8752 matches found
Code Execution Vulnerability in Damon Database Management System
Wuhan Damon Database Co., Ltd. is a company dedicated to the research, development, sales and service of database management systems and big data platforms, as well as can provide users with full-stack data products and solutions. A code execution vulnerability exists in the Damon Database...
Google Golang memory consumption overflow vulnerability
Google Golang is a statically strongly typed, compiled language from Google, Inc. A memory consumption overflow vulnerability exists in Google Golang, which stems from a design or implementation impropriety in the code development process of a web-based system or product. An attacker could exploi...
The Forecast Is Flipped: How Rapid7 Is Flipping L&D for the Future of Work
The last 2 years have turned the world on its head, and now, companies across the globe are transitioning into a new normal. In this hybrid world, employee engagement is a moving target, the market is more competitive, and historical face-to-face teaching practices are no longer viable. Rapid7’s...
TerraGoat - Vulnerable Terraform Infrastructure
TerraGoat is Bridgecrew's "Vulnerable by Design" Terraform repository. TerraGoat is a learning and training project that demonstrates how common configuration errors can find their way into production cloud environments. Introduction TerraGoat was built to enable DevSecOps design and implement a...
[SECURITY] Fedora 35 Update: python-django-3.2.12-1.fc35
Django is a high-level Python Web framework that encourages rapid development and a clean, pragmatic design. It focuses on automating as much as possible and adhering to the DRY Don't Repeat Yourself principle...
CVE-2022-23630
Gradle is a build tool with a focus on build automation and support for multi-language development. In some cases, Gradle may skip that verification and accept a dependency that would otherwise fail the build as an untrusted external artifact. This occurs when dependency verification is disabled ...
CVE-2022-23630
Gradle is a build tool with a focus on build automation and support for multi-language development. In some cases, Gradle may skip that verification and accept a dependency that would otherwise fail the build as an untrusted external artifact. This occurs when dependency verification is disabled ...
CVE-2022-23630
Gradle is a build tool with a focus on build automation and support for multi-language development. In some cases, Gradle may skip that verification and accept a dependency that would otherwise fail the build as an untrusted external artifact. This occurs when dependency verification is disabled ...
Is it Easier to Turn Cloud Professionals into Security Practitioners or Vice Versa?
Insights into the cybersecurity skills gap In a poll taken at a recent Imperva webinar, What’s New in ‘22? Cybersecurity Trends and Predictions, participants said it’s easier to turn security practitioners into cloud professionals by a margin of 65-35. Three Directors in Imperva’s Office of the C...
rpnet (>=0.0.1 <=0.1.0), rpnet-dev (>=0.0.5 <=0.0.12) +4 more potentially affected by CVE-2022-23577 via tensorflow-gpu (=2.7.0)
tensorflow-gpu PYPI version =2.7.0 is affected by a known vulnerability. The following packages have a transitive dependency on tensorflow-gpu and may be impacted: - rpnet =0.0.1, =0.0.5, =1.0.5, =1.1.1 - tpu-tf2 =1.0.0 - troj =1.0.0 Source cves: CVE-2022-23577 Source advisory:...
rpnet (>=0.0.1 <=0.1.0), rpnet-dev (>=0.0.5 <=0.0.12) +4 more potentially affected by CVE-2022-21738 via tensorflow-gpu (=2.7.0)
tensorflow-gpu PYPI version =2.7.0 is affected by a known vulnerability. The following packages have a transitive dependency on tensorflow-gpu and may be impacted: - rpnet =0.0.1, =0.0.5, =1.0.5, =1.1.1 - tpu-tf2 =1.0.0 - troj =1.0.0 Source cves: CVE-2022-21738 Source advisory:...
rpnet (>=0.0.1 <=0.1.0), rpnet-dev (>=0.0.5 <=0.0.12) +4 more potentially affected by CVE-2022-23588 via tensorflow-gpu (=2.7.0)
tensorflow-gpu PYPI version =2.7.0 is affected by a known vulnerability. The following packages have a transitive dependency on tensorflow-gpu and may be impacted: - rpnet =0.0.1, =0.0.5, =1.0.5, =1.1.1 - tpu-tf2 =1.0.0 - troj =1.0.0 Source cves: CVE-2022-23588 Source advisory:...
CVE-2022-21991
Visual Studio Code Remote Development Extension Remote Code Execution Vulnerability...
CVE-2022-21991
Visual Studio Code Remote Development Extension Remote Code Execution Vulnerability...
Remote code execution
Visual Studio Code Remote Development Extension Remote Code Execution Vulnerability...
CVE-2022-21991 Visual Studio Code Remote Development Extension Remote Code Execution Vulnerability
...
CVE-2022-21991
CVE-2022-21991 is a remote code execution vulnerability in the Visual Studio Code Remote Development Extension. The provided documents confirm an RCE impact (high severity, CVSS v3.1 base 8.1) with network-based access and no user interaction, but do not specify affected product versions or explo...
Visual Studio Code Remote Development Extension Remote Code Execution Vulnerability
...
JetBrains Security Bulletin Q4 2021
JetBrains Security JetBrains Security Bulletin Q4 2021 Robert Demmer In the fourth quarter of 2021, we resolved a number of security issues in our products. Here’s a summary report that contains a description of each issue and the version in which it was resolved. Product | Description | Severity...
PT-2022-1664 · Microsoft · Visual Studio Code Remote Development Extension
Name of the Vulnerable Software and Affected Versions: Visual Studio Code Remote Development Extension affected versions not specified Description: The issue is related to incorrect code generation management in the Visual Studio Code Remote Development Extension. Exploitation of this issue may...