8751 matches found
libxml2 security update
An update is available for libxml2. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The libxml2 library is a development toolbox providing the implementation of...
Espressif ESP-IDF Memory Corruption Vulnerability
Espressif ESP-IDF is an IoT development framework from China Lexin Information Technology Espressif.A memory corruption vulnerability exists in Espressif ESP-IDF, which stems from not checking the SegN field of the Transaction Start PDU, and can be exploited by an attacker during configuration to...
Design/Logic Flaw
HTTP::Daemon is a simple http server class written in perl. Versions prior to 6.15 are subject to a vulnerability which could potentially be exploited to gain privileged access to APIs or poison intermediate caches. It is uncertain how large the risks are, most Perl based applications are served ...
CVE-2022-31081
HTTP::Daemon is a simple http server class written in perl. Versions prior to 6.15 are subject to a vulnerability which could potentially be exploited to gain privileged access to APIs or poison intermediate caches. It is uncertain how large the risks are, most Perl based applications are served ...
CVE-2022-31081
HTTP::Daemon is a simple http server class written in perl. Versions prior to 6.15 are subject to a vulnerability which could potentially be exploited to gain privileged access to APIs or poison intermediate caches. It is uncertain how large the risks are, most Perl based applications are served ...
CVE-2022-31805
In the CODESYS Development System multiple components in multiple versions transmit the passwords for the communication between clients and servers unprotected...
CVE-2022-31805
In the CODESYS Development System multiple components in multiple versions transmit the passwords for the communication between clients and servers unprotected...
Code injection
In the CODESYS Development System multiple components in multiple versions transmit the passwords for the communication between clients and servers unprotected...
CVE-2022-31805
The CVE-2022-31805 issue affects the CODESYS Development System (multiple components across several versions) where passwords used to authenticate between clients and servers are transmitted in plaintext. Public details in the NVD entry show network-based exploitation with partial confidentiality...
CODESYS Development System 安全漏洞
3s-smart Software Solutions CODESYS Development System is a suite of programming tools for the field of industrial controllers and automation technology from the German company 3s-smart Software Solutions. A security vulnerability exists in several components of several versions of the CODESYS...
PT-2022-20945 · 3S Smart Software Solutions · Codesys Development System
Name of the Vulnerable Software and Affected Versions: CODESYS Development System affected versions not specified Description: The issue concerns the transmission of passwords for communication between clients and servers in an unprotected manner. This affects multiple components across various...
CVE-2022-31805
In the CODESYS Development System multiple components in multiple versions transmit the passwords for the communication between clients and servers unprotected...
The vulnerability of the Azure Real Time Operating System GUIX Studio in the development environment, related to insufficient validation of input data, allows a perpetrator to execute arbitrary code.
The vulnerability of the Azure Real Time Operating System GUIX Studio lies in insufficient validation of input data. Exploiting this vulnerability allows an attacker to execute arbitrary code using a specially created malicious file...
The vulnerability of the Azure Real Time Operating System GUIX Studio in the development environment, related to insufficient validation of input data, allows a perpetrator to execute arbitrary code.
The vulnerability of the Azure Real Time Operating System GUIX Studio lies in insufficient validation of input data. Exploiting this vulnerability allows an attacker to execute arbitrary code using a specially created malicious file...
The vulnerability relates to the set of development tools called Intel Software Guard Extensions SDK, as well as microsoftware such as Intel SGX DCAP and SGX PSW. This vulnerability stems from operations that involve writing to memory beyond the buffer boundaries, allowing attackers to disclose sensitive information.
The vulnerability in the Intel Software Guard Extensions SDK, microsoftware such as Intel SGX DCAP and SGX PSW, is related to the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to disclose protected information...
The vulnerability of the Outside In Filters component within the Oracle Outside In Technology SDK allows a hacker to trigger a service failure.
The vulnerability of the Outside In Filters component within the Oracle Outside In Technology SDK set is related to insufficient validation of input data. Exploiting this vulnerability could allow an attacker to trigger a service failure using the HTTP protocol...
How to Secure App Development in the Cloud, With Tips From Gartner
Building applications in the cloud has been great for development speed and scalability, but it can sometimes feel more like a sustained migraine for security teams. How do you keep your cloud applications safe without resorting to a dizzying patchwork of overlapping tools and dispersed services?...
Moderate: Red Hat Enhancement Advisory: nodejs:12 bug fix and enhancement update
An update for the nodejs:12 module is now available for Red Hat Enterprise Linux 8. Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Bug Fixes and Enhancements: nodejs:12/nodejs: rebase to last upstream release...
Malicious code in development-guide (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 23fee7eb3ceb54ffceb35cd803eddfae751b7889bc90a3fe1afcf309fc7411e5 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2022-2456 Malicious code in development-guide (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 23fee7eb3ceb54ffceb35cd803eddfae751b7889bc90a3fe1afcf309fc7411e5 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...