Intel EPID SDK Input Validation Error Vulnerability

An input validation error vulnerability exists in the Intel EPID SDK that arises from a network system or product that does not properly validate incoming data...

Moderate: Red Hat Security Advisory: rh-nodejs14-nodejs security update

An update for rh-nodejs14-nodejs is now available for Red Hat Software Collections. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

JetBrains YouTrack Project Information Disclosure Vulnerability

YouTrack is a keyboard-based issue and project tracking tool from the Czech company JetBrains, primarily used for tracking tasks and defect correction arrangements during development. A project information disclosure vulnerability exists in versions of JetBrains YouTrack prior to 2020.6.1099. No...

CloudBees Jenkins Cross-Site Scripting Vulnerability (CNVD-2021-07539)

CloudBees Jenkins Hudson Labs is the United States CloudBees company a set of Java-based development of continuous integration tools . The product is mainly used to monitor the continuous software version release/testing project and some timed execution of the task . A cross-site scripting...

Loopholes in the uploading of documents on the rural collective "three capitals" management service platform

Guangzhou Beijia Software Development Co., Ltd. is a national high-tech enterprise specializing in software development and operation and maintenance services for rural property rights management and transfer services also known as three capitals management and trading. There is a file upload...

Jinan Yuxia Information Technology Co., Ltd. website building system suffers from SQL injection vulnerabilities (CNVD-2021-12787)

Jinan Yuxia Information Technology Co., Ltd. to the Internet products and related services as the main direction, is a collection of website construction and network promotion, IDC business, software development, server hosting, telecommunications value-added services and other integrated service...

java-1.8.0-openjdk bug fix and enhancement update

The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Bug Fixes and Enhancements: Currently, Java applications run with Speculative Store Bypass SSB, CVE-2018-3639 disabled. Disabling SSB results in a performance degradatio...

CVE-2021-2067

Vulnerability in the Oracle Outside In Technology product of Oracle Fusion Middleware component: Outside In Filters. Supported versions that are affected are 8.5.4 and 8.5.5. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Outside...

DLL Hijacking Vulnerability in 115 PC Version of Guangdong One One Five Technology Co.

The business scope of Guangdong Yi Yi Wu Technology Co., Ltd. includes: design, development and sales of computer software and hardware; design, release, production and agency of domestic and foreign advertisements; and provision of computerized page production. Ltd. 115 computer version of the D...

SolarWinds: What Hit Us Could Hit Others

New research into the malware that set the stage for the megabreach at IT vendor SolarWinds shows the perpetrators spent months inside the companys software development labs honing their attack before inserting malicious code into updates that SolarWinds then shipped to thousands of customers. Mo...

CVE-2021-1725

Bot Framework SDK Information Disclosure Vulnerability...

PYSEC-2021-422

Bot Framework SDK Information Disclosure Vulnerability...

Analyzing Solorigate, the compromised DLL file that started a sophisticated cyberattack, and how Microsoft Defender helps protect customers

We, along with the security industry and our partners, continue to investigate the extent of the Solorigate attack. While investigations are underway, we want to provide the defender community with intelligence to understand the scope, impact, remediation guidance, and product detections and...

The vulnerability in the IBM SDK Java Technology Edition development tools relates to the use of an unreliable search path, allowing a perpetrator to execute arbitrary code.

The vulnerability of the IBM SDK Java Technology Edition development tools is related to the use of an unreliable search path. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

Moderate: Red Hat Security Advisory: java-1.7.1-ibm security update

An update for java-1.7.1-ibm is now available for Red Hat Enterprise Linux 7 Supplementary. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

EulerOS 2.0 SP5 : pcp (EulerOS-SA-2020-2557)

According to the versions of the pcp packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A Improper Control of Generation of Code vulnerability in the packaging of pcp of SUSE Linux Enterprise High Performance Computing 15-ESPOS, SUSE...

Virtuozzo 7 : java-1.7.0-openjdk / etc (VZLSA-2019-1839)

An update for java-1.7.0-openjdk is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

Microsoft Azure DevOps Server Input Validation Error Vulnerability

Microsoft Azure DevOps Server is a suite of software development collaboration tools from Microsoft Corporation USA. The product includes features such as sharing code, work tracking, and software distribution. A security vulnerability exists in Microsoft Azure DevOps Server. No details of the...

Virtuozzo 7 : java-1.8.0-openjdk / etc (VZLSA-2019-3128)

An update for java-1.8.0-openjdk is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

Microsoft Azure SDK Security Vulnerability

Microsoft Azure SDK is a code base from Microsoft that supports interaction with programming languages to manage Azure. A security vulnerability exists in Microsoft Azure SDK. The following products and versions are affected:Azure SDK for Java...