Lucene search
K

8752 matches found

BDU FSTEC
BDU FSTEC
added 2022/09/21 12:0 a.m.4 views

The vulnerability of the URLDecoder class implementation in the Java Runtime Environment and the Java Development Kit application development tools allows attackers to perform cross-site scripting attacks.

The vulnerability of the URLDecoder class implementation in the Java Runtime Environment and the Java Development Kit for application development is related to the use of single-byte encoding for pages. Exploiting this vulnerability allows a remote attacker to perform cross-page scripting attacks...

6.4CVSS6.6AI score0.12018EPSS
Exploits0References6Affected Software4
The Coalfire Blog
The Coalfire Blog
added 2022/09/20 6:14 p.m.13 views

It’s time to bite the bullet for more secure software

On September 14, 2022, the Office of Management and Budget OMB released their M-22-18 memorandum on "Enhancing the Security of the Software Supply Chain through Secure Software Development Practices." This document builds upon previous government documents such as Executive Order EO 14028...

2.1AI score
Exploits0
MSRC
MSRC
added 2022/09/20 7:0 a.m.7 views

Defense-in-Depth Updates for Azure Identity libraries and Azure Key Vault libraries within Azure SDK plus Best Practice Implementation Guidance

Summary Today, Microsoft released new versions of the Azure Key Vault libraries and Azure Identity libraries as part of the Azure Software Development Kit SDK that includes defense-in-depth feature improvements. We also published best practice guidance to help protect applications and services th...

7.3AI score
Exploits0
CNVD
CNVD
added 2022/09/20 12:0 a.m.8 views

Guangzhou Bainan Information Technology Co., Ltd. has a flawed logic vulnerability in its large instrument sharing management system

Large-scale instrument sharing management system is a company engaged in the design, development, production and integration services of laboratory information technology products. Guangzhou Bainan Information Technology Co., Ltd. has a logic flaw vulnerability in the large instrument sharing...

1.6AI score
Exploits0
OpenVAS
OpenVAS
added 2022/09/20 12:0 a.m.26 views

SUSE: Security Advisory (SUSE-SU-2022:3306-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS7.8AI score0.00367EPSS
Exploits0References2
The Coalfire Blog
The Coalfire Blog
added 2022/09/19 6:22 p.m.11 views

Software supply chain security is coming of age

Coalfires first Securealities Software Supply Chain Risk Report revealed dramatic budget increases for enterprise security in general and a growing demand for more testing, training, and process improvements in the battle to defend digital assets. But perhaps the most significant takeaway from th...

0.8AI score
Exploits0
Akamai Blog
Akamai Blog
added 2022/09/19 1:0 p.m.22 views

Meet Prachi Shah, Senior Service Architect

Senior Service Architect Prachi Shah discusses how customer feedback plays a crucial role in product development at Akamai...

2.4AI score
Exploits0
The Hacker News
The Hacker News
added 2022/09/17 2:47 a.m.45 views

Hackers Had Access to LastPass's Development Systems for Four Days

Password management solution LastPass shared more details pertaining to the security incident last month, disclosing that the threat actor had access to its systems for a four-day period in August 2022. "There is no evidence of any threat actor activity beyond the established timeline," LastPass...

0.2AI score
Exploits0
ATTACKERKB
ATTACKERKB
added 2022/09/15 9:15 a.m.3 views

CVE-2022-3222

Uncontrolled Recursion in GitHub repository gpac/gpac prior to 2.1.0-DEV...

5.5CVSS6.7AI score0.00628EPSS
Exploits1References4
OpenVAS
OpenVAS
added 2022/09/15 12:0 a.m.18 views

SUSE: Security Advisory (SUSE-SU-2022:3271-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.9CVSS6.2AI score0.02359EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2022/09/15 12:0 a.m.17 views

SUSE: Security Advisory (SUSE-SU-2022:3269-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8CVSS7.4AI score0.0152EPSS
Exploits0References8
Rapid7 Blog
Rapid7 Blog
added 2022/09/13 6:50 p.m.16 views

How a Principal Engineer Made His Journey to Cloud Security With Rapid7

The first programming language I learned in my childhood was Pascal. I was 12 years old at the time, and I quickly developed a passion for technology. From a young age, I always knew I wanted to learn engineering and computer science. I wanted to solve big design and architecture problems while...

7.2AI score
Exploits0
RedHat Linux
RedHat Linux
added 2022/09/13 6:25 p.m.3 views

dpdk: error recovery in mlx5 driver not handled properly, allowing for denial of service

A vulnerability was found in the DPDK package. Affected versions of this package are vulnerable to denial of service DoS attacks, affecting system availability...

8.6CVSS7.1AI score0.01812EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2022/09/13 6:25 p.m.3 views

dpdk: error recovery in mlx5 driver not handled properly, allowing for denial of service

A vulnerability was found in the DPDK package. Affected versions of this package are vulnerable to denial of service DoS attacks, affecting system availability...

8.6CVSS7.1AI score0.01812EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2022/09/13 6:25 p.m.4 views

dpdk: error recovery in mlx5 driver not handled properly, allowing for denial of service

A vulnerability was found in the DPDK package. Affected versions of this package are vulnerable to denial of service DoS attacks, affecting system availability...

8.6CVSS7.1AI score0.01812EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2022/09/13 6:25 p.m.3 views

dpdk: error recovery in mlx5 driver not handled properly, allowing for denial of service

A vulnerability was found in the DPDK package. Affected versions of this package are vulnerable to denial of service DoS attacks, affecting system availability...

8.6CVSS7.1AI score0.01812EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2022/09/13 6:18 p.m.6 views

dpdk: error recovery in mlx5 driver not handled properly, allowing for denial of service

A vulnerability was found in the DPDK package. Affected versions of this package are vulnerable to denial of service DoS attacks, affecting system availability...

8.6CVSS7.1AI score0.01812EPSS
Exploits0References4
OSV
OSV
added 2022/09/13 4:44 p.m.1 views

USN-5608-1 dpdk vulnerability

It was discovered that DPDK incorrectly handled certain Vhost headers. A remote attacker could possibly use this issue to cause a denial of service...

8.6CVSS7.1AI score0.01812EPSS
Exploits1References2
Fedora
Fedora
added 2022/09/13 1:30 a.m.46 views

[SECURITY] Fedora 36 Update: ImageMagick-6.9.12.62-1.fc36

ImageMagick is an image display and manipulation tool for the X Window System. ImageMagick can read and write JPEG, TIFF, PNM, GIF, and Photo CD image formats. It can resize, rotate, sharpen, color reduce, or add special effects to an image, and when finished you can either save the completed wor...

3.3CVSS0.8AI score0.00447EPSS
Exploits1
Filippo.io
Filippo.io
added 2022/09/12 9:37 p.m.38 views

Planning Go 1.20 Cryptography Work

As you might know, I left Google in spring to try and make the concept of a professional Open Source maintainer a thing. Im staying on as a maintainer of the Go cryptography standard library, and I am going to seek funding from companies that rely on it, want to ensure its security and reliabilit...

6.9AI score
Exploits0
Rows per page
Query Builder