Siemens SIMATIC 安全漏洞

Siemens SIMATIC is a Siemens configuration software. A security vulnerability exists in Siemens SIMATIC that stems from multiple vulnerabilities that allow an attacker to use Independent BIOS Developers via UEFI...

Siemens SIMATIC 安全漏洞

Siemens SIMATIC is a configuration software from Siemens. A security vulnerability exists in Siemens SIMATIC that stems from multiple vulnerabilities that allow an attacker to use Independent BIOS Developers via UEFI...

[SECURITY] Fedora 36 Update: golang-github-aws-lambda-1.26.0-4.fc36

Libraries, samples and tools to help Go developers develop AWS Lambda functions...

Trilium Notes 跨站脚本漏洞

Trilium Notes is a layered notes application for Zadam Personal Developers. It specializes in building large personal knowledge bases. A security vulnerability exists in Trilium Notes that stems from the presence of a cross-site scripting issue...

Malicious Package

Overview elementor.developers is a malicious package. The package's name is based on existing repositories, namespaces, or components used by popular companies in an effort to trick employees into downloading it, also known as 'dependency confusion'. Therefore, you're only vulnerable if this...

Malicious code in elementor.developers (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 03a5850e7fe61fda4cb08de93e8f11d4fff13387894f5c200cd8711b5e047a05 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Watch out for the email that says “You have a new voicemail!”

A phishing campaign is using voicemail notification messages to go after victims Office 365 credentials. According to researchers at ZScaler, the campaign uses spoofed emails with an HTML attachment that contains encoded javascript. The email claims that you have a new voicemail and that you can...

Malicious code in material-ui-plugin-theme-provider-cache (npm)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx 6279e90d49af7dd292e465c05215854f32d03268608c9c61edfea5ce62ee9b64 Malicious packages campaign since 2021 targeting developers, steals source code and secrets Source: ghsa-malware...

MAL-2022-5066 Malicious code in omm-frontend (npm)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx 9b77b7e73dde625c8bf9d9f21a73f6fd520dbb22c846db32bf17cfdd324c3da9 Malicious packages campaign since 2021 targeting developers, steals source code and secrets Source: ghsa-malware...

[SECURITY] Fedora 35 Update: python3.6-3.6.15-3.fc35

Python 3.6 package for developers. This package exists to allow developers to test their code against an older version of Python. This is not a full Python stack and if you wish to run your applications with Python 3.6, see other distributions that support it, such as CentOS or RHEL with Software...

[SECURITY] Fedora 35 Update: python3.8-3.8.13-3.fc35

Python 3.8 package for developers. This package exists to allow developers to test their code against an older version of Python. This is not a full Python stack and if you wish to run your applications with Python 3.8, see other distributions that support it, such as an older Fedora release...

[SECURITY] Fedora 35 Update: python3.9-3.9.13-2.fc35

Python 3.9 package for developers. This package exists to allow developers to test their code against an older version of Python. This is not a full Python stack and if you wish to run your applications with Python 3.9, see other distributions that support it, such as CentOS or RHEL or older Fedo...

[SECURITY] Fedora 36 Update: python3.6-3.6.15-9.fc36

Python 3.6 package for developers. This package exists to allow developers to test their code against an older version of Python. This is not a full Python stack and if you wish to run your applications with Python 3.6, see other distributions that support it, such as CentOS or RHEL with Software...

[SECURITY] Fedora 36 Update: python3.7-3.7.13-2.fc36

Python 3.7 package for developers. This package exists to allow developers to test their code against an older version of Python. This is not a full Python stack and if you wish to run your applications with Python 3.7, see other distributions that support it, such as an older Fedora release...

[SECURITY] Fedora 36 Update: python3.8-3.8.13-3.fc36

Python 3.8 package for developers. This package exists to allow developers to test their code against an older version of Python. This is not a full Python stack and if you wish to run your applications with Python 3.8, see other distributions that support it, such as an older Fedora release...

[SECURITY] Fedora 36 Update: python3.9-3.9.13-2.fc36

Python 3.9 package for developers. This package exists to allow developers to test their code against an older version of Python. This is not a full Python stack and if you wish to run your applications with Python 3.9, see other distributions that support it, such as CentOS or RHEL or older Fedo...

Fedora: Security Advisory for python3.9 (FEDORA-2022-0be85556b4)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Fedora: Security Advisory for python3.6 (FEDORA-2022-4b0dfda810)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

This Week in Spring - June 7th, 2022

Hi, Spring fans! Welcome to another installment of This Week in Spring! Ive just landed in tantalizing Toronto, Canada, for the SpringOne Tour Toronto show. Im so excited to be here, at long last, after so long away from one of my favorite countries. Ill be doing two talks - my usual, Kubernetes...

CVE-2022-1944

When the feature is configured, improper authorization in the Interactive Web Terminal in GitLab CE/EE affecting all versions from 11.3 prior to 14.9.5, 14.10 prior to 14.10.4, and 15.0 prior to 15.0.1 allows users with the Developer role to open terminals on other Developers' running jobs...