Astra Linux - уязвимость в firefox, thunderbird

When attempting to load a cross-origin resource in an audio/video context, a decoding error may occur. The details of that error may contain information related to the resource. This vulnerability affects Firefox versions earlier than 86, Thunderbird versions earlier than 78.8, and Firefox ESR...

[SECURITY] Fedora 42 Update: rust-below-0.9.0-6.fc42

below is an interactive tool to view and record historical system data. It has support for: - information regarding hardware resource utilization - viewing the cgroup hierarchy - cgroup and process information - pressure stall information PSI - record mode to record system data - replay mode to...

EUVD-2016-5493

Malware in sbrugna...

Information Exposure

Overview Affected versions of this package are vulnerable to Information Exposure via the embed feature. An attacker can access unpublished or private resource data by inferring the slug or URL of the resource that can be embedded. Note: This is only exploitable if the resource allows embedding a...

GHSA-V3RG-QM46-XRG9 Path traversal in flaskcode

An issue was discovered in the flaskcode package through 0.0.8 for Python. An unauthenticated directory traversal, exploitable with a POST request to a /update-resource-data/ URI from views.py, allows attackers to write to arbitrary files...

Directory traversal

An issue was discovered in the flaskcode package through 0.0.8 for Python. An unauthenticated directory traversal, exploitable with a POST request to a /update-resource-data/ URI from views.py, allows attackers to write to arbitrary files...

PT-2024-14506 · Flaskcode · Flaskcode

Name of the Vulnerable Software and Affected Versions: flaskcode versions through 0.0.8 Description: An issue was discovered that allows for unauthenticated directory traversal, which can be exploited with a POST request to the "/update-resource-data/" API endpoint. This enables attackers to writ...

A Look at Our Development Process of the Cloud Resource Enrichment API

In today's ever-evolving cybersecurity landscape, detecting and responding to cyber threats is paramount for organizations in cloud environments. At the same time, investigating cyber threat alerts can be arduous due to the time-consuming and complex process of data collection. To tackle this pai...

Sealos 安全漏洞

Sealos is a cloud operating system designed for managing cloud-native applications. A security vulnerability exists in Sealos 4.2.0 and prior versions that stems from a privilege flaw where the billing interface can expose resource information...

CVE-2023-21508

Out-of-bounds Write vulnerability while processing BCTUICMDSENDRESOURCEDATA command in bctui trustlet from Samsung Blockchain Keystore prior to version 1.3.12.1 allows local attacker to execute arbitrary code...

CVE-2023-21507

Out-of-bounds Read vulnerability while processing BCTUICMDSENDRESOURCEDATAARRAY command in bctui trustlet from Samsung Blockchain Keystore prior to version 1.3.12.1 allows local attacker to read arbitrary memory...

SAMSUNG Blockchain Keystore 缓冲区错误漏洞

SAMSUNG Blockchain Keystore is Samsung's system tool for creating, storing, managing, and backing up private keys. A security vulnerability exists in SAMSUNG Blockchain Keystore versions prior to 1.3.12.1, which stems from an out-of-bounds read vulnerability when processing the...

PYSEC-2021-467

TensorFlow is an end-to-end open source platform for machine learning. Calling tf.rawops.ImmutableConsthttps://www.tensorflow.org/apidocs/python/tf/rawops/ImmutableConst with a dtype of tf.resource or tf.variant results in a segfault in the implementation as code assumes that the tensor contents...

PYSEC-2021-665

TensorFlow is an end-to-end open source platform for machine learning. Calling tf.rawops.ImmutableConsthttps://www.tensorflow.org/apidocs/python/tf/rawops/ImmutableConst with a dtype of tf.resource or tf.variant results in a segfault in the implementation as code assumes that the tensor contents...

CVE-2020-12248

In Foxit Reader and PhantomPDF before 10.0.1, and PhantomPDF before 9.7.3, attackers can execute arbitrary code via a heap-based buffer overflow because dirty image-resource data is mishandled...

Heap overflow

In Foxit Reader and PhantomPDF before 10.0.1, and PhantomPDF before 9.7.3, attackers can execute arbitrary code via a heap-based buffer overflow because dirty image-resource data is mishandled...

CVE-2020-12248

In Foxit Reader and PhantomPDF before 10.0.1, and PhantomPDF before 9.7.3, attackers can execute arbitrary code via a heap-based buffer overflow because dirty image-resource data is mishandled...

Resource Data Management Intuitive 650 TDB控制器权限提升漏洞

No description provided by source...

CVE-2016-4505

Resource Data Management RDM Intuitive 650 TDB Controller devices before 2.1.24 allow remote authenticated users to modify arbitrary passwords via unspecified vectors...

Code injection

Resource Data Management RDM Intuitive 650 TDB Controller devices before 2.1.24 allow remote authenticated users to modify arbitrary passwords via unspecified vectors...