Loan Management System 跨站脚本漏洞

Loan Management System is a loan management system by razormist individual developers. A security vulnerability exists in SourceCodester Loan Management System version 1.0, which stems from a cross-site scripting XSS vulnerability...

Augmented Software Engineering in an AI Era

Artificial Intelligence AI has been making waves in many industries, and software engineering is no exception. AI has the potential to revolutionize the way software is developed, tested, and maintained, bringing a new level of automation and efficiency to the field. However, with this...

Fedora: Security Advisory for python-cryptography (FEDORA-2023-672f668f51)

The remote host is missing an update for the Copyright C 2023 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

[SECURITY] Fedora 36 Update: python-cryptography-36.0.0-4.fc36

cryptography is a package designed to expose cryptographic primitives and recipes to Python developers...

Fedora 38 : python-cryptography (2023-749dd47c79)

The remote Fedora 38 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-749dd47c79 advisory. Security fix for CVE-2023-23931 cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. In affected...

Fedora 36 : python-cryptography (2023-672f668f51)

The remote Fedora 36 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-672f668f51 advisory. Security fix for CVE-2023-23931 cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. In affected...

[SECURITY] Fedora 37 Update: python-cryptography-37.0.2-5.fc37

cryptography is a package designed to expose cryptographic primitives and recipes to Python developers...

MAL-2023-8033 Malicious code in pagseguro-utils-test (npm)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx f7a3386fd85bb30de547429241a02add188cf0bcb06352f465f9a5f403408db6 Malicious packages campaign since 2021 targeting developers, steals source code and secrets...

MAL-2023-7994 Malicious code in @pagseguro/axios-instance (npm)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx a465c79cb8dc5ed82a72b242444916efda5a4f4db9bdd4a28c24b6a7994d350b Malicious packages campaign since 2021 targeting developers, steals source code and secrets...

MAL-2023-7997 Malicious code in @pagseguro/ps-bootstrap (npm)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx 492467e28bf1b4fe156c5a01fadd9b075b419bc9dc92fb95a8048b523d16cbf0 Malicious packages campaign since 2021 targeting developers, steals source code and secrets...

MAL-2023-8005 Malicious code in @pagseguro/psit (npm)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx f457656c2832e3e2ff9b65393c92d66d57185e7ea476dad7353464501b34d055 Malicious packages campaign since 2021 targeting developers, steals source code and secrets...

MAL-2023-8006 Malicious code in @pagseguro/stylelint-config (npm)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx a77a0e8f023eb828ca6897ba36220e030972b11f244c8f48c031c928e5342367 Malicious packages campaign since 2021 targeting developers, steals source code and secrets...

MAL-2023-7998 Malicious code in @pagseguro/ps-cart-recovery (npm)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx d346211619464a6ebd3e0d7ec8ea2f1eea16c76edd0f48bab81b5640c0ee16b5 Malicious packages campaign since 2021 targeting developers, steals source code and secrets...

Mozilla: Memory safety bugs fixed in Firefox ESR 102.8

The Mozilla Foundation Security Advisory describes this flaw as: Mozilla developers Philipp and Gabriele Svelto reported memory safety bugs present in Firefox ESR 102.7. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been...

MAL-2023-560 Malicious code in kuna-chart-header (npm)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx 7b6783077178ab41482bc0e611e487453d9b0254e1e1ad5684b89472b002b2b4 Malicious packages campaign since 2021 targeting developers, steals source code and secrets Source: ghsa-malware...

MAL-2023-448 Malicious code in flow-faucet (npm)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx 0cff9be7c9c3ff28671b9dcf41cf2da25e5f96e860a1c0a8e6d0be715487071b Malicious packages campaign since 2021 targeting developers, steals source code and secrets Source: ghsa-malware...

SUSE CVE-2017-4969

The Cloud Controller in Cloud Foundry cf-release versions prior to v255 allows authenticated developer users to exceed memory and disk quotas for tasks...

SUSE CVE-2020-26969

Mozilla developers reported memory safety bugs present in Firefox 82. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox 83...

SUSE CVE-2022-29918

Mozilla developers Gabriele Svelto, Randell Jesup and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 99. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This...

CVE-2023-23931 Cipher.update_into can corrupt memory in pyca cryptography

cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. In affected versions Cipher.updateinto would accept Python objects which implement the buffer protocol, but provide only immutable buffers. This would allow immutable objects such as bytes to b...