The vulnerability of Adobe Dimension’s 3D design software relates to reading data beyond the buffer in memory, allowing an attacker to gain unauthorized access to protected information.

The vulnerability of Adobe Dimension’s 3D design software relates to reading data beyond the buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information through a specially created GLB file...

PT-2024-2697 · Intel · Intel Binary Configuration Tool

Name of the Vulnerable Software and Affected Versions: Intel Binary Configuration Tool versions prior to 3.4.4 Description: The issue is related to an uncontrolled search path in the Intel Binary Configuration Tool software. This may allow an authenticated user to potentially enable escalation of...

Microsoft Azure File Sync Agent Installed (Windows)

Binary data microsoftazurefilesyncagentwininstalled.nbin...

Intel® Binary Configuration Tool Software Advisory

Summary: A potential security vulnerability in some Intel® Binary Configuration Tool software may allow escalation of privilege. Intel is releasing software updates to mitigate this potential vulnerability. Vulnerability Details: CVEID: CVE-2023-24591 Description: Uncontrolled search path in some...

openssh security update

An update is available for openssh. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list OpenSSH is an SSH protocol implementation supported by a number of Linux, UNI...

libssh security update

An update is available for libssh. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list libssh is a library which implements the SSH protocol. It can be used to...

Safari < 14.0 Multiple Vulnerabilities

Binary data 701462.pasl...

Hands-on Review: Myrror Security Code-Aware and Attack-Aware SCA

Introduction The modern software supply chain represents an ever-evolving threat landscape, with each package added to the manifest introducing new attack vectors. To meet industry requirements, organizations must maintain a fast-paced development process while staying up-to-date with the latest...

CKEditor Detection via CDN

Binary data cksourceckeditorcdndetect.nbin...

Delta Electronics DIAEnergie Hard-coded JWT Key (CVE-2022-3214)

Binary data deltaelectronicsdiaenergiecve-2022-3214.nbin...

HCL BigFix Server Installed (Windows)

Binary data hclbigfixserverwininstalled.nbin...

CVE-2023-32479

Dell Encryption, Dell Endpoint Security Suite Enterprise, and Dell Security Management Server versions prior to 11.9.0 contain privilege escalation vulnerability due to improper ACL of the non-default installation directory. A local malicious user could potentially exploit this vulnerability by...

Ivanti Policy Secure 9.x / 22.x SSRF-RCE Chain (CVE-2024-21893)

Binary data ivantipsssrfrceCVE-2024-21893.nbin...

Ivanti Policy Secure 9.x / 22.x SSRF (CVE-2024-21893)

Binary data ivantipsCVE-2024-21893.nbin...

Ivanti Connect Secure 9.x / 22.x SSRF-RCE Chain (CVE-2024-21893)

Binary data ivanticsssrfrceCVE-2024-21893.nbin...

Ivanti Connect Secure 9.x / 22.x SSRF (CVE-2024-21893)

Binary data ivanticsCVE-2024-21893.nbin...

The vulnerability of the GoGoReleaser binary file extraction tool, related to the disclosure of information through registration files, allows a hacker to disclose the protected information.

The vulnerability of the GoGoReleaser binary file collection relates to the disclosure of information through registration files. Exploiting this vulnerability can allow an attacker to disclose the protected information...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : bouncycastle, jsch (SUSE-SU-2024:0327-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2024:0327-1 advisory. - The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other...

GHSA-6845-XW22-FFXV Vyper sha3 codegen bug

Summary There is an error in the stack management when compiling the IR for sha364. Concretely, the height variable is miscalculated. The vulnerability can't be triggered without writing the IR by hand. That is, it cannot be triggered from regular vyper code, it can only be triggered by using the...

Vyper sha3 codegen bug

Summary There is an error in the stack management when compiling the IR for sha364. Concretely, the height variable is miscalculated. The vulnerability can't be triggered without writing the IR by hand. That is, it cannot be triggered from regular vyper code, it can only be triggered by using the...