CVE-2023-2901 NFine Rapid Development Platform access control

A vulnerability was found in NFine Rapid Development Platform 20230511. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /SystemManage/User/GetGridJson?search=false&nd=1680855479750&rows=50&page=1&sidx=FCreatorTime+desc&sord=asc. The...

CVE-2023-2901 NFine Rapid Development Platform access control

A vulnerability was found in NFine Rapid Development Platform 20230511. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /SystemManage/User/GetGridJson?search=false&nd=1680855479750&rows=50&page=1&sidx=FCreatorTime+desc&sord=asc. The...

CVE-2023-2901

CVE-2023-2901 affects NFine Rapid Development Platform 20230511. The vulnerability exists in an unknown function of the endpoint /SystemManage/User/GetGridJson?... which leads to improper access controls. It is exploitable remotely and, per multiple sources, the exploit has been disclosed publicl...

CVE-2023-2900

A vulnerability was found in NFine Rapid Development Platform 20230511. It has been classified as problematic. Affected is an unknown function of the file /Login/CheckLogin. The manipulation leads to use of weak hash. It is possible to launch the attack remotely. The complexity of an attack is...

Information disclosure

A vulnerability was found in NFine Rapid Development Platform 20230511. It has been classified as problematic. Affected is an unknown function of the file /Login/CheckLogin. The manipulation leads to use of weak hash. It is possible to launch the attack remotely. The complexity of an attack is...

CVE-2023-2900 NFine Rapid Development Platform CheckLogin weak hash

A vulnerability was found in NFine Rapid Development Platform 20230511. It has been classified as problematic. Affected is an unknown function of the file /Login/CheckLogin. The manipulation leads to use of weak hash. It is possible to launch the attack remotely. The complexity of an attack is...

CVE-2023-2900

CVE-2023-2900 affects NFine Rapid Development Platform 20230511. Affected is an unknown function of the file /Login/CheckLogin, where manipulation leads to use of a weak hash. The issue can be exploited remotely; attack complexity is high and exploitability is difficult. Public disclosure has occ...

java-11-openjdk bug fix update

An update is available for java-11-openjdk. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The java-11-openjdk packages provide the OpenJDK 11 Java Runtime...

The vulnerability of the ComponentModel Profile.FromFile() function in the application programming complex of the PLC CODESYS Development System allows a perpetrator to execute arbitrary commands.

The vulnerability of the ComponentModel Profile.FromFile function in the CODESYS Development System application framework is related to deficiencies in the deserialization mechanism. Exploiting this vulnerability allows an attacker to execute arbitrary commands...

Microsoft Build 2023: Announcing new identity, compliance, and security features from Microsoft Security

At Microsoft Build 2023—an event for developers by developers—we’re going to announce exciting new features and technologies, share ideas, and help everyone boost their skills so we can all build a more secure future together. This year’s Microsoft Build offers a full program, both online and...

The vulnerability of the ComponentManager.StartupCultureSettings component of the CODESYS Development System application programming framework allows a attacker to execute arbitrary commands.

The vulnerability of the ComponentManager.StartupCultureSettings component in the CODESYS Development System application development framework is related to deficiencies in the deserialization mechanism. Exploiting this vulnerability allows an attacker to execute arbitrary commands...

The vulnerability of the ExtensionMethods.Clone() function in the application programming complex of the CODESYS Development System allows a perpetrator to execute arbitrary commands.

The vulnerability of the ExtensionMethods.Clone function in the application programming complex of the CODESYS Development System is related to deficiencies in the deserialization mechanism. Exploiting this vulnerability allows an attacker to execute arbitrary commands using a specially created...

The vulnerability of the application development environment for ISaGRAF programmable logic controllers allows a hacker to disclose protected information.

The vulnerability of the application development environment for ISaGRAF programmable logic controllers is related to the rigid encoding of registration data. Exploiting this vulnerability can allow an attacker, operating remotely, to disclose protected information...

[SECURITY] Fedora 38 Update: qt5-qtbase-5.15.9-3.fc38

Qt is a software toolkit for developing applications. This package contains base tools, like string, xml, and network handling...

Silicon Labs Gecko SDK 安全漏洞

The Silicon Labs Gecko SDK GSDK is an open source library from Silicon Labs. Combines the Silicon Labs Wireless Software Development Kit SDK and the Gecko platform into one integrated package. A security vulnerability exists in Silicon Labs Gecko SDK 4.2.1 and prior versions, which stems from a...

Silicon Labs Gecko SDK 安全漏洞

The Silicon Labs Gecko SDK GSDK is an open source library from Silicon Labs. Combines the Silicon Labs Wireless Software Development Kit SDK and the Gecko platform into one integrated package. A security vulnerability exists in Silicon Labs Gecko SDK v4.2.1 and earlier versions, which stems from ...

SUSE: Security Advisory (SUSE-SU-2023:2225-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Security Vulnerabilities of ChatGPT-Generated Code

Discover the cybersecurity risks of AI-generated code, learn how to protect your applications, and understand how the rise of ChatGPT is impacting software development...

The vulnerability in the implementation of the Lightweight Directory Access Protocol (LDAP) for the development environment and management of streaming applications like Apache StreamPark allows a malicious actor to gain access to read, modify, or delete data, thereby increasing their privileges.

The vulnerability of the LDAP protocol implementation in the development environment of Apache StreamPark, a streaming application management system, is related to the failure to take measures to neutralize special elements. Exploiting this vulnerability can allow an attacker operating remotely t...

Fedora: Security Advisory for python-django3 (FEDORA-2023-8f9d949dbc)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...