4419 matches found
CVE-2024-0402
creationtimestamp| type| source ---|---|--- 2024-01-26 02:26:35+00:00| seen| https://t.me/ctinow/173953 2024-01-26 11:56:47+00:00| seen| https://t.me/ctinow/174171 2024-01-26 12:46:40+00:00| published-proof-of-concept| https://t.me/techb0ltGenona/4239 2024-01-28 13:16:07+00:00| seen|...
Security Bulletin: IBM Event Processing is vulnerable to Improper Input Validation due to the PostCSS (CVE-2023-44270).
Summary Operator of IBM Event Processing is vulnerable to Improper Input Validation due to the postcss-8.4.21.tgz before 8.4.31. PostCSS is a tool for transforming CSS with JavaScript plugins and this is a dev dependency used by Event Processing Team. CVE-2023-44270. Vulnerability Details...
How to start to use device certificate check in Device Posture
In the following Citrix document, Device Certificate check in Device Postureone part of SPA Service has been introduced. This article is about how to submit a request to start to use it. Device certificate check with Device Posture service - Preview...
RUSTSEC-2024-0006 Multiple issues involving quote API
Issue 1: Failure to quote characters Affected versions of this crate allowed the bytes and \xa0 to appear unquoted and unescaped in command arguments. If the output of quote or join is passed to a shell, then what should be a single command argument could be interpreted as multiple arguments. Thi...
TensorFlow CI/CD Flaw Exposed Supply Chain to Poisoning Attacks
Continuous integration and continuous delivery CI/CD misconfigurations discovered in the open-source TensorFlow machine learning framework could have been exploited to orchestrate supply chain attacks. The misconfigurations could be abused by an attacker to "conduct a supply chain compromise of...
Fedora: Security Advisory for python3-docs (FEDORA-2023-0583eedde7)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE-SU-2024:0120-1 Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP1 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2020-26555: Fixed Bluetooth legacy BR/EDR PIN code pairing in Bluetooth Core Specification 1.0B that may permit an unauthenticated nearby device to spoof the...
SUSE: Security Advisory (SUSE-SU-2024:0106-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Security Bulletin: Platform Navigator and Automation Assets in IBM Cloud Pak for Integration are vulnerable to denial of service due to Node.js
Summary Platform Navigator and Automation Assets in IBM Cloud Pak for Integration are vulnerable to denial of service due to Node.js CVE-2023-44487. Vulnerability Details CVEID:CVE-2023-44487 DESCRIPTION: Multiple vendors are vulnerable to a denial of service, caused by a flaw in handling...
Design/Logic Flaw
Insufficient technical documentation issue exists in thermal camera TMC series all firmware versions. The user of the affected product is not aware of the internally saved data. By accessing the affected product physically, an attacker may retrieve the internal data...
CVE-2024-22028
Insufficient technical documentation issue exists in thermal camera TMC series all firmware versions. The user of the affected product is not aware of the internally saved data. By accessing the affected product physically, an attacker may retrieve the internal data...
CVE-2024-22028
Insufficient technical documentation issue exists in thermal camera TMC series all firmware versions. The user of the affected product is not aware of the internally saved data. By accessing the affected product physically, an attacker may retrieve the internal data...
CVE-2024-22028
Thermal camera TMC series from 3R SOLUTION JAPAN is affected across all firmware versions due to insufficient technical documentation (CWE-1059). The documentation fails to describe network interface presence and internal storage of pictures/measurements, enabling physical access to reveal stored...
Thermal camera TMC series vulnerable to insufficient technical documentation
Overview Thermal camera TMC series provided by THREE R SOLUTION CORP. JAPAN are vulnerable to insufficient technical documentation CWE-1059. The related documentation does not describe the existence of the network interface, nor the internal storage for pictures and measurement data. Hiroyuki...
3R SOLUTION Thermal camera TMC series Security Vulnerability
The 3R SOLUTION Thermal camera TMC series is a series of thermal cameras from 3R SOLUTION, Japan. A security vulnerability exists in 3R SOLUTION Thermal camera TMC series, which is caused due to insufficient technical documentation, where the user is unaware of the internally stored data and an...
JVN#96240417: Thermal camera TMC series vulnerable to insufficient technical documentation
Thermal camera TMC series provided by THREE R SOLUTION CORP. JAPAN are vulnerable to insufficient technical documentation CWE-1059. The related documentation does not describe the existence of the network interface, nor the internal storage for pictures and measurement data. Impact The user of th...
[SECURITY] Fedora 38 Update: ppp-2.4.9-10.fc38
The ppp package contains the PPP Point-to-Point Protocol daemon and documentation for PPP support. The PPP protocol provides a method for transmitting datagrams over serial point-to-point links. PPP is usually used to dial in to an ISP Internet Service Provider or other organization over a modem...
OPENSUSE-SU-2024:0017-1 Security update for python-django-grappelli
This update for python-django-grappelli fixes the following issues: Update to 2.14.4: - CVE-2021-46898: Fixed views/switch.py vulnerable to protocol-relative URL attacks boo1216481 - Fixed: Redirect with switch user. - Improved: Remove extra filtering in AutocompleteLookup. - Improved: Added impo...
What Is Policy-as-Code
Decoding the Enigma: Policy-as-Code Explained The Information Technology IT sector can often feel like a maze of intricate jargon and theories. A phrase gaining traction in this field is Policy-as-Code PaC. However, what does Policy-as-Code entail? Let's demystify this enigma. Policy-as-Code...
[SECURITY] Fedora 38 Update: python3-docs-3.11.7-1.fc38
The python3-docs package contains documentation on the Python 3 programming language and interpreter...