SUSE: Security Advisory (SUSE-SU-2014:1577-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2014:0541-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Bova NetDragon Information Security All-in-One Machine has a Logic Flaw Vulnerability

Ltd. is a high-tech enterprise mainly engaged in software product development, information security product development, and computer system integration and information security services as a whole. A logic flaw vulnerability exists in the Bohua NetDragon Information Security All-in-One Computer,...

Accusoft ImageGear buffer overflow vulnerability (CNVD-2021-40854)

Accusoft ImageGear is a software development kit SDK for image processing from Accusoft, USA. ImageGear 19.9 suffers from a buffer overflow vulnerability that stems from the fact that an attacker can exploit the vulnerability by being able to supply a malicious file to trigger the vulnerability. ...

Accusoft ImageGear Input Validation Error Vulnerability (CNVD-2021-41085)

Accusoft ImageGear is a software development kit SDK for image processing from Accusoft, USA. oft ImageGear 19.9 suffers from an input validation error vulnerability that stems from a specially crafted malformed file that could result in a stack-based buffer overflow. No detailed vulnerability...

Security Bulletin: A vulnerability in the GSKit component of Client Software Development Kit (CSDK) (CVE-2016-0201)

Summary A vulnerability has been addressed in the GSKit, component of Informix Client Software Development Kit CSDK Vulnerability Details CVEID: CVE-2016-0201 DESCRIPTION: IBM GSKit could allow a remote attacker to obtain sensitive information, caused by a MD5 collision. An attacker could exploit...

CloudBees Jenkins Markdown Formatter Plugin Cross-Site Scripting Vulnerability

CloudBees Jenkins Hudson Labs is the United States CloudBees company a set of Java-based development of continuous integration tools . The product is mainly used to monitor the continuous software version release/testing project and some timed execution of the task . A cross-site scripting...

Weak Password Vulnerability in C-Lodop Print Services System

Ltd. is a company whose main business is software development; information technology consulting services; information system integration services; wholesale of computers, software and auxiliary equipment; retail of computers, software and auxiliary equipment, etc. A weak password vulnerability...

SQL Injection Vulnerability in Enterprise Standardized Management System of R&S Information Technology (Shanghai) Co.

R&S Information Technology Shanghai Co., Ltd. is a high-tech company specializing in software development and information services. A SQL injection vulnerability exists in the Enterprise Standardized Management System of R&S Information Technology Shanghai Co. An attacker can exploit the...

Arbitrary File Read Vulnerability in Library Cluster Management System of Guangzhou Tutron Computer Software Development Co. Ltd (CNVD-2021-39129)

Guangzhou Tutron Computer Software Development Co., Ltd. is a high-tech enterprise integrating product development, application integration and customer service. There is an arbitrary file read vulnerability in the Library Cluster Management System of Guangzhou Tutron Computer Software Developmen...

java-1.8.0-openjdk bug fix and enhancement update

An update is available for java-1.8.0-openjdk. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime...

java-1.8.0-openjdk bug fix and enhancement update

The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Bug Fixes and Enhancements: Prepare for the next quarterly OpenJDK upstream release 2021-04, 8u292 almalinux-8 BZ1942308 EMBARGOED java-1.8.0-openjdk: JDK: Oracle CPU...

java-11-openjdk bug fix and enhancement update

An update is available for java-11-openjdk. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The java-11-openjdk packages provide the OpenJDK 11 Java Runtime...

java-11-openjdk bug fix and enhancement update

The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Bug Fixes and Enhancements: Prepare for the next quarterly OpenJDK upstream release 2021-04, 11.0.11 almalinux-8 BZ1942311 java-11-openjdk: JDK: Oracle CPU 2021-04 BZ1943...

new module: swig:4.0

The simplified wrapper and interface generator SWIG is a software development utility to connect C, C++, and Objective C programs with a variety of high-level programming languages. SWIG is used to create high-level interpreted programming environments, systems integration, and as a utility for...

Unauthorized Access Vulnerability in Tianshui Ruiyang Website Management System

Founded in 2011, Gansu Ruiyang Technology Co., Ltd. is a software research and development and data service provider, dedicated to providing comprehensive digital solutions for every user. Unauthorized access vulnerability exists in Tianshui Ruiyang Website Management System, which can be exploit...

CVE-2021-22673

The affected product is vulnerable to stack-based buffer overflow while processing over-the-air firmware updates from the CDN server, which may allow an attacker to remotely execute code on the SimpleLink Wi-Fi MSP432E4 SDK: v4.20.00.12 and prior, CC32XX SDK v4.30.00.06 and prior, CC13X0 SDK...

SUSE SLES12 Security Update : avahi (SUSE-SU-2021:1494-1)

This update for avahi fixes the following issues : CVE-2021-3468: avoid infinite loop by handling HUP event in clientwork bsc1184521. Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically...

Benefits of Building a Multi-prong Mousetrap for WAF Policies with ML

The reason behind buying a market-leading Web Application Firewall WAF is to protect your website and web applications from malicious attacks, plus complying with industry or regional data and privacy standards. In addition to the typical OWASP Top 10 vulnerabilities, WAFs need to address a litan...

Microsoft Warns of 25 Critical Vulnerabilities in IoT, Industrial Devices

Security researchers at Microsoft are warning the industry about 25 as-yet undocumented critical memory-allocation vulnerabilities across a number of vendors’ IoT and industrial devices that threat actors could exploit to execute malicious code across a network or cause an entire system to crash...