2257 matches found
Buffer overflow
Vulnerability in the Oracle Outside In Technology product of Oracle Fusion Middleware component: Outside In Filters. The supported version that is affected is 8.5.5. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Outside In...
CVE-2021-35572
Vulnerability in the Oracle Outside In Technology product of Oracle Fusion Middleware component: Outside In Filters. The supported version that is affected is 8.5.5. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Outside In...
CVE-2021-35572
Vulnerability in the Oracle Outside In Technology product of Oracle Fusion Middleware component: Outside In Filters. The supported version that is affected is 8.5.5. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Outside In...
Oracle Outside In Technology Denial of Service Vulnerability (CNVD-2021-81796)
Oracle Outside In Technology is a software development kit SDK that provides developers with a comprehensive solution for extracting, normalizing, cleaning, converting, and viewing content in more than 600 unstructured file formats. A denial of service vulnerability in the Outside In Filters...
Oracle Outside In Technology Denial of Service Vulnerability
Oracle Outside In Technology is a software development kit SDK that provides developers with a comprehensive solution for extracting, normalizing, cleaning, converting, and viewing content in more than 600 unstructured file formats. A denial of service vulnerability in the Outside In Filters...
Oracle Outside In Technology Denial of Service Vulnerability (CNVD-2021-81800)
Oracle Outside In Technology is a software development kit SDK that provides developers with a comprehensive solution for extracting, normalizing, cleaning, converting, and viewing content in more than 600 unstructured file formats. A denial of service vulnerability in the Outside In Filters...
CVE-2021-41155
Tuleap is a Free & Open Source Suite to improve management of software developments and collaboration. In affected versions Tuleap does not sanitize properly user inputs when constructing the SQL query to browse and search revisions in the CVS repositories. The following versions contain the fix:...
CVE-2021-41154
Tuleap SQL injection (CVE-2021-41154) affects the SVN core commits browser and allows an attacker with read access to a SVN core repository to execute arbitrary SQL queries. Affected products/versions include Tuleap Community Edition 11.17.99.144, Tuleap Enterprise Edition 11.17-5, and Tuleap Ent...
CVE-2021-41155 SQL injection in CVS revisions browser
Tuleap is a Free & Open Source Suite to improve management of software developments and collaboration. In affected versions Tuleap does not sanitize properly user inputs when constructing the SQL query to browse and search revisions in the CVS repositories. The following versions contain the fix:...
CVE-2021-41155
CVE-2021-41155 affects Tuleap: SQL injection in the CVS revisions browser due to improper input sanitization. Affected fixes are Tuleap Community Edition 11.17.99.146, Tuleap Enterprise Edition 11.17-5, and Tuleap Enterprise Edition 11.16-7. The vulnerability arises when constructing SQL queries ...
Mandating a Zero-Trust Approach for Software Supply Chains
In the wake of the SolarWinds attack last year, President Biden issued an executive order in May advocating for mandatory software bills of materials, or SBOMs, to increase software transparency and counter supply-chain attacks. For reference, SBOMs are machine-readable documents that provide a...
The vulnerability of Adobe Flash Player, Adobe Integrated Runtime (AIR), Adobe AIR SDK, and Adobe AIR SDK & Compiler lies in the possibility of an out-of-buffer operation, allowing attackers to execute arbitrary code or cause service failures.
The vulnerabilities of Adobe Flash Player, Adobe Integrated Runtime AIR, Adobe AIR SDK, and Adobe AIR SDK & Compiler are related to the execution of operations beyond the buffer boundaries. Exploiting these vulnerabilities allows a malicious actor to execute arbitrary code or cause service failur...
SUSE: Security Advisory (SUSE-SU-2021:3333-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2021:3296-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Oppo Android Phone with Qualcomm Chipset 安全漏洞
Oppo Android Phone with Qualcomm Chipset is an Android phone with Qualcomm chipset from Chinese company Oppo. Oppo Android Phone with Qualcomm Chipset suffers from a security vulnerability that stems from a third-party SDK that provides the ability to load third-party Providers...
SUSE: Security Advisory (SUSE-SU-2021:3214-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2021:3125-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
“FudCo” Spam Empire Tied to Pakistani Software Firm
In May 2015, KrebsOnSecurity briefly profiled "The Manipulaters," the name chosen by a prolific cybercrime group based in Pakistan that was very publicly selling spam tools and a range of services for crafting, hosting and deploying malicious email. Six years later, a review of the social media...
SUSE: Security Advisory (SUSE-SU-2021:2944-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
DEBIAN-CVE-2021-36055
XMP Toolkit SDK versions 2020.1 and earlier are affected by a use-after-free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...