5841 matches found
CVE-2020-1896
A stack overflow vulnerability in Facebook Hermes 'builtin apply' prior to commit 86543ac47e59c522976b5632b8bf9a2a4583c7d2 https://github.com/facebook/hermes/commit/86543ac47e59c522976b5632b8bf9a2a4583c7d2 allows attackers to potentially execute arbitrary code via crafted JavaScript. Note that th...
CVE-2020-1896
A stack overflow vulnerability in Facebook Hermes 'builtin apply' prior to commit 86543ac47e59c522976b5632b8bf9a2a4583c7d2 https://github.com/facebook/hermes/commit/86543ac47e59c522976b5632b8bf9a2a4583c7d2 allows attackers to potentially execute arbitrary code via crafted JavaScript. Note that th...
Stack overflow
A stack overflow vulnerability in Facebook Hermes 'builtin apply' prior to commit 86543ac47e59c522976b5632b8bf9a2a4583c7d2 https://github.com/facebook/hermes/commit/86543ac47e59c522976b5632b8bf9a2a4583c7d2 allows attackers to potentially execute arbitrary code via crafted JavaScript. Note that th...
CVE-2020-1896
A stack overflow vulnerability in Facebook Hermes 'builtin apply' prior to commit 86543ac47e59c522976b5632b8bf9a2a4583c7d2 https://github.com/facebook/hermes/commit/86543ac47e59c522976b5632b8bf9a2a4583c7d2 allows attackers to potentially execute arbitrary code via crafted JavaScript. Note that th...
Facebook Hermes Buffer Error Vulnerability
Facebook Hermes is a JavaScript engine from Facebook Inc. in the United States. The engine is targeted at React Native apps, going to improve the performance of mobile client application apps, but not for server-side infrastructures such as browsers & Node.js. Facebook Hermes suffers from a buffe...
Apple macOS Security Breach
Apple macOS is a specialized operating system developed by Apple Inc. for Mac computers. A security vulnerability exists in Apple macOS that originates from a logical error in kext loading in IOKit. A native application can execute arbitrary code using elevated privileges. The vulnerability exist...
Rapid7 Acquires Leading Kubernetes Security Provider, Alcide
Organizations around the globe continue to embrace the flexibility, speed, and agility of the cloud. Those that have adopted it are able to accelerate innovation and deliver real value to their customers faster than ever before. However, while the cloud can bring a tremendous amount of benefits t...
ASB-A-171400004
In several native functions called by AdvertiseManager.java, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege in the Bluetooth server with User execution privileges needed. User interaction is not needed for exploitation...
Deploying The New VMware Carbon Black Container Security Solution
“VMware acquired Octarine, a privately held company in Sunnyvale, California on May 27, 2020. Octarine offers a cloud-native security platform for the complete lifecycle of applications running on Kubernetes, helping customers to protect their cloud-native apps from build to runtime. Acquiring...
Announcing the general availability of Azure Defender for IoT
As businesses increasingly rely on connected devices to optimize their operations, the number of IoT and Operational Technology OT endpoints is growing dramatically—industry analysts have estimated that CISOs will soon be responsible for an attack surface multiple times larger than just a few yea...
Eclipse OpenJ9 缓冲区错误漏洞
Eclipse OpenJ9 is a Java application engine from the Eclipse Foundation. The product is primarily used to run Java applications. A buffer overflow vulnerability exists in Eclipse OpenJ9 versions prior to 0.23, which stems from a stack-based buffer overflow that can occur when the virtual machine ...
ByteDance-HIDS - A Cloud-Native Host-Based Intrusion Detection Solution Project To Provide Next-Generation Threat Detection And Behavior Audition With Modern Architecture
ByteDance-HIDS is a Cloud-Native Host-Based Intrusion Detection solution project to provide next-generation Threat Detection and Behavior Audition with modern architecture. ByteDance-HIDS comprises three major components: ByteDance-HIDS Agent, co-worked with ByteDance-HIDS Driver , is the...
VMware Carbon Black Cloud™ Awarded Cyber Catalyst Designation
VMware Carbon Black Cloud has been awarded a Cyber CatalystSM designation for its cloud native endpoint and workload protection platforms, which helps more than 20,000 organizations worldwide detect and stop emerging attacks. The designation is part of the annual Cyber Catalyst by Marsh℠ program,...
[SECURITY] Fedora 32 Update: golang-github-docker-credential-helpers-0.6.3-2.fc32
Docker-credential-helpers is a suite of programs to use native stores to ke ep Docker credentials safe...
H2 Database 1.4.199 JNI Code Execution
Exploit Title: H2 Database 1.4.199 - JNI Code Execution Exploit Author: 1F98D Original Author: Markus Wulftange Date: 28 April 2020 Vendor Hompage: https://www.h2database.com/ Tested on: Windows 10 x64, Java 1.8, H2 1.4.199 References:...
H2 Database 1.4.199 - JNI Code Execution Vulnerability
Exploit Title: H2 Database 1.4.199 - JNI Code Execution Exploit Author: 1F98D Original Author: Markus Wulftange Vendor Hompage: https://www.h2database.com/ Tested on: Windows 10 x64, Java 1.8, H2 1.4.199 References:...
H2 Database 1.4.199 - JNI Code Execution
Exploit Title: H2 Database 1.4.199 - JNI Code Execution Exploit Author: 1F98D Original Author: Markus Wulftange Date: 28 April 2020 Vendor Hompage: https://www.h2database.com/ Tested on: Windows 10 x64, Java 1.8, H2 1.4.199 References:...
[SECURITY] Fedora 33 Update: nats-server-2.1.9-1.fc33
A High Performance NATS Server written in Go and hosted by the Cloud Native Computing Foundation CNCF...
Moderate: Red Hat Security Advisory: mariadb-connector-c security, bug fix, and enhancement update
An update for mariadb-connector-c is now available for Red Hat Enterprise Linux 8.1 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...
CVE-2020-27781
CVE-2020-27781 affects Ceph and specifically allows privilege escalation via Native CephFS consumers of OpenStack Manila. An OpenStack Manila user can request access to a share for an arbitrary cephx user; the interface drivers reveal the access key, enabling all users in the requesting project t...