xnio: org.xnio.StreamConnection.notifyReadClosed log to debug instead of stderr

A flaw was found in XNIO, specifically in the notifyReadClosed method. The issue revealed this method was logging a message to another expected end. This flaw allows an attacker to send flawed requests to a server, possibly causing log contention-related performance concerns or an unwanted disk...

xnio: org.xnio.StreamConnection.notifyReadClosed log to debug instead of stderr

A flaw was found in XNIO, specifically in the notifyReadClosed method. The issue revealed this method was logging a message to another expected end. This flaw allows an attacker to send flawed requests to a server, possibly causing log contention-related performance concerns or an unwanted disk...

xnio: org.xnio.StreamConnection.notifyReadClosed log to debug instead of stderr

A flaw was found in XNIO, specifically in the notifyReadClosed method. The issue revealed this method was logging a message to another expected end. This flaw allows an attacker to send flawed requests to a server, possibly causing log contention-related performance concerns or an unwanted disk...

CVE-2022-36660

xhyve commit dfbe09b was discovered to contain a stack buffer overflow via the component pcivtrndnotify...

xhyve 缓冲区错误漏洞

xhyve is a lightweight OS X virtualization solution open-sourced by machyve. A security vulnerability exists in xhyve commit number:dfbe09b that stems from a stack buffer overflow in its pcivtrndnotify component...

PT-2022-23532 · Xhyve · Xhyve

Name of the Vulnerable Software and Affected Versions: xhyve version dfbe09b Description: A stack buffer overflow issue was discovered in the pci vtrnd notify component. Recommendations: For xhyve version dfbe09b, consider disabling the pci vtrnd notify function as a temporary workaround until a...

CVE-2022-0084

A flaw was found in XNIO, specifically in the notifyReadClosed method. The issue revealed this method was logging a message to another expected end. This flaw allows an attacker to send flawed requests to a server, possibly causing log contention-related performance concerns or an unwanted disk...

UBUNTU-CVE-2022-0084

A flaw was found in XNIO, specifically in the notifyReadClosed method. The issue revealed this method was logging a message to another expected end. This flaw allows an attacker to send flawed requests to a server, possibly causing log contention-related performance concerns or an unwanted disk...

CVE-2022-36992

An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 and related NetBackup products. An attacker with authenticated access to a NetBackup Client could remotely execute arbitrary commands on a NetBackup Primary...

CVE-2022-36992

An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 and related NetBackup products. An attacker with authenticated access to a NetBackup Client could remotely execute arbitrary commands on a NetBackup Primary...

Design/Logic Flaw

An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 and related NetBackup products. An attacker with authenticated access to a NetBackup Client could remotely execute arbitrary commands on a NetBackup Primary...

GHSA-8XWJ-2WGH-GPRH Lack of authentication mechanism in Jenkins Git Plugin webhook

Git Plugin provides a webhook endpoint at /git/notifyCommit that can be used to notify Jenkins of changes to an SCM repository. For its most basic functionality, this endpoint receives a repository URL, and Jenkins will schedule polling for all jobs configured with the specified repository. In Gi...

PT-2022-4716 · Jenkins · Jenkins Git Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins Git Plugin versions 4.11.3 and earlier Description: A missing permission check in the Jenkins Git Plugin allows unauthenticated attackers to trigger builds of jobs configured to use an attacker-specified Git repository and to cause th...

PT-2022-4996 · Jenkins · Jenkins Git Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins Git Plugin versions 4.11.3 and earlier Description: A cross-site request forgery CSRF vulnerability exists due to insufficient authentication of requests. This allows attackers to trigger builds of jobs configured to use an...

xnio: org.xnio.StreamConnection.notifyReadClosed log to debug instead of stderr

A flaw was found in XNIO, specifically in the notifyReadClosed method. The issue revealed this method was logging a message to another expected end. This flaw allows an attacker to send flawed requests to a server, possibly causing log contention-related performance concerns or an unwanted disk...

alottbetter.dk Cross Site Scripting vulnerability OBB-2693150

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

Malicious code in voicemail-notify (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 46d8ff03edbc056b7f8c7c354d3d1a17c931e507fbc773cc6f7f815278b868e3 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2022-6961 Malicious code in voicemail-notify (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 46d8ff03edbc056b7f8c7c354d3d1a17c931e507fbc773cc6f7f815278b868e3 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in ct-notify (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 6bbead255c862ca6aa0274a954c23e2d2feae939b0a7d245d0d0201236edeb7e Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2022-2269 Malicious code in ct-notify (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 6bbead255c862ca6aa0274a954c23e2d2feae939b0a7d245d0d0201236edeb7e Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...