154 matches found
EUVD-2023-27657
Malicious code in bioql PyPI...
EUVD-2022-5710
Malicious code in bioql PyPI...
EUVD-2023-39927
Malicious code in bioql PyPI...
EUVD-2023-28823
Malicious code in bioql PyPI...
EUVD-2022-38179
Malicious code in bioql PyPI...
EUVD-2022-43456
Malicious code in bioql PyPI...
EUVD-2022-2080
Malicious code in bioql PyPI...
EUVD-2024-2425
Malicious code in bioql PyPI...
EUVD-2022-26873
Malicious code in bioql PyPI...
EUVD-2023-31259
Malicious code in bioql PyPI...
Cloud-Native Security in 2025: Why Runtime Visibility Must Take Center Stage
The security landscape for cloud-native applications is undergoing a profound transformation. Containers, Kubernetes, and serverless technologies are now the default for modern enterprises, accelerating delivery but also expanding the attack surface in ways traditional security models can't keep ...
Enhance Your Edge Native Apps with Low Latency Using Multiple EdgeWorkers
Learn how Flexible Composition lets you seamlessly deploy multiple EdgeWorkers in a single request for easier-to-build, scalable, edge native applications...
CVE-2023-24832
A null pointer dereference bug in Hermes prior to commit 5cae9f72975cf0e5a62b27fdd8b01f103e198708 could have been used by an attacker to crash an Hermes runtime where the EnableHermesInternal config option was set to true. Note that this is only exploitable in cases where Hermes is used to execut...
CVE-2021-30358
Mobile Access Portal Native Applications who's path is defined by the administrator with environment variables may run applications from other locations by the Mobile Access Portal Agent...
CVE-2021-24037
A use after free in hermes, while emitting certain error messages, prior to commit d86e185e485b6330216dee8e854455c694e3a36e allows attackers to potentially execute arbitrary code via crafted JavaScript. Note that this is only exploitable if the application using Hermes permits evaluation of...
CVE-2021-24045
A type confusion vulnerability could be triggered when resolving the "typeof" unary operator in Facebook Hermes prior to v0.10.0. Note that this is only exploitable if the application using Hermes permits evaluation of untrusted JavaScript. Hence, most React Native applications are not affected...
CVE-2020-1911
A type confusion vulnerability when resolving properties of JavaScript objects with specially-crafted prototype chains in Facebook Hermes prior to commit fe52854cdf6725c2eaa9e125995da76e6ceb27da allows attackers to potentially execute arbitrary code via crafted JavaScript. Note that this is only...
CVE-2020-1915
An out-of-bounds read in the JavaScript Interpreter in Facebook Hermes prior to commit 8cb935cd3b2321c46aa6b7ed8454d95c75a7fca0 allows attackers to cause a denial of service attack or possible further memory corruption via crafted JavaScript. Note that this is only exploitable if the application...
IBM Concert Software Encryption Issues Vulnerabilities
IBM Concert Software is a new tool from International Business Machines IBM Inc. that uses generative AI to help manage complex cloud-native applications. IBM Concert Software suffers from a cryptographic issue vulnerability that stems from the use of weak encryption algorithms, which could be...
IBM Concert Software Path Traversal Vulnerability
IBM Concert Software is a new tool from International Business Machines IBM Inc. that uses generative AI to help manage complex cloud-native applications. A path traversal vulnerability exists in IBM Concert Software that stems from improperly handling URL requests that contain point sequences, a...