4422 matches found
Spring Cloud Azure 5.0 is now Generally Available
Were very pleased to announce that Spring Cloud Azure 5.0 is now generally available. This major release includes the following features, improvements, and documentation updates: Compatible with Spring Boot 3 and Spring Cloud 2022.0.0 Supports Passwordless Connections Updated Azure for Spring...
Spring Cloud Azure 5.0 is now Generally Available
We're very pleased to announce that Spring Cloud Azure 5.0 is now generally available. This major release includes the following features, improvements, and documentation updates: Compatible with Spring Boot 3 and Spring Cloud 2022.0.0 Supports Passwordless Connections Updated Azure for Spring...
Spring Cloud Azure 5.0 is now Generally Available
We're very pleased to announce that Spring Cloud Azure 5.0 is now generally available. This major release includes the following features, improvements, and documentation updates: Compatible with Spring Boot 3 and Spring Cloud 2022.0.0 Supports Passwordless Connections Updated Azure for Spring...
Controller reconciles apps outside configured namespaces when sharding is enabled
Impact All Argo CD versions starting with 2.5.0-rc1 are vulnerable to an authorization bypass bug which allows a malicious Argo CD user to deploy Applications outside the configured allowed namespaces. Description of exploit Reconciled Application namespaces are specified as a comma-delimited lis...
Upgraded Q -> M from #50 [1674461707004]
Judge has assessed an item in Issue 50 as M risk. The relevant finding follows: QA10. The deposit function only works for tokens that have no more than 18 decimals. This needs to be documented. --- The text was updated successfully, but these errors were encountered: All reactions...
[SECURITY] Fedora 36 Update: rust-1.66.1-1.fc36
Rust is a systems programming language that runs blazingly fast, prevents segfaults, and guarantees thread safety. This package includes the Rust compiler and documentation generator...
Metasploit Weekly Wrap-Up
See something say something Have an idea on how to expand on Metasploit Documentation on ? Did you see a typo or some other error on the docs site? Thanks to adfoster-r7, submitting an update to the documentation is as easy as clicking the 'Edit this page on GitHub' link on the page you want to...
Spring Modulith 0.3 released
Hot on the heels of Spring Boot 3.0.2, I am excited to announce the 0.3 release of Spring Modulith. The release is packed with improvements. We have tweaked a couple of things that might require your attention and a couple of adapting changes to your code. The most notable changes are: GH-114 – W...
Spring Modulith 0.3 released
Hot on the heels of Spring Boot 3.0.2, I am excited to announce the 0.3 release of Spring Modulith. The release is packed with improvements. We have tweaked a couple of things that might require your attention and a couple of adapting changes to your code. The most notable changes are: GH-114 – W...
Spring Modulith 0.3 released
Hot on the heels of Spring Boot 3.0.2, I am excited to announce the 0.3 release of Spring Modulith. The release is packed with improvements. We have tweaked a couple of things that might require your attention and a couple of adapting changes to your code. The most notable changes are: GH-114 – W...
HSTS configuration not working in confluence 8.0.2
h3. Issue Summary This is reproducible on Data Center: Yes h3. Steps to Reproduce Configure confluence on SSL Follow KB -...
GSD-2023-1000528 net: stmmac: fix errno when create_singlethread_workqueue() fails
net: stmmac: fix errno when createsinglethreadworkqueue fails This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v6.0.16 by commit...
Hacked Cellebrite and MSAB Software Released
Cellebrite is an cyberweapons arms manufacturer that sells smartphone forensic software to governments around the world. MSAB is a Swedish company that does the same thing. Someone has released software and documentation from both companies...
Fedora: Security Advisory for kernel-tools (FEDORA-2023-f4f9182dc8)
The remote host is missing an update for the Copyright C 2023 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Format string
BlueCat Device Registration Portal 2.2 allows XXE attacks that exfiltrate single-line files. A single-line file might contain credentials, such as "machine example.com login daniel password qwerty" in the documentation example for the .netrc file format. NOTE: 2.x versions are no longer supported...
[SECURITY] Fedora 37 Update: kernel-tools-6.1.5-200.fc37
This package contains the tools/ directory from the kernel source and the supporting documentation...
Metasploit Weekly Wrap-Up
New module content 2 Gather Dbeaver Passwords Author: Kali-Team Type: Post Pull request: 17337 contributed by cn-kali-team Description: This adds a post exploit module that retrieves Dbeaver session data from local configuration files. It is able to extract and decrypt credentials stored in these...
kernel security and bug fix update
4.18.0-425.10.1.OL8 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug: 24817676 - Conflict with shim-ia32 and...
SUSE-SU-2023:0070-1 Security update for openstack-barbican, openstack-heat-gbp, openstack-horizon-plugin-gbp-ui, openstack-neutron, openstack-neutron-gbp
This update for openstack-barbican, openstack-heat-gbp, openstack-horizon-plugin-gbp-ui, openstack-neutron, openstack-neutron-gbp fixes the following issues: Security fixes included on this update: openstack-barbican: - CVE-2022-3100: Fixed an access policy bypass via query string injection...
Open redirect on government website sends users to adult content
Fake websites and open redirects have conspired to make things awkward for a UKGOV website. The site in question, riverconditionsdotenvironment-agencydotgovdotuk, was being abused in search engine results to redirect to various sites which arent associated with UKGOV--most of which were adult...