Lucene search
K

8751 matches found

Imperva Blog
Imperva Blog
added 2022/05/05 12:29 p.m.14 views

Forrester Report Reveals the 5 Benefits IT Teams Really Need from API Security Tools

An Application Programming Interface API is a software intermediary that allows applications to communicate with one another. APIs provide routines, protocols, and tools for developers to facilitate and accelerate the creation of software applications. They enable applications to easily access an...

7.3AI score
Exploits0
CNVD
CNVD
added 2022/05/05 12:0 a.m.27 views

JetBrains IntelliJ IDEA Code Injection Vulnerability

JetBrains IntelliJ IDEA is a suite of integrated development environments for the Java language from Jetbrains, a Czech company.A code injection vulnerability exists in versions of JetBrains IntelliJ IDEA prior to 2022.1, which stems from the execution of native code via a link in Quick...

7.7CVSS4.9AI score0.0022EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2022/05/05 12:0 a.m.18 views

SUSE: Security Advisory (SUSE-SU-2022:1540-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

4.3CVSS5.6AI score0.01024EPSS
Exploits0References5
OSV
OSV
added 2022/05/04 12:17 p.m.2 views

USN-5401-1 dpdk vulnerabilities

Wenxiang Qian discovered that DPDK incorrectly checked certain payloads. An attacker could use this issue to cause DPDK to crash, resulting in a denial of service, or possibly execute arbitrary code. CVE-2021-3839 It was discovered that DPDK incorrectly handled inflight type messages. An attacker...

7.5CVSS6AI score0.01259EPSS
Exploits0References3
HackRead
HackRead
added 2022/05/03 4:0 p.m.14 views

How to Choose Tech Stack for Mobile App Development

By Owais Sultan What a good tech stack for a mobile app is and how to, actually, pick the right one… This is a post from HackRead.com Read the original post: How to Choose Tech Stack for Mobile App Development...

1.7AI score
Exploits0
OpenVAS
OpenVAS
added 2022/05/03 12:0 a.m.14 views

SUSE: Security Advisory (SUSE-SU-2022:1508-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.5CVSS6.5AI score0.02752EPSS
Exploits1References4
Rapid7 Blog
Rapid7 Blog
added 2022/05/02 3:9 p.m.13 views

Cloud-Native Application Protection (CNAPP): What's Behind the Hype?

There's no shortage of acronyms when it comes to security product categories. DAST, EDR, CWPP — it sometimes feels like we're awash in a sea of letters, and that can be a little dizzying. Every once in a while, though, a new term pops up that cuts through the noise, thanks to a combination of...

7.3AI score
Exploits0
OSV
OSV
added 2022/05/02 3:22 a.m.26 views

GHSA-WJJR-H4WH-W6VV Spring Framework Inefficient Regular Expression Complexity

Algorithmic complexity vulnerability in the java.util.regex.Pattern.compile method in Sun Java Development Kit JDK before 1.6, when used with spring.jar in SpringSource Spring Framework 1.1.0 through 2.5.6 and 3.0.0.M1 through 3.0.0.M2 and dm Server 1.0.0 through 1.0.2, allows remote attackers to...

5CVSS9.2AI score0.02796EPSS
Exploits1References5
OSV
OSV
added 2022/04/29 3:0 p.m.2 views

UBUNTU-CVE-2022-0669

A flaw was found in dpdk. This flaw allows a malicious vhost-user master to attach an unexpected number of fds as ancillary data to VHOSTUSERGETINFLIGHTFD / VHOSTUSERSETINFLIGHTFD messages that are not closed by the vhost-user slave. By sending such messages continuously, the vhost-user master...

6.5CVSS6.7AI score0.00283EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2022/04/28 7:3 p.m.4 views

OpenJDK: Unbounded memory allocation when compiling crafted XPath expressions (JAXP, 8270504)

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: JAXP. Supported versions that are affected are Oracle Java SE: 7u331, 8u321, 11.0.14, 17.0.2, 18; Oracle GraalVM Enterprise Edition: 20.3.5, 21.3.1 and 22.0.0.2. Easily exploitable...

5.3CVSS7.4AI score0.03028EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2022/04/28 6:58 p.m.4 views

OpenJDK: Defective secure validation in Apache Santuario (Libraries, 8278008)

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Libraries. Supported versions that are affected are Oracle Java SE: 7u331, 8u321, 11.0.14, 17.0.2, 18; Oracle GraalVM Enterprise Edition: 20.3.5, 21.3.1 and 22.0.0.2. Easily exploitable...

7.5CVSS7.4AI score0.03825EPSS
Exploits0References4
Microsoft Malware Protection
Microsoft Malware Protection
added 2022/04/27 4:0 p.m.13 views

How one senior developer brings the startup spirit to Microsoft

I recently had the opportunity to visit the Microsoft Africa Development Center, in my role as executive sponsor, for dedication ceremonies we hosted in both Nigeria and Kenya. All I have to say is, “Wow!” The energy at the ADC is simply electric. There’s so much optimism and so much enthusiasm f...

7.1AI score
Exploits0
Trend Micro Simply Security
Trend Micro Simply Security
added 2022/04/27 12:0 a.m.8 views

New AWS Competency Category - Why It's Important

AWS DevOps competency recently added a new category, DevSecOps to its arsenal. Explore our overview of the category and why it matters to security and development teams building in the cloud...

3.3AI score
Exploits0
OpenVAS
OpenVAS
added 2022/04/27 12:0 a.m.18 views

SUSE: Security Advisory (SUSE-SU-2022:1417-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.5CVSS6.7AI score0.0262EPSS
Exploits0References5
hivepro
hivepro
added 2022/04/26 12:22 p.m.58 views

What will be the consequence of this disputed vulnerability in 7-ZIP?

THREAT LEVEL: Red. For a detailed advisory, download the pdf file here The zero-day vulnerability in 7- Zip software, tracked as CVE-2022-29072 is marked as disputed by the National Vulnerability DatabaseNVD, and sparked discussions over its consequences. This started when a researcher published ...

7.2CVSS0.4AI score0.01523EPSS
Exploits8
OSV
OSV
added 2022/04/25 3:17 p.m.37 views

ALSA-2022:1491 Important: java-1.8.0-openjdk security update

The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Security Fixes: OpenJDK: Defective secure validation in Apache Santuario Libraries, 8278008 CVE-2022-21476 OpenJDK: Unbounded memory allocation when compiling crafted...

7.5CVSS6.8AI score0.03825EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2022/04/25 2:0 p.m.3 views

OpenJDK: Defective secure validation in Apache Santuario (Libraries, 8278008)

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Libraries. Supported versions that are affected are Oracle Java SE: 7u331, 8u321, 11.0.14, 17.0.2, 18; Oracle GraalVM Enterprise Edition: 20.3.5, 21.3.1 and 22.0.0.2. Easily exploitable...

7.5CVSS7.4AI score0.03825EPSS
Exploits0References4
CNVD
CNVD
added 2022/04/25 12:0 a.m.10 views

Accusoft ImageGear heap buffer overflow vulnerability (CNVD-2022-35411)

Accusoft ImageGear is a software development kit SDK for image processing from Accusoft, USA. A security vulnerability exists in Accusoft ImageGear, which can be exploited by an attacker to pass specially crafted data to an application, trigger a heap buffer overflow, and execute arbitrary code o...

9.8CVSS7.8AI score0.01451EPSS
Exploits1References1
CNVD
CNVD
added 2022/04/25 12:0 a.m.13 views

Accusoft ImageGear heap buffer overflow vulnerability (CNVD-2022-35416)

Accusoft ImageGear is a software development kit SDK for image processing from Accusoft, USA. A security vulnerability exists in Accusoft ImageGear, which can be exploited by an attacker to pass crafted data to an application, trigger a heap buffer overflow, and execute arbitrary code on the targ...

9.8CVSS7.8AI score0.01037EPSS
Exploits1References1
CNVD
CNVD
added 2022/04/25 12:0 a.m.28 views

Accusoft ImageGear heap buffer overflow vulnerability (CNVD-2022-35415)

Accusoft ImageGear is a software development kit SDK for image processing from Accusoft, USA. A security vulnerability exists in Accusoft ImageGear, which can be exploited by an attacker to pass crafted data to an application, trigger a heap buffer overflow, and execute arbitrary code on the targ...

9.8CVSS9AI score0.01037EPSS
Exploits1References1
Rows per page
Query Builder