.6.0-pre - com.aegisql.conveyor-persistence-jdbc:conveyor-persistence-jdbc =1.6.1 - com.aegisql.persistence:conveyor-persistence =1.6.1 -...
Debian: Security Advisory (DLA-3455-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] Fedora 37 Update: iaito-5.8.6-1.fc37
iaito is a Qt and C++ GUI for radare2. It is the continuation of Cutter before the fork to keep radare2 as backend. Its goal is making an advanced, customizable and FOSS reverse-engineering platform while keeping the user experience at mind. The iaito is created by reverse engineers for reverse...