224 matches found
Polite WiFi loophole could allow attackers to drain device batteries
Researchers at the University of Waterloo in Ontario have further researched a loophole in the WiFi protocol that was dubbed "polite WiFi". Last year the researchers published a study in which they showed someone could use this loophole to triangulate the location of any WiFi enabled device. Now,...
curl security update
An update is available for curl. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The curl packages provide the libcurl library and the curl utility for downloadi...
Introducing Experimental Spring Support for Apache Pulsar
We are happy to announce that we are incubating a new experimental Spring project for Apache Pulsar. This project aims to provide Spring-friendly APIs, building blocks, and programming models for writing Java applications that interact with Apache Pulsar. Apache Pulsar is a popular messaging syst...
RLSA-2022:5317 Moderate: libxml2 security update
The libxml2 library is a development toolbox providing the implementation of various XML standards. Security Fixes: libxml2: integer overflows in xmlBuf and xmlBuffer lead to out-of-bounds write CVE-2022-29824 For more details about the security issues, including the impact, a CVSS score,...
Important: Red Hat Security Advisory: xmlrpc-c security update
An update for xmlrpc-c is now available for Red Hat Enterprise Linux 8.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available fo...
Intel® Thunderbolt™ non-DCH Driver for Windows Advisory
Summary: A potential security vulnerability in the Intel® Thunderbolt™ non-DCH Declarative Componentized Hardware driver for Windows may allow escalation of privilege. Intel is releasing software updates and prescriptive guidance to mitigate this potential vulnerability. Vulnerability Details:...
Important: Red Hat Security Advisory: kpatch-patch security update
An update for kpatch-patch is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...
PT-2021-6242 · Mentor Graphics +1 · Nucleus Net +11
Name of the Vulnerable Software and Affected Versions: Capital Embedded AR Classic 431-422 versions all Capital Embedded AR Classic R20-11 versions prior to V2303 PLUSCONTROL 1st Gen versions all SIMOTICS CONNECT 400 versions prior to V0.5.0.0 APOGEE MBC versions all APOGEE MEC versions all APOGE...
Intel® SSD DC Firmware Advisory
Summary: A potential security vulnerability in some Intel® Solid State Drive SSD Data Center DC products may allow information disclosure. Intel is releasing firmware updates to mitigate this potential vulnerability. Vulnerability Details: CVEID: CVE-2021-0148 Description: Insertion of informatio...
tftpd_file.c in atftp through 0.7.4 has a buffer overflow because buffer-size handling does not properly consider the combination of data OACK and other options.
...
CVE-2021-38311
In Contiki 3.0, potential nonterminating acknowledgment loops exist in the Telnet service. When the negotiated options are already disabled, servers still respond to DONT and WONT requests with WONT or DONT commands, which may lead to infinite acknowledgment loops, denial of service, and excessiv...
CVE-2021-38311
In Contiki 3.0, potential nonterminating acknowledgment loops exist in the Telnet service. When the negotiated options are already disabled, servers still respond to DONT and WONT requests with WONT or DONT commands, which may lead to infinite acknowledgment loops, denial of service, and excessiv...
Design/Logic Flaw
In Contiki 3.0, potential nonterminating acknowledgment loops exist in the Telnet service. When the negotiated options are already disabled, servers still respond to DONT and WONT requests with WONT or DONT commands, which may lead to infinite acknowledgment loops, denial of service, and excessiv...
Important: Red Hat Security Advisory: gupnp security update
An update for gupnp is now available for Red Hat Enterprise Linux 8.1 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...
Important: Red Hat Security Advisory: bind security update
An update for bind is now available for Red Hat Enterprise Linux 7.2 Advanced Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for ea...
TIBCO Security Advisory: March 23, 2021 - TIBCO ActiveSpaces -2021-28824
TIBCO ActiveSpaces Windows Platform Installation vulnerability Original release date: March 23, 2021 Last revised: CVE-2021-28824 Source: TIBCOSoftware Inc. Products Affected TIBCO ActiveSpaces - Community Edition versions 4.5.0 and below TIBCO ActiveSpaces - Developer Edition versions 4.5.0 and...
TIBCO Security Advisory: March 23, 2021 - TIBCO FTL -2021-28820
TIBCO FTL Windows Platform Artifact Search vulnerability Original release date:March 23, 2021 Last revised: CVE-2021-28820 Source: TIBCO Software Inc. Products Affected TIBCO FTL - Community Edition versions 6.5.0 and below TIBCO FTL - Developer Edition versions 6.5.0 and below TIBCO FTL -...
Important: Red Hat Security Advisory: unbound security update
An update for unbound is now available for Red Hat Enterprise Linux 7.7 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...
Virtual Airlines Manager 2.6.2 - 'notam' SQL Injection
Exploit Title: Virtual Airlines Manager 2.6.2 - 'notam' SQL Injection Date: 2020-06-07 Exploit Author: Pankaj Kumar Thakur Vendor Homepage: http://virtualairlinesmanager.net/ Dork: inurl:notamid= Affected Version: 2.6.2 Tested on: Ubuntu CVE : N/A Vulnerable parameter -------------------...
About the security content of Xcode 11.4 - Apple Support
About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the Apple security updates page. Apple security documents reference...