8752 matches found
The vulnerability of the URLDecoder class implementation in the Java Runtime Environment and the Java Development Kit application development tools allows attackers to perform cross-site scripting attacks.
The vulnerability of the URLDecoder class implementation in the Java Runtime Environment and the Java Development Kit for application development is related to the use of single-byte encoding for pages. Exploiting this vulnerability allows a remote attacker to perform cross-page scripting attacks...
It’s time to bite the bullet for more secure software
On September 14, 2022, the Office of Management and Budget OMB released their M-22-18 memorandum on "Enhancing the Security of the Software Supply Chain through Secure Software Development Practices." This document builds upon previous government documents such as Executive Order EO 14028...
Defense-in-Depth Updates for Azure Identity libraries and Azure Key Vault libraries within Azure SDK plus Best Practice Implementation Guidance
Summary Today, Microsoft released new versions of the Azure Key Vault libraries and Azure Identity libraries as part of the Azure Software Development Kit SDK that includes defense-in-depth feature improvements. We also published best practice guidance to help protect applications and services th...
Guangzhou Bainan Information Technology Co., Ltd. has a flawed logic vulnerability in its large instrument sharing management system
Large-scale instrument sharing management system is a company engaged in the design, development, production and integration services of laboratory information technology products. Guangzhou Bainan Information Technology Co., Ltd. has a logic flaw vulnerability in the large instrument sharing...
SUSE: Security Advisory (SUSE-SU-2022:3306-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Software supply chain security is coming of age
Coalfires first Securealities Software Supply Chain Risk Report revealed dramatic budget increases for enterprise security in general and a growing demand for more testing, training, and process improvements in the battle to defend digital assets. But perhaps the most significant takeaway from th...
Meet Prachi Shah, Senior Service Architect
Senior Service Architect Prachi Shah discusses how customer feedback plays a crucial role in product development at Akamai...
Hackers Had Access to LastPass's Development Systems for Four Days
Password management solution LastPass shared more details pertaining to the security incident last month, disclosing that the threat actor had access to its systems for a four-day period in August 2022. "There is no evidence of any threat actor activity beyond the established timeline," LastPass...
CVE-2022-3222
Uncontrolled Recursion in GitHub repository gpac/gpac prior to 2.1.0-DEV...
SUSE: Security Advisory (SUSE-SU-2022:3271-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2022:3269-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
How a Principal Engineer Made His Journey to Cloud Security With Rapid7
The first programming language I learned in my childhood was Pascal. I was 12 years old at the time, and I quickly developed a passion for technology. From a young age, I always knew I wanted to learn engineering and computer science. I wanted to solve big design and architecture problems while...
dpdk: error recovery in mlx5 driver not handled properly, allowing for denial of service
A vulnerability was found in the DPDK package. Affected versions of this package are vulnerable to denial of service DoS attacks, affecting system availability...
dpdk: error recovery in mlx5 driver not handled properly, allowing for denial of service
A vulnerability was found in the DPDK package. Affected versions of this package are vulnerable to denial of service DoS attacks, affecting system availability...
dpdk: error recovery in mlx5 driver not handled properly, allowing for denial of service
A vulnerability was found in the DPDK package. Affected versions of this package are vulnerable to denial of service DoS attacks, affecting system availability...
dpdk: error recovery in mlx5 driver not handled properly, allowing for denial of service
A vulnerability was found in the DPDK package. Affected versions of this package are vulnerable to denial of service DoS attacks, affecting system availability...
dpdk: error recovery in mlx5 driver not handled properly, allowing for denial of service
A vulnerability was found in the DPDK package. Affected versions of this package are vulnerable to denial of service DoS attacks, affecting system availability...
USN-5608-1 dpdk vulnerability
It was discovered that DPDK incorrectly handled certain Vhost headers. A remote attacker could possibly use this issue to cause a denial of service...
[SECURITY] Fedora 36 Update: ImageMagick-6.9.12.62-1.fc36
ImageMagick is an image display and manipulation tool for the X Window System. ImageMagick can read and write JPEG, TIFF, PNM, GIF, and Photo CD image formats. It can resize, rotate, sharpen, color reduce, or add special effects to an image, and when finished you can either save the completed wor...
Planning Go 1.20 Cryptography Work
As you might know, I left Google in spring to try and make the concept of a professional Open Source maintainer a thing. Im staying on as a maintainer of the Go cryptography standard library, and I am going to seek funding from companies that rely on it, want to ensure its security and reliabilit...