OpenJDK: Defective secure validation in Apache Santuario (Libraries, 8278008)

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Libraries. Supported versions that are affected are Oracle Java SE: 7u331, 8u321, 11.0.14, 17.0.2, 18; Oracle GraalVM Enterprise Edition: 20.3.5, 21.3.1 and 22.0.0.2. Easily exploitable...

Atlassian Jira 授权问题漏洞

Atlassian Jira is a defect tracking management system from Atlassian Australia. The system is used to track and manage all types of issues and defects in the workplace. Atlassian Jira suffers from an authorization issue vulnerability that can be exploited by an attacker to bypass authentication b...

FIS GT.M数字错误漏洞

FIS GT.M is a database platform. A security vulnerability exists in FIS GT.M versions prior to V7.0-000, which stems from a lack of input validation when calling ebdiv in srport/ebmuldiv.c. An attacker can exploit the vulnerability to crash the application by performing a divide by zero...

CVE-2021-46740

The device authentication service module has a defect vulnerability introduced in the design process.Successful exploitation of this vulnerability may affect data confidentiality...

CVE-2021-46740

The device authentication service module has a defect vulnerability introduced in the design process.Successful exploitation of this vulnerability may affect data confidentiality...

CVE-2021-46740

The device authentication service module has a defect vulnerability introduced in the design process.Successful exploitation of this vulnerability may affect data confidentiality...

AZL-9143 CVE-2018-25032 affecting package zlib for versions less than 1.2.12-1

zlib before 1.2.12 allows memory corruption when deflating i.e., when compressing if the input has many distant matches...

Security Bulletin: Data masking rules are not enforced when CREATE TABLE AS SELECT statement is executed in IBM Big SQL

Summary A software defect in IBM Big SQL prevents data masking rules to be enforced when a user executes CREATE TABLE AS SELECT … WITH DATA statement. The newly created table contains unmasked data. Vulnerability Details CVEID:CVE-2022-22353 DESCRIPTION: IBM Big SQL could allow an authenticated...

Atlassian Jira Cross-Site Scripting Vulnerability (CNVD-2022-17776)

Atlassian Jira is a defect tracking management system from Atlassian Australia. Atlassian Jira has a cross-site scripting vulnerability that can be exploited to inject arbitrary HTML or JavaScript...

The vulnerability of the logback logging library, related to deficiencies in the deserialization mechanism, allows attackers to execute arbitrary code.

The vulnerability of the logback logging library is related to deficiencies in the deserialization mechanism. Exploiting this vulnerability allows an attacker who operates remotely to execute arbitrary code...

Siemens SIMATIC S7-300 CPU Improper Input Validation (CVE-2018-16561)

A vulnerability has been identified in SIMATIC S7-300 CPUs All versions V3.X.16. The affected CPUs improperly validate S7 communication packets which could cause a Denial-of-Service condition of the CPU. The CPU will remain in DEFECT mode until manual restart. Successful exploitation requires an...

Siemens SIMATIC S7-1200 CPU Family Denial of Service (CVE-2013-0700)

Siemens SIMATIC S7-1200 PLCs 2.x and 3.x allow remote attackers to cause a denial of service defect-mode transition and control outage via crafted packets to TCP port 102 aka the ISO-TSAP port. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for mo...

Atlassian Jira Information Disclosure Vulnerability (CNVD-2022-05436)

Atlassian Jira is a defect tracking management system from Atlassian Australia. The Atlassian Jira Server is vulnerable to an information disclosure vulnerability that results from configuration and other errors in the operation of a networked system or product. An authenticated remote attacker c...

CVE-2021-40006

Vulnerability of design defects in the security algorithm component. Successful exploitation of this vulnerability may affect confidentiality...

Atlassian Jira Remote Code Execution Vulnerability

Atlassian Jira is a defect tracking management system from Atlassian Australia. Atlassian Jira is vulnerable to a remote code execution vulnerability that originates when a networked system or product does not properly validate incoming data. An attacker could use this vulnerability to execute...

Atlassian Jira Access Control Error Vulnerability (CNVD-2022-05438)

Atlassian Jira is a defect tracking management system from Atlassian Australia. An access control error vulnerability exists in Atlassian Jira Server and Data Center due to an interruption access control vulnerability in /secure/EditSubscription.jspa, which can be exploited by a remote,...

openjpeg2 security update

2.4.0-4 - Fix Covscan defect 2.4.0-3 - Fix CVE-2021-3575 1969279 - Fix resource leak identified by Covscan 2.4.0-2 - Fix CVE-2021-29338 1951332 2.4.0-1 - Rebase to 2.4.0 - Resolves: CVE-2018-5727 1538467 - Resolves: CVE-2018-5785 1538556 - Resolves: CVE-2018-20845 1730679 - Resolves: CVE-2018-208...

[SECURITY] [DLA 2807-1] bind9 security update

Debian LTS Advisory DLA-2807-1 [email protected] https://www.debian.org/lts/security/ Markus Koschany November 01, 2021 https://wiki.debian.org/LTS Package : bind9 Version : 1:9.10.3.dfsg.P4-12.3+deb9u10 CVE ID : CVE-2018-5740 CVE-2021-25219 Debian Bug : 905743 CVE-2021-25219 Kishore...

CVE-2021-22407

There is a Configuration defects in Huawei Smartphone.Successful exploitation of this vulnerability may affect service confidentiality...

CVE-2021-22405

Technical details for CVE-2021-22405 are not provided in the connected documents; no specifics on affected products, root cause, impact, or remediation are available. Monitor for updates.