CVE-2024-26520

An issue in Hangzhou Xiongwei Technology Development Co., Ltd. Restaurant Digital Comprehensive Management platform v1 allows an attacker to bypass authentication and perform arbitrary password resets...

DEBIAN-CVE-2024-40897

Stack-based buffer overflow vulnerability exists in orcparse.c of ORC versions prior to 0.4.39. If a developer is tricked to process a specially crafted file with the affected ORC compiler, an arbitrary code may be executed on the developer's build environment. This may lead to compromise of...

CVE-2024-26520

An issue in Hangzhou Xiongwei Technology Development Co., Ltd. Restaurant Digital Comprehensive Management platform v1 allows an attacker to bypass authentication and perform arbitrary password resets...

edk2: Use of a Weak PseudoRandom Number Generator

A security flaw has been identified in the cryptographic system of EDK2, the open-source reference implementation of the UEFI specification. This vulnerability enables an unauthorized remote attacker to potentially expose sensitive information...

SUSE: Security Advisory (SUSE-SU-2024:2589-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2024-39902 Tuleap's recursive permissions to document manager folder are not properly applied

Tuleap is an open source suite to improve management of software developments and collaboration. Prior to Tuleap Community Edition 15.10.99.128 and Tuleap Enterprise Edition 15.10-6 and 15.9-8, the checkbox "Apply same permissions to all sub-items of this folder" in the document manager permissio...

[SECURITY] Fedora 39 Update: python-django4.2-4.2.14-1.fc39

Django is a high-level Python Web framework that encourages rapid development and a clean, pragmatic design. It focuses on automating as much as possible and adhering to the DRY Don't Repeat Yourself principle...

[SECURITY] Fedora 39 Update: python-django-4.2.14-2.fc39

Django is a high-level Python Web framework that encourages rapid development and a clean, pragmatic design. It focuses on automating as much as possible and adhering to the DRY Don't Repeat Yourself principle...

[SECURITY] Fedora 40 Update: python-django-4.2.14-2.fc40

Django is a high-level Python Web framework that encourages rapid development and a clean, pragmatic design. It focuses on automating as much as possible and adhering to the DRY Don't Repeat Yourself principle...

Oracle E-Business Suite (July 2024 CPU)

The versions of Oracle E-Business Suite installed on the remote host is affected by multiple vulnerabilities as referenced in the July 2024 CPU advisory. - Vulnerability in the Oracle Trading Community product of Oracle E-Business Suite component: Party Search UI. Supported versions that are...

ROS-20240719-04

A vulnerability in the Microsoft .NET software platform and Microsoft software development tool Microsoft Visual Studio is related to post-release memory usage. Exploitation of the vulnerability could allow an attacker acting remotely to impact the confidentiality, integrity, and availability...

The vulnerability of the Outside In Core component within Oracle’s software development kit (SDK) allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the Outside In Core component in Oracle’s software development toolset SDK exists due to insufficient testing of input data. Exploiting this vulnerability could allow attackers to compromise the confidentiality, integrity, and accessibility of protected information...

The vulnerability of the Outside In Core component within Oracle’s software development kit (SDK) allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the Outside In Core component in Oracle’s software development kit SDK exists due to insufficient testing of input data. Exploiting this vulnerability could allow attackers to compromise the confidentiality, integrity, and accessibility of protected information...

Important: Red Hat Security Advisory: Red Hat OpenShift Dev Spaces 3.15.0 release

Red Hat OpenShift Dev Spaces 3.15 has been released. All containers have been updated to include feature enhancements, bug fixes and CVE fixes. Following the Red Hat Product Security standards this update is rated as having a security impact of Important. The Common Vulnerability Scoring System...

Important: Red Hat Security Advisory: qt5-qtbase security update

An update for qt5-qtbase is now available for Red Hat Enterprise Linux 8.8 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available...

Your control tower to secure code across GitHub, GitLab, and Azure Repos

Secure your code and the entire development pipeline with the Wiz Security Graph, comprehensive configuration checks, and advanced code scanning...

Important: qt5-qtbase security update

Qt is a software toolkit for developing applications. The qt5-base packages contain base tools for string, xml, and network handling in Qt. Security Fixes: qtbase: qtbase: Delay any communication until encrypted can be responded to CVE-2024-39936 For more details about the security issues,...

The vulnerability of the JT Open Toolkit (JTTK) and PLM XML SDK development tools arises from the possibility of an operation exceeding the buffer boundaries in memory, allowing a hacker to execute arbitrary code.

The vulnerability of the JT Open Toolkit JTTK and PLM XML SDK development tools is related to the execution of operations outside the buffer in memory. Exploiting this vulnerability can allow an attacker to execute arbitrary code using a specially created malicious XML file...

ALSA-2024:4563 Important: java-1.8.0-openjdk security update

The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Security Fixes: OpenJDK: RangeCheckElimination array index overflow 8323231 CVE-2024-21147 OpenJDK: potential UTF8 size overflow 8314794 CVE-2024-21131 OpenJDK: Excessiv...

OpenJDK: Out-of-bounds access in 2D image handling (8324559)

Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: 2D. Supported versions that are affected are Oracle Java SE: 8u411, 8u411-perf, 11.0.23, 17.0.11, 21.0.3, 22.0.1; Oracle GraalVM for JDK: 17.0.11, 21.0.3, 22.0.1;...