Always-Incorrect Control Flow Implementation

Overview Affected versions of this package are vulnerable to Always-Incorrect Control Flow Implementation in the EqualsUri function. An attacker can cause incorrect URI comparisons by supplying specially crafted input values. Remediation A fix was pushed into the master branch but not yet...

Always-Incorrect Control Flow Implementation

Overview Affected versions of this package are vulnerable to Always-Incorrect Control Flow Implementation due to the misinterpretation of the PubkeyAcceptedAlgorithms or HostbasedAcceptedAlgorithms configuration, which causes unintended ECDSA algorithms to be accepted. An attacker can compromise...

Security Bulletin: Vulnerability in requests affects IBM Cloud Pak for Data System 2.0 (CPDS 2.0) [CVE-2024-35195]

Summary The requests package is used by IBM Cloud Pak for Data System 2.0 . IBM Cloud Pak for Data System 2.0 has addressed the applicable CVEs CVE-2024-35195 Vulnerability Details CVEID:CVE-2024-35195 DESCRIPTION: Psf Requests could allow a local authenticated attacker to bypass security...

EUVD-2024-28069

Malicious code in bioql PyPI...

Security Bulletin: IBM Sterling Connect:Direct Web Service is vulnerable to multiple vulnerabilities due to python - requests

Summary IBM Sterling Connect:Direct Web Service uses python - requests , python-requests could allow a remote attacker to obtain sensitive information, caused by the leaking of Proxy-Authorization headers to destination servers during redirects to an HTTPS origin. Vulnerability Details...

Intel QAT 安全漏洞

The Intel QAT Engine for OpenSSL software is an open source software plug-in designed to accelerate OpenSSL cryptographic operations with Intel Quick Assist Technology QAT hardware. A control flow management deficiency vulnerability exists in Intel QAT Engine for OpenSSL software, which can be...

CVE-2024-30133 HCL Traveler for Microsoft Outlook (HTMO) is susceptible to a control flow vulnerability

HCL Traveler for Microsoft Outlook HTMO is susceptible to a control flow vulnerability. The application does not sufficiently manage its control flow during execution, creating conditions in which the control flow can be modified in unexpected ways...

HCL Traveler 安全漏洞

HCL Traveler is a software from HCL Corporation, USA. used to provide automatic, bi-directional, wireless synchronization between HCL Domino servers and wireless handheld devices. A security vulnerability exists in HCL Traveler versions prior to 3.0.11 that stems from susceptibility to a control...

Intel Ethernet Adapters and Intel Ethernet Controller I225 Manageability firmware security vulnerability

Intel Ethernet Adapters and Intel Ethernet Controllers are products of Intel Corporation, USA. Intel Ethernet Adapters are Ethernet adapters. Intel Ethernet Controllers are Ethernet controllers. Intel Ethernet Adapters and Intel Ethernet Controllers are products of Intel Corporation. A security...

SUSE-SU-2022:0502-1 Security update for ucode-intel

This update for ucode-intel fixes the following issues: Updated to Intel CPU Microcode 20220207 release. - CVE-2021-0146: Fixed a potential security vulnerability in some Intel Processors may allow escalation of privilege bsc1192615 - CVE-2021-0127: Intel Processor Breakpoint Control Flow...