CVE-2024-52599

Tuleap is an open source suite to improve management of software developments and collaboration. In Tuleap Community Edition prior to version 16.1.99.50 and Tuleap Enterprise Edition prior to versions 16.1-4 and 16.0-7, a malicious user with the ability to create an artifact in a tracker with a...

CVE-2024-52599 Tuleap vulnerable to XSS in the Gantt chart of the tracker plugin

Tuleap is an open source suite to improve management of software developments and collaboration. In Tuleap Community Edition prior to version 16.1.99.50 and Tuleap Enterprise Edition prior to versions 16.1-4 and 16.0-7, a malicious user with the ability to create an artifact in a tracker with a...

Authorized Agility: Wiz adds Code Security in the FedRAMP offering (Wiz for Gov)

Wiz is excited to announce the addition of Wiz Code into our Wiz for Gov offering, enabling organizations to visualize attack paths from cloud-to-code and bring guardrails into the software development lifecycle...

The Future of eCommerce: How Custom Apps Help You Get Ahead of the Competition

Discover the future of eCommerce with bespoke app development. Learn how tailored solutions enhance user experience, security, and performance while empowering businesses to meet unique needs and gain a competitive edge...

Security update for java-1_8_0-openjdk

This update for java-180-openjdk fixes the following issues: Update to version jdk8u432 icedtea-3.33.0: - CVE-2024-21208: Fixed partial DoS in component Networking bsc1231702,JDK-8328286 - CVE-2024-21210: Fixed unauthorized update, insert or delete access to some of Oracle Java SE accessible data...

GHSA-9R9M-FFP6-9X4V vue-i18n has cross-site scripting vulnerability with prototype pollution

Vulnerability type XSS Description vue-i18n can be passed locale messages to createI18n or useI18n. we can then translate them using t and $t. vue-i18n has its own syntax for local messages, and uses a message compiler to generate AST. In order to maximize the performance of the translation...

A Guide to Securing AI App Development: Join This Cybersecurity Webinar

Artificial Intelligence AI is no longer a far-off dream—it's here, changing the way we live. From ordering coffee to diagnosing diseases, it's everywhere. But while you're creating the next big AI-powered app, hackers are already figuring out ways to break it. Every AI app is an opportunity—and a...

The vulnerability in the set of development libraries for Intel Distribution for GDB relates to the improper use of standard resolutions, allowing attackers to increase their privileges.

The vulnerability in the set of development libraries for Intel Distribution for GDB is related to the improper use of standard permissions. Exploiting this vulnerability can allow an attacker to increase their privileges...

The vulnerability of the application development library set for Intel Distribution for GDB, related to insufficient validation of input data, allows a perpetrator to trigger a service failure.

The vulnerability in the set of development libraries for Intel Distribution for GDB is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to cause service failures...

CVE-2024-52809 Cross-site Scripting vulnerability with prototype pollution in vue-i18n

vue-i18n is an internationalization plugin for Vue.js. In affected versions vue-i18n can be passed locale messages to createI18n or useI18n. When locale message ASTs are generated in development mode there is a possibility of Cross-site Scripting attack. This issue has been addressed in versions...

How Python Software Development Enhances Cyber Defense

Python has emerged as a powerful ally in combating rising cybersecurity threats and tracking cybercrime through tools leveraging…...

Denial of Service Vulnerability in XunRuiCMS of Sichuan Xunruiyun Software Development Co.

XunRuiCMS is a content management framework based on CodeIgniter4. Sichuan XunRuiCloud Software Development Co., Ltd. XunRuiCMS has a denial-of-service vulnerability that can be exploited by an attacker to cause the contents of a file to be emptied, resulting in a denial of service...

vue-i18n 跨站脚本漏洞

vue-i18n is an application from intlify open source. A cross-site scripting vulnerability exists in vue-i18n, which stems from the fact that vue-i18n can pass locale information to createI18n or useI18n. When generating a locale information AST in development mode, this could lead to a cross-site...

PT-2024-35457 · Vue-I18N · Vue-I18N

Name of the Vulnerable Software and Affected Versions: vue-i18n versions prior to 9.14.2 vue-i18n versions prior to 10.0.5 Description: The issue concerns a Cross-site Scripting XSS attack possibility in vue-i18n, an internationalization plugin for Vue.js. This occurs when locale message ASTs are...

Important: Red Hat Security Advisory: Red Hat OpenShift Dev Spaces 3.17.0 release

Red Hat OpenShift Dev Spaces 3.17 has been released. All containers have been updated to include feature enhancements, bug fixes and CVE fixes. This includes fixes to Critical CVE-2024-21534. Following the Red Hat Product Security standards this update is rated as having a security impact of...

CVE-2024-53261 Cross-Site Scripting attack (XSS) on dev mode 404 page in SvelteKit

SvelteKit is a framework for rapidly developing robust, performant web applications using Svelte. "Unsanitized input from the request URL flows into end, where it is used to render an HTML page returned to the user. This may result in a Cross-Site Scripting attack XSS." The files...

@sveltejs/kit vulnerable to XSS on dev mode 404 page

Summary "Unsanitized input from the request URL flows into end, where it is used to render an HTML page returned to the user. This may result in a Cross-Site Scripting attack XSS." Details Source of potentially tainted data is in packages/kit/src/exports/vite/dev/index.js, line 437. This...

GHSA-RJJV-87MX-6X3H @sveltejs/kit vulnerable to XSS on dev mode 404 page

Summary "Unsanitized input from the request URL flows into end, where it is used to render an HTML page returned to the user. This may result in a Cross-Site Scripting attack XSS." Details Source of potentially tainted data is in packages/kit/src/exports/vite/dev/index.js, line 437. This...

PT-2024-35699 · Sveltekit · Sveltekit

Name of the Vulnerable Software and Affected Versions: SvelteKit versions prior to 2.8.3 Description: Unsanitized input from the request URL flows into end, where it is used to render an HTML page returned to the user. This may result in a Cross-Site Scripting attack XSS. The files...

Why New York is a Prime Location for Leading Mobile Development Agencies

New York, the city that never sleeps, is renowned as a global epicentre for innovation, creativity, and business…...