SAP NetWeaver Development Infrastructure跨站脚本漏洞

SAP NetWeaver Development Infrastructure is an SAP company that provides a consistent development environment, development teams, and support for software development throughout the product lifecycle. A cross-site scripting vulnerability exists in SAP NetWeaver Development Infrastructure, which c...

The vulnerability of the Outside In Filters component within the Oracle Outside In Technology SDK allows a hacker to trigger a service failure.

The vulnerability of the Outside In Filters component within the Oracle Outside In Technology SDK set is related to insufficient validation of input data. Exploiting this vulnerability could allow an attacker to trigger a service failure using the HTTP protocol...

PT-2022-2970 · Intel +9 · Sgx Psw +12

Name of the Vulnerable Software and Affected Versions: IntelR Processors affected versions not specified Description: The issue is related to incomplete cleanup in specific special register write operations, which may allow an authenticated user to potentially enable information disclosure via...

Security as a differentiator: How to market the secure customer experience

Leveraging software development lifecycle security as a go-to-market differentiator is imperative in setting companies apart from competitors. As Coalfires Cloud Advisory Board and my colleague Gail Coury eloquently pointed out in our recent Securealities Report, Smartest Path to DevSecOps...

CVE-2022-24896

CVE-2022-24896 affects Tuleap versions prior to 13.7.99.239. The vulnerability stems from improper authorization checks when displaying content in the Tracker Report Renderer and Chart widgets, allowing an attacker to disclose the name of trackers and the fields used in reports. Impact is informa...

[SECURITY] Fedora 36 Update: qt5-qtbase-5.15.3-2.fc36

Qt is a software toolkit for developing applications. This package contains base tools, like string, xml, and network handling...

SUSE: Security Advisory (SUSE-SU-2022:1891-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Important: nodejs:16 security update

Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Security Fixes: npm: npm ci succeeds when package-lock.json doesn't match package.json CVE-2021-43616 For more details about the security issues, including the...

SUSE: Security Advisory (SUSE-SU-2022:1869-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2022:1836-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2022:1833-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2022:1771-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2022:1764-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2022:1758-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

U.S. Warns Against North Korean Hackers Posing as IT Freelancers

Highly skilled software and mobile app developers from the Democratic People's Republic of Korea DPRK are posing as "non-DPRK nationals" in hopes of landing freelance employment in an attempt to enable the regime's malicious cyber intrusions. That's according to a joint advisory from the U.S...

SUSE: Security Advisory (SUSE-SU-2022:1714-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Important: Red Hat Security Advisory: java-17-openjdk security update

An update for java-17-openjdk is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerabilit...

SUSE: Security Advisory (SUSE-SU-2022:1695-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CentOS: Security Advisory for java (CESA-2022:1487)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

CVE-2020-22985

Cross-Site Scripting XSS vulnerability in MicroStrategy Web SDK 10.11 and earlier, allows remote unauthenticated attackers to execute arbitrary code via the key parameter to the getESRIExtraConfig task...