4419 matches found
[SECURITY] Fedora 38 Update: rust-1.77.2-1.fc38
Rust is a systems programming language that runs blazingly fast, prevents segfaults, and guarantees thread safety. This package includes the Rust compiler and documentation generator...
CVE-2023-35358
creationtimestamp| type| source ---|---|--- 2024-04-18 16:45:00+00:00| seen| https://googleprojectzero.blogspot.com/2024/04/the-windows-registry-adventure-1.html 2024-12-19 18:03:00+00:00| seen| https://googleprojectzero.blogspot.com/2024/12/the-windows-registry-adventure-5-regf.html 2025-05-23...
CVE-2023-21773
creationtimestamp| type| source ---|---|--- 2024-04-18 16:45:00+00:00| seen| https://googleprojectzero.blogspot.com/2024/04/the-windows-registry-adventure-1.html...
Ubuntu: Security Advisory (USN-6735-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
MSAL.NET applications targeting Xamarin Android and .NET Android (MAUI) susceptible to local denial of service
!IMPORTANT ONLY applications targeting Xamarin Android and .NET Android MAUI are impacted. All others can safely dismiss this CVE. Impact MSAL.NET applications targeting Xamarin Android and .NET Android e.g., MAUI using the library from versions 4.48.0 to 4.60.3 inclusive, except 4.59.1 and 4.60....
CVE-2024-31451 Limited file write in routes.py (GHSL-2023-250)
DocsGPT is a GPT-powered chat for documentation. DocsGPT is vulnerable to unauthenticated limited file write in routes.py. This vulnerability is fixed in 0.8.1...
USN-6735-1: Node.js vulnerabilities
It was discovered that Node.js incorrectly handled the use of invalid public keys while creating an x509 certificate. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service. This issue...
USN-6735-1 nodejs vulnerabilities
It was discovered that Node.js incorrectly handled the use of invalid public keys while creating an x509 certificate. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service. This issue...
Extension script @substitutions@ within quoting allow SQL injection (CVE-2023-39417)
An extension script is vulnerable if it uses @extowner@, @extschema@, or @extschema:...@ inside a quoting construct dollar quoting, '', or "". No bundled extension is vulnerable. Vulnerable uses do appear in a documentation example and in non-bundled extensions. Hence, the attack prerequisite is ...
OESA-2024-1433 ruby security update
Ruby is a fast and easy interpreted scripting language for object-oriented programming. It has many functions for processing text Files and perform system management tasks such as Perl. Security Fixes: A buffer overread flaw was found in rubygem StringIO. The ungetbyte and ungetc methods on a...
[SECURITY] Fedora 39 Update: rust-1.77.2-1.fc39
Rust is a systems programming language that runs blazingly fast, prevents segfaults, and guarantees thread safety. This package includes the Rust compiler and documentation generator...
Apache Zeppelin Security Bypass Vulnerability
Apache Zeppelin is a Web-based open source laptop application from the Apache USA Foundation. The program supports interactive data analysis and collaborative documentation. Apache Zeppelin suffers from a full bypass vulnerability that can be exploited by an attacker to bypass authentication by...
Apache Zeppelin Input Validation Error Vulnerability (CNVD-2024-17934)
Apache Zeppelin is a Web-based open source laptop application from the Apache USA Foundation. The program supports interactive data analysis and collaborative documentation. Apache Zeppelin suffers from an input validation error vulnerability that can be exploited by an attacker to view a server...
Apache Zeppelin Code Execution Vulnerability
Apache Zeppelin is a Web-based open source laptop application from the Apache USA Foundation. The program supports interactive data analysis and collaborative documentation. Apache Zeppelin has a code execution vulnerability that can be exploited by an attacker to execute shell scripts or malicio...
Apache Zeppelin Input Validation Error Vulnerability (CNVD-2024-17936)
Apache Zeppelin is a Web-based open source laptop application from the Apache USA Foundation. The program supports interactive data analysis and collaborative documentation. Apache Zeppelin has an input validation error vulnerability that can be exploited by an attacker to update the cron API usi...
Apache Zeppelin Input Validation Error Vulnerability (CNVD-2024-17937)
Apache Zeppelin is a Web-based open source laptop application from the Apache USA Foundation. The program supports interactive data analysis and collaborative documentation. Apache Zeppelin suffers from an input validation error vulnerability that can be exploited by an attacker to execute a...
Apache Zeppelin Input Validation Error Vulnerability (CNVD-2024-17935)
Apache Zeppelin is a Web-based open source laptop application from the Apache USA Foundation. The program supports interactive data analysis and collaborative documentation. Apache Zeppelin has an input validation error vulnerability that can be exploited by an attacker to cause a denial of servi...
Apache Zeppelin Cross-Site Scripting Vulnerability (CNVD-2024-17939)
Apache Zeppelin is a Web-based open source laptop application from the Apache USA Foundation. The program supports interactive data analysis and collaborative documentation. Apache Zeppelin suffers from a cross-site scripting vulnerability that stems from improper coding or escaping, which can be...
[SECURITY] Fedora 39 Update: python-pillow-10.3.0-1.fc39
Python image processing library, fork of the Python Imaging Library PIL This library provides extensive file format support, an efficient internal representation, and powerful image processing capabilities. There are four subpackages: tk tk interface, qt PIL image wrapper for Qt, devel developmen...
CVE-2024-30718
...