OpenJDK: potential UTF8 size overflow (8314794)

Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Hotspot. Supported versions that are affected are Oracle Java SE: 8u411, 8u411-perf, 11.0.23, 17.0.11, 21.0.3, 22.0.1; Oracle GraalVM for JDK: 17.0.11, 21.0.3, 22.0....

Google Chrome 安全漏洞

Google Chrome is a web browser from Google, an American company. Google Chrome suffers from a security vulnerability that stems from a competitive condition issue found in the DevTools module. No details of the vulnerability are provided at this time...

KingH5Stream of Beijing Asian Control Technology Development Co. Ltd. suffers from a logic flaw vulnerability (CNVD-2024-35270)

Beijing Asian Control Technology Development Co., Ltd. is a high-tech enterprise founded in 1997 as a software platform for industrial automation and informatization. A logic flaw vulnerability exists in KingH5Stream of Beijing Asian Control Technology Development Co. Ltd, which can be exploited ...

CVE-2024-39819

Integrity check in the installer for some Zoom Workplace Apps and SDKs for Windows may allow an authenticated user to conduct a privilege escalation via local access...

CVE-2024-27241

Improper input validation in some Zoom Apps and SDKs may allow an authenticated user to conduct a denial of service via network access...

CVE-2024-27238

Race condition in the installer for some Zoom Apps and SDKs for Windows before version 6.0.0 may allow an authenticated user to conduct a privilege escalation via local access...

Microsoft Security Update Validation Report July 2024

Microsoft’s July 2024 security updates have passed Citrix testing the updates are listed below. The testing is not all-inclusive; all tests are executed against English only environments and issues may still be found upon implementation. Follow best practices for testing and installing software...

The vulnerability of the Azure Kinect SDK development software package, related to numerical truncation errors, allows a hacker to execute arbitrary code.

The vulnerability of the Azure Kinect SDK development software package for sensor development is related to numerical truncation errors. Exploiting this vulnerability could allow an attacker to execute arbitrary code...

Zoom Meeting SDK and Zoom Workplace Path Traversal Vulnerability

Zoom Meeting SDK and Zoom Workplace are both products of Zoom, Inc.Zoom Meeting SDK is a development kit. Enables your company to accelerate the development and build of fully customizable video-based applications by leveraging the performance, scale, and reliability of Zoom's industry-leading...

Microsoft .NET Core and Visual Studio Denial of Service Vulnerability

Microsoft .NET Core and Microsoft Visual Studio are both products of Microsoft Corporation USA. NET Core is a free and open source development platform. NET Core is a free, open source development platform that features multi-language support and cross-platform capabilities.Microsoft Visual Studi...

SUSE: Security Advisory (SUSE-SU-2024:2361-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2024:2371-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Vulnerabilities fixed in Microsoft Azure

Microsoft has fixed vulnerabilities in several Azure components. The vulnerabilities allow a malicious party to impersonate another user, gain elevated privileges and potentially execute arbitrary code. Some of the vulnerabilities are in development tooling and are not readily accessible to...

Developing and prioritizing a detection engineering backlog based on MITRE ATT&CK

Detection is a traditional type of cybersecurity control, along with blocking, adjustment, administrative and other controls. Whereas before 2015 teams asked themselves what it was that they were supposed to detect, as MITRE ATT&CK evolved, SOCs were presented with practically unlimited space for...

Important: Red Hat Security Advisory: edk2 security update

An update for edk2 is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for ea...

Microsoft Azure Security Vulnerabilities

Microsoft Azure is a suite of open, enterprise-grade cloud computing platforms from Microsoft Corporation USA. A security vulnerability exists in the Microsoft Azure Kinect SDK. An attacker exploiting the vulnerability could remotely execute code...

PT-2024-5107 · Zoom · Zoom

Name of the Vulnerable Software and Affected Versions: Zoom affected versions not specified Description: The issue is related to insufficient input validation in some Zoom Apps and SDKs, which may allow an authenticated user to conduct a denial of service via network access. This could potentiall...

Realtek AP-Router SDK Security Vulnerability

Realtek AP-Router SDK is a software package for wireless chipsets from Realtek Semiconductor Realtek, a Chinese company. A security vulnerability exists in the Realtek AP-Router SDK that originates from a stack-based buffer overflow vulnerability in the boa setRadvdPrefixParam function, which can...

SUSE: Security Advisory (SUSE-SU-2024:2298-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2024:2288-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...