Intel AMT SDK Security Vulnerability

Intel AMT SDK is an IntelR development kit for providing basic development capabilities for Active Management Technology AMT. A security vulnerability exists in IntelR AMT and IntelR Standard Manageability that originates from incorrect input validation. An attacker could exploit the vulnerabilit...

Intel RealSense ID Security Vulnerability

Intel RealSense ID is a facial recognition solution from Intel Corporation USA that relies on its RealSense depth sensing technology. A security vulnerability exists in IntelR RealSenseTM SDKs prior to version 0.25.0 that stems from incorrect default permissions. An attacker could exploit the...

CVE-2023-40014 OpenZeppelin Contracts's ERC2771Context with custom forwarder may lead to zero-valued _msgSender

OpenZeppelin Contracts is a library for secure smart contract development. Starting in version 4.0.0 and prior to version 4.9.3, contracts using ERC2771Context along with a custom trusted forwarder may see msgSender return address0 in calls that originate from the forwarder with calldata shorter...

Siemens Solid Edge Out-of-Bounds Read Vulnerability (CNVD-2023-62034)

Solid Edge is a portfolio of software tools that address a variety of product development processes: 3D design, simulation, manufacturing and design management. Siemens Solid Edge suffers from an out-of-bounds read vulnerability that can be exploited by an attacker to execute code in the context ...

Siemens Solid Edge Out-of-Bounds Write Vulnerability (CNVD-2023-62031)

Solid Edge is a portfolio of software tools that address a variety of product development processes: 3D design, simulation, manufacturing and design management. Siemens Solid Edge suffers from an out-of-bounds write vulnerability that can be exploited by an attacker to execute code in the context...

Siemens Solid Edge Out-of-Bounds Write Vulnerability (CNVD-2023-62039)

Solid Edge is a portfolio of software tools that address a variety of product development processes: 3D design, simulation, manufacturing and design management. Siemens Solid Edge suffers from an out-of-bounds write vulnerability that can be exploited by an attacker to execute code in the context...

Siemens Solid Edge Out-of-Bounds Read Vulnerability (CNVD-2023-62037)

Solid Edge is a portfolio of software tools that address a variety of product development processes: 3D design, simulation, manufacturing and design management. Siemens Solid Edge suffers from an out-of-bounds read vulnerability that can be exploited by an attacker to execute code in the context ...

Siemens Solid Edge Out-of-Bounds Read Vulnerability (CNVD-2023-62033)

Solid Edge is a portfolio of software tools that address a variety of product development processes: 3D design, simulation, manufacturing and design management. Siemens Solid Edge suffers from an out-of-bounds read vulnerability that can be exploited by an attacker to execute code in the context ...

SUSE: Security Advisory (SUSE-SU-2023:3239-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2023:3232-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Moderate: Red Hat Security Advisory: nodejs:18 security, bug fix, and enhancement update

An update for the nodejs:18 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

Zoom Client Security Vulnerability

Zoom Client is a video conferencing client application from Zoom USA that supports multiple platforms. A security vulnerability exists in the Zoom Client SDK prior to version 5.14.10 that stems from an improper input validation issue...

Zoom Client Security Vulnerability

Zoom Client is a video conferencing client application from Zoom USA that supports multiple platforms. A security vulnerability exists in the Zoom Client SDK prior to version 5.15.5 that stems from an issue with the exposure of sensitive information...

The vulnerability of the CODESYS Development System, a programming platform for applications, stems from insufficient verification of data authenticity. This allows attackers to modify the content of notifications received via HTTP from the CODESYS notification server.

The vulnerability of the CODESYS Development System, a programming platform for applications, is related to insufficient verification of data authenticity. Exploiting this vulnerability could allow an attacker to modify the content of notifications received through HTTP from the CODESYS...

The vulnerability of the IBM SDK Java Technology Edition development tools is related to deficiencies in the deserialization mechanism, allowing attackers to execute arbitrary code.

The vulnerability of the IBM SDK Java Technology Edition development tools is related to deficiencies in the deserialization mechanism. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...

jackson-databind: Possible DoS if using JDK serialization to serialize JsonNode

A flaw was found in Jackson Databind. This issue may allow a malicious user to cause a denial of service 2 GB transient heap usage per read in uncommon situations involving JsonNode JDK serialization...

IMDShift - Automates Migration Process Of Workloads To IMDSv2 To Avoid SSRF Attacks

AWS workloads that rely on the metadata endpoint are vulnerable to Server-Side Request Forgery SSRF attacks. IMDShift automates the migration process of all workloads to IMDSv2 with extensive capabilities, which implements enhanced security measures to protect against these attacks. Features...

Cloudflare Wrangler directory traversal vulnerability

Impact The Wrangler command line tool [email protected] or [email protected] was affected by a directory traversal vulnerability when running a local development server for Pages wrangler pages dev command. This vulnerability enabled an attacker in the same network as the victim to connect to the...

GHSA-8C93-4HCH-XGXP Cloudflare Wrangler directory traversal vulnerability

Impact The Wrangler command line tool [email protected] or [email protected] was affected by a directory traversal vulnerability when running a local development server for Pages wrangler pages dev command. This vulnerability enabled an attacker in the same network as the victim to connect to the...

CVE-2023-3348

The Wrangler command line tool [email protected] or [email protected] was affected by a directory traversal vulnerability when running a local development server for Pages wrangler pages dev command. This vulnerability enabled an attacker in the same network as the victim to connect to the local...