PT-2020-10459 · Heartland & Global Payments · Heartland & Global Payments Php Sdk

Name of the Vulnerable Software and Affected Versions: Heartland & Global Payments PHP SDK versions prior to 2.0.0 Description: The issue concerns the failure to enforce SSL certificate validations in the Gateways/Gateway.php file. This could potentially lead to security risks, as it may allow fo...

CVE-2019-17519

The Bluetooth Low Energy implementation on NXP SDK through 2.2.1 for KW41Z devices does not properly restrict the Link Layer payload length, allowing attackers in radio range to cause a buffer overflow via a crafted packet...

CVE-2019-19196

The Bluetooth Low Energy Secure Manager Protocol SMP implementation on Telink Semiconductor BLE SDK versions before November 2019 for TLSR8x5x through 3.4.0, TLSR823x through 1.3.0, and TLSR826x through 3.3 devices accepts a pairing request with a key size greater than 16 bytes, allowing an...

Introducing Microsoft Application Inspector

Modern software development practices often involve building applications from hundreds of existing components, whether they’re written by another team in your organization, an external vendor, or someone in the open source community. Reuse has great benefits, including time-to-market, quality, a...

EulerOS 2.0 SP2 : java-1.8.0-openjdk (EulerOS-SA-2019-2374)

According to the version of the java-1.8.0-openjdk packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit.Security...

Autodesk FBX Software Development Kit Buffer Overflow Vulnerability

Autodesk FBX Software Development Kit is a software development kit SDK for working with FBX format files from Autodesk USA. A buffer overflow vulnerability exists in the Autodesk FBX Software Development Kit. The vulnerability originates when a networked system or product performs an operation i...

Explained: What is containerization?

Containerization. Another one of those tech buzzwords folks love to say but often have no idea what it means. A better way to organize children's toys? The act of bringing tupperware out to dinner to safely transport home leftovers? Another name for Russian dolls? Containerization is, of course,...

CVE-2019-7366

Buffer overflow vulnerability in Autodesk FBX Software Development Kit version 2019.5. A user may be tricked into opening a malicious FBX file which may exploit a buffer overflow vulnerability causing it to run arbitrary code on the system...

CVE-2019-7366

Buffer overflow vulnerability in Autodesk FBX Software Development Kit version 2019.5. A user may be tricked into opening a malicious FBX file which may exploit a buffer overflow vulnerability causing it to run arbitrary code on the system...

RUSTSEC-2019-0031 spin is no longer actively maintained

The author of the spin crate does not have time or interest to maintain it. Consider the following alternatives all of which support nostd: - conquer-once - lockapi a subproject of parkinglot - spinningtop spinlock crate built on lockapi - spinning...

A New Playground for Cybercrime: Why Supply Chain Security Must Cover Software Development

Most organisations see supply chains as providers of physical goods and services. The supply chain management function in these companies usually provides the governance framework to reduce third-party risks and prevent hackers from stealing data, disrupting daily operations and affecting busines...

The vulnerability of Intel Remote Displays SDK’s remote screens involves permission processing errors, allowing attackers to escalate their privileges.

The vulnerability of Intel Remote Displays SDK’s remote screens involves permission processing errors. Exploiting this vulnerability can allow attackers to enhance their privileges...

SQL Injection Vulnerability in Library Bibliographic Search System op***.php Page

Jiangsu Huiwen Software Co., Ltd. is a company specializing in information management system software development, sales. A SQL injection vulnerability exists in the library bibliographic retrieval system op.php page, which can be exploited by attackers to obtain sensitive information from the...

SUSE SLED12 / SLES12 Security Update : bzip2 (SUSE-SU-2019:2013-1)

This update for bzip2 fixes the following issues : Fixed a regression with the fix for CVE-2019-12900, which caused incompatibilities with files that used many selectors bsc1139083. Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security...

IBM SDK, Java Technology Edition Privilege Vulnerability

IBM SDK, Java Technology Edition is a software development kit for Java application development from IBM, USA. An elevation of privilege vulnerability exists in IBM SDK, Java Technology Edition for AIX-based platforms, which can be exploited by a local attacker to inject code and elevate privileg...

Moderate: Red Hat Security Advisory: java-1.7.0-openjdk security update

An update for java-1.7.0-openjdk is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

PT-2022-8603 · Unknown +2 · Platinum Upnp Sdk +2

Name of the Vulnerable Software and Affected Versions: Platinum Upnp SDK versions prior to 1.2.1 Description: The issue allows for a directory traversal attack, which could be exploited by sending a malicious URL, such as "http://ip:port/../privacy.avi", to compromise a victim's privacy. This cou...

CVE-2019-8998

CVE-2019-8998 affects BlackBerry QNX Software Development Platform up to version 6.5.0 SP1. The procfs (/proc) service exposes process information, enabling a less-privileged local attacker to access a target process address space (information disclosure leading to local privilege escalation). Se...

The vulnerability of the Intel Data Center Manager SDK, related to access control deficiencies, allows a perpetrator to disclose protected information.

The vulnerability of the Intel Data Center Manager SDK development tools is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker to disclose sensitive information that is protected by these tools...

The vulnerability in the Intel Data Center Manager SDK toolset, related to key management errors, allows a hacker to disclose sensitive information that is protected by the software.

The vulnerability of the Intel Data Center Manager SDK development tools is related to key management errors. Exploiting this vulnerability can allow an attacker to disclose sensitive information that is protected by these tools...