8751 matches found
The vulnerability of the copy_desc_to_mbuf() function in the set of libraries and drivers for fast packet processing in dpdk allows the attacker to cause a service failure.
The vulnerability of the copydesctombuf function, which is part of a set of libraries and drivers for fast packet processing in dpdk, is related to the unlimited distribution of resources. Exploiting this vulnerability could allow a malicious actor to cause service failures remotely...
PT-2022-4522 · Mellanox +7 · Mlnx Dpdk +7
Name of the Vulnerable Software and Affected Versions: MLNX DPDK affected versions not specified Description: The issue is related to improper error recovery handling in the network stack, which can allow a remote attacker to cause denial of service and potentially impact data integrity and...
SUSE: Security Advisory (SUSE-SU-2022:2909-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2022:2914-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
DPDK 安全漏洞
DPDK is a data plane development kit for Linux-based platforms. The product supports execution of packet processing on multiple CPU architectures. A security vulnerability exists in DPDK. An attacker exploits the vulnerability to trigger a denial-of-service attack...
Iranian APT’s new data extraction tool Hyperscrape
Threat Level Actor Report For a detailed threat advisory, download the pdf file here Summary Charming Kitten, an Iranian government-backed threat group, has been employing a new data extraction tool, HYPERSCAPE. It has been used to retrieve data from Microsoft Outlook, Yahoo, and Gmail accounts...
Hackers Breach LastPass Developer System to Steal Source Code
Password management service LastPass confirmed a security incident that resulted in the theft of certain source code and technical information. The security breach is said to have occurred two weeks ago, targeting its development environment. No customer data or encrypted passwords were accessed,...
SUSE: Security Advisory (SUSE-SU-2022:2898-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2022:2899-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2022-36115
An issue was discovered in Blue Prism Enterprise 6.0 through 7.01. In a misconfigured environment that exposes the Blue Prism Application server, it is possible for an authenticated user to reverse engineer the Blue Prism software and circumvent access controls for unintended functionality. An...
CVE-2022-36115
An issue was discovered in Blue Prism Enterprise 6.0 through 7.01. In a misconfigured environment that exposes the Blue Prism Application server, it is possible for an authenticated user to reverse engineer the Blue Prism software and circumvent access controls for unintended functionality. An...
XSS Vulnerability in the Mobile Library of Beijing Century Super Star Information Technology Development Co.
Mobile Library is a professional mobile reading software specially made for all libraries. There is an XSS vulnerability in Beijing Century Super Star Information Technology Development Limited Liability Company's Mobile Library, which can be exploited by attackers to obtain sensitive information...
Beijing Century Superstar Information Technology Development Co., Ltd.'s Learning Pass suffers from a stored XSS vulnerability
LearningTone is a course learning, knowledge dissemination and management sharing platform built on a microservice architecture. There is a stored XSS vulnerability in Beijing Century Super Star Information Technology Development Limited Liability Company's Learning Pass, which can be exploited b...
Pegasystem PEGA Platform Cross-Site Scripting Vulnerability (CNVD-2023-12002)
Pegasystem PEGA Platform is a suite of application development platforms from Pegasystem UK. The platform is used to develop applications such as BPM business process management, case management, real-time decision making and CRM customer relationship management.Pegasystem Pega Platform suffers...
SUSE: Security Advisory (SUSE-SU-2022:2871-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Pegasystem PEGA Platform Cross-Site Request Forgery Vulnerability
Pegasystem PEGA Platform is a suite of application development platforms from Pegasystem UK. The platform is used to develop applications such as BPM Business Process Management, Case Management, Real-Time Decision Making and CRM Customer Relationship Management.A cross-site request forgery...
The vulnerability of the Azure RTOS GUIX Studio development environment, related to insufficient validation of input data, allows a perpetrator to execute arbitrary code.
The vulnerability of the Azure RTOS GUIX Studio development environment is related to insufficient validation of input data. Exploiting this vulnerability could allow an attacker to execute arbitrary code...
CLSA-2022-1660810242 Fix CVE(s):
Security fixes: - JDK-8148005: One byte may be corrupted by getdatetimestring...
Nordic Semiconductor nRF5 SDK 缓冲区错误漏洞
The Nordic Semiconductor nRF5 SDK is a software development kit from Nordic Semiconductor, Norway. It provides a rich development environment for the nRF51 and nRF52 family of SoCs. A security vulnerability exists in Nordic Semiconductor nRF5 SDK version 5.0, which is caused by a heap overflow...
The vulnerability of the application development environment for ISaGRAF Workbench programmable logic controllers arises from incorrect restrictions on the path name to the restricted access directory. This allows attackers to escalate their privileges.
The vulnerability in the development environment for ISaGRAF Workbench programmable logic controllers is related to an incorrect limitation on the path name to the restricted access directory. Exploiting this vulnerability can allow attackers to enhance their privileges using a specially created...