Acuant AsureID Sentinel 日志信息泄露漏洞

Acuant AsureID Sentinel is an automated solution for authentication and file certification from Acuant USA. A security vulnerability exists in Acuant AsureID Sentinel. No information about this vulnerability is available at this time, please stay tuned to CNNVD or the vendor announcement...

PT-2023-15625 · Acuant · Acuant Asureid Sentinel

Name of the Vulnerable Software and Affected Versions: Acuant AsureID Sentinel versions prior to 5.2.149 Description: An issue was discovered where the software uses the root of the C: drive for the i-Dentify and Sentinel Installer log files. Recommendations: For versions prior to 5.2.149, update...

CVE-2022-48228

An issue was discovered in Acuant AsureID Sentinel before 5.2.149. It uses the root of the C: drive for the i-Dentify and Sentinel Installer log files, aka CORE-7362...

CVE-2022-48227

An issue was discovered in Acuant AsureID Sentinel before 5.2.149. It allows elevation of privileges because it opens Notepad after the installation of AssureID, Identify x64, and Identify x86, aka CORE-7361...

CVE-2022-48227

An issue was discovered in Acuant AsureID Sentinel before 5.2.149. It allows elevation of privileges because it opens Notepad after the installation of AssureID, Identify x64, and Identify x86, aka CORE-7361...

CVE-2022-48228

An issue was discovered in Acuant AsureID Sentinel before 5.2.149. It uses the root of the C: drive for the i-Dentify and Sentinel Installer log files, aka CORE-7362...

PT-2023-15624 · Acuant +1 · Acuant Asureid Sentinel +1

Name of the Vulnerable Software and Affected Versions: Acuant AsureID Sentinel versions prior to 5.2.149 Description: An issue was discovered that allows elevation of privileges because it opens Notepad after the installation of AssureID, Identify x64, and Identify x86. Recommendations: For...

Microsoft Introduces GPT-4 AI-Powered Security Copilot Tool to Empower Defenders

Microsoft on Tuesday unveiled Security Copilot in limited preview, marking its continued quest to embed AI-oriented features in an attempt to offer "end-to-end defense at machine speed and scale." Powered by OpenAI's GPT-4 generative AI and its own security-specific model, it's billed as a securi...

Microsoft Introduces GPT-4 AI-Powered Security Copilot Tool to Empower Defenders

Microsoft on Tuesday unveiled Security Copilot in limited preview, marking its continued quest to embed AI-oriented features in an attempt to offer "end-to-end defense at machine speed and scale." Powered by OpenAI's GPT-4 generative AI and its own security-specific model, it's billed as a securi...

Microsoft Secure: Explore innovations transforming the future of security

Building a more secure future requires an end-to-end approach. There is no question that technology plays an essential role, but security will always be human-centered. That’s what Microsoft Secure is all about. It’s about sharing knowledge, best practices, and technology innovations that empower...

SUSE-SU-2023:0694-1 Security update for redis

This update for redis fixes the following issues: - CVE-2022-36021: Fixed integer overflow in RANDMEMBER, ZRANDMEMBER, and HRANDFIELD commands bsc1208790. - CVE-2023-25155: Fixed integer Overflow in RAND commands can lead to assertion bsc1208793. The following non-security bug was fixed: - Fixed...

Intel® Quartus® Advisory

Summary: Potential security vulnerabilities in Intel® Quartus® Prime Pro and Standard Editions may allow escalation of privilege, denial of service, or information disclosure. Intel is releasing software updates to mitigate these potential vulnerabilities. Vulnerability Details: CVEID:...

cc.jweb:jweb-adai (>=1.0.2 <=1.0.6), cc.jweb:jweb-boot (>=1.0.2 <=1.0.5) +102 more potentially affected by CVE-2023-23638 via org.apache.dubbo:dubbo (>=2.7.0 <=2.7.21)

org.apache.dubbo:dubbo MAVEN version =2.7.0, =1.0.2, =1.0.2, =1.2.1, =1.28.0, =2.0.0.RELEASE, =2.0.0.RELEASE, =2.0.0.RELEASE, =2.0.0.RELEASE, =2.0.0.RELEASE, =0.0.1, =2.2.7.RELEASE, =1.0.3, =1.0.3, =1.5.1, =2.0.1, =2.0.11 and more Source cves: CVE-2023-23638 Source advisory: OSV:GHSA-933G-V89R-X8...

SEC cyber risk management rule—a security and compliance opportunity

In my practice as a Microsoft Global Black Belt, I focus on the technical and business enablement aspects of protecting organizations from cyber threats with tools like Microsoft 365 Defender, Microsoft Purview and Microsoft Sentinel. In my role as a board member for another publicly traded...

SUSE CVE-2014-3460

Directory traversal vulnerability in the DumpToFile method in the NQMcsVarSet ActiveX control in Agent Manager in NetIQ Sentinel allows remote attackers to create arbitrary files, and consequently execute arbitrary code, via a crafted pathname...

SUSE CVE-2020-6613

GNU LibreDWG 0.9.3.2564 has a heap-based buffer over-read in bitsearchsentinel in bits.c...

SUSE CVE-2020-21840

A heap based buffer overflow vulnerability exits in GNU LibreDWG 0.10 via bitsearchsentinel ../../src/bits.c:1985...

SUSE CVE-2021-32762

Redis is an open source, in-memory database that persists on disk. The redis-cli command line tool and redis-sentinel service may be vulnerable to integer overflow when parsing specially crafted large multi-bulk network replies. This is a result of a vulnerability in the underlying hiredis librar...

GitLab Enterprise Edition和GitLab Community Edition安全漏洞

GitLab Enterprise Edition EE and GitLab Community Edition CE are both products of GitLab, Inc. GitLab Enterprise Edition is a content management system. GitLab Enterprise Edition is a content management system. A security vulnerability exists in GitLab CE/EE versions 11.8 through 15.5.7 prior, 15...

​​Microsoft Entra: 5 identity priorities for 2023

Welcome to 2023. After the pandemic upended how we work, learn, play, and manage our lives, we find ourselves more connected than ever, with more convenient access to an ever-wider range of online tools and experiences. But as our global digital footprint continues to grow, so does the risk of...