Lucene search
K

2259 matches found

OSV
OSV
added 2022/10/17 7:0 a.m.28 views

RLSA-2022:6964 Important: nodejs:16 security update

Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. The following packages have been upgraded to a later upstream version: nodejs 16. Security Fixes: nodejs: weak randomness in WebCrypto keygen CVE-2022-35255 nodej...

8.2CVSS8.6AI score0.02587EPSS
Exploits2References3
CNNVD
CNNVD
added 2022/10/14 12:0 a.m.4 views

Autodesk FBX-SDK 资源管理错误漏洞

Autodesk FBX-SDK is a C++ software development platform and API toolkit from Autodesk, Inc. that is primarily used to convert existing content to FBX format. A security vulnerability exists in Autodesk FBX-SDK version 2020 and prior versions, which originates from the possibility that a user coul...

7.8CVSS8.1AI score0.00351EPSS
Exploits0References4
OpenVAS
OpenVAS
added 2022/10/05 12:0 a.m.26 views

SUSE: Security Advisory (SUSE-SU-2022:3499-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.2AI score0.02198EPSS
Exploits0References6
OpenVAS
OpenVAS
added 2022/10/03 12:0 a.m.14 views

SUSE: Security Advisory (SUSE-SU-2022:3475-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.5CVSS6.6AI score0.00269EPSS
Exploits0References4
OpenVAS
OpenVAS
added 2022/10/03 12:0 a.m.10 views

SUSE: Security Advisory (SUSE-SU-2022:3483-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.4CVSS8.3AI score0.0199EPSS
Exploits0References4
CNNVD
CNNVD
added 2022/09/28 12:0 a.m.3 views

Matrix 授权问题漏洞

Matrix is an ambitious new ecosystem for open federated instant messaging and VoIP. A security vulnerability exists in the Matrix Javascript SDK prior to version 19.7.0, which stems from a lack of required checks in matrix-js-sdk...

8.6CVSS7.9AI score0.00865EPSS
Exploits0References12
OpenVAS
OpenVAS
added 2022/09/28 12:0 a.m.19 views

SUSE: Security Advisory (SUSE-SU-2022:3428-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS6.8AI score0.00561EPSS
Exploits1References4
OpenVAS
OpenVAS
added 2022/09/27 12:0 a.m.15 views

SUSE: Security Advisory (SUSE-SU-2022:3381-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.6CVSS8.3AI score0.01772EPSS
Exploits1References4
Spring Security Advisories
Spring Security Advisories
added 2022/09/23 7:0 a.m.18 views

My SpringOne 2022

It has taken me an embarrassingly long time to appreciate and understand that the devil is in the details regarding software development. Writing happy-path business logic isnt the hard part! Its the failure cases, observability, resilience, and process. Its security and other so-called...

0.7AI score
Exploits0
The Coalfire Blog
The Coalfire Blog
added 2022/09/20 6:14 p.m.13 views

It’s time to bite the bullet for more secure software

On September 14, 2022, the Office of Management and Budget OMB released their M-22-18 memorandum on "Enhancing the Security of the Software Supply Chain through Secure Software Development Practices." This document builds upon previous government documents such as Executive Order EO 14028...

2.1AI score
Exploits0
MSRC
MSRC
added 2022/09/20 7:0 a.m.7 views

Defense-in-Depth Updates for Azure Identity libraries and Azure Key Vault libraries within Azure SDK plus Best Practice Implementation Guidance

Summary Today, Microsoft released new versions of the Azure Key Vault libraries and Azure Identity libraries as part of the Azure Software Development Kit SDK that includes defense-in-depth feature improvements. We also published best practice guidance to help protect applications and services th...

7.3AI score
Exploits0
The Coalfire Blog
The Coalfire Blog
added 2022/09/19 6:22 p.m.11 views

Software supply chain security is coming of age

Coalfires first Securealities Software Supply Chain Risk Report revealed dramatic budget increases for enterprise security in general and a growing demand for more testing, training, and process improvements in the battle to defend digital assets. But perhaps the most significant takeaway from th...

0.8AI score
Exploits0
OpenVAS
OpenVAS
added 2022/09/15 12:0 a.m.17 views

SUSE: Security Advisory (SUSE-SU-2022:3269-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8CVSS7.4AI score0.0152EPSS
Exploits0References8
OpenVAS
OpenVAS
added 2022/09/09 12:0 a.m.16 views

SUSE: Security Advisory (SUSE-SU-2022:3208-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.3CVSS7.8AI score0.00989EPSS
Exploits0References4
OpenVAS
OpenVAS
added 2022/09/09 12:0 a.m.17 views

SUSE: Security Advisory (SUSE-SU-2022:3193-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8CVSS7.4AI score0.0152EPSS
Exploits0References5
OpenVAS
OpenVAS
added 2022/09/08 12:0 a.m.20 views

SUSE: Security Advisory (SUSE-SU-2022:3138-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.5CVSS7.3AI score0.00365EPSS
Exploits0References4
OpenVAS
OpenVAS
added 2022/09/08 12:0 a.m.14 views

SUSE: Security Advisory (SUSE-SU-2022:3160-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.3CVSS4.8AI score0.00808EPSS
Exploits1References5
OpenVAS
OpenVAS
added 2022/09/05 12:0 a.m.24 views

SUSE: Security Advisory (SUSE-SU-2022:3007-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS9.5AI score0.00905EPSS
Exploits0References4
OpenVAS
OpenVAS
added 2022/09/05 12:0 a.m.16 views

SUSE: Security Advisory (SUSE-SU-2022:3016-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.9CVSS5.7AI score0.01102EPSS
Exploits0References4
Imperva Blog
Imperva Blog
added 2022/08/30 1:23 p.m.19 views

How to Support Agile Development Through Cybersecurity Best Practices

Understanding other peoples problems It’s often said that people only notice cybersecurity when it fails, or when it gets in the way of them doing their jobs. Organizations, and especially software development teams, want to be able to develop quickly and easily to stay ahead of their competition...

0.1AI score
Exploits0
Rows per page
Query Builder