4422 matches found
[SECURITY] Fedora 33 Update: rust-1.56.1-1.fc33
Rust is a systems programming language that runs blazingly fast, prevents segfaults, and guarantees thread safety. This package includes the Rust compiler and documentation generator...
CVE-2020-1316
creationtimestamp| type| source ---|---|--- 2021-11-08 08:58:18+00:00| seen| MISP/f5030aca-7d5a-43a4-ae03-8f4ac8e85422 2023-12-04 21:36:18+00:00| seen| https://t.me/arpsyndicate/1311...
Acronis: XSS in Acronis Cloud Manager Admin Portal
Hello, Hope you are doing well. I wanted to report the following security vulnerability: The Acronis Cloud Manager Admin Portal default swagger UI is vulnerable to cross site scripting. I have the API running locally on my machine. I have attached screenshots of the XSS The URL is:...
Generated code can read and write out of bounds in safe code
Code generated by flatbuffers' compiler is unsafe but not marked as such. See https://github.com/google/flatbuffers/issues/6627 for details. For example, if generated code is used to decode malformed or untrusted input, undefined behavior and thus security vulnerabilities is possible even without...
ChainLink price data could be stale
Handle cmichel Vulnerability details There is no check in ChainlinkAdapterEth.getPrice if the return values indicate stale data. This could lead to stale prices according to the Chainlink documentation: under current notifications: "if answeredInRound roundId could indicate stale data." under...
SUSE-SU-2021:3469-1 Security update for strongswan
This update for strongswan fixes the following issues: - Fix trailing quotation mark missing from example in README. bsc1167880 - CVE-2021-41991: Fixed an integer overflow when replacing certificates in cache. bsc1191435 - CVE-2021-41990: Fixed an integer Overflow in the gmp Plugin. bsc1191367...
Security Bulletin: IBM Cloud Pak for Integration is vulnerable to jzsip (CVE-2021-23413)
Summary IBM Cloud Pak for Integration is vulnerable to jzsip CVE-2021-23413 with details below Vulnerability Details CVEID: CVE-2021-23413 DESCRIPTION: jszip is vulnerable to a denial of service, caused by a prototype pollution flaw. By using a specially-crafted zip file with filenames set to...
What is OpenAPI ❓ Concept, Examples and Advantages
What is OpenAPI? If there is anything that is growing anything like leaps and bounds then it’s API development and awareness towards API’s security. Whether it’s web API or mobile API, growth is significant in each domain. While we discuss API development, OpenAPI deserves a mention for sure. Thi...
Shisho - Lightweight Static Analyzer For Several Programming Languages
Shisho is a lightweight static analyzer for developers. Please seethe usage documentation for further information. Try at Playground You can try Shisho at our playground. Try with Docker You can try shisho in your machine as follows: echo "func testv string int return lenv + 1; " | docker run -i...
Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2021-2.0-0403
An update of 'vim' packages of Photon OS has been released...
GitOops - All Paths Lead To Clouds
GitOops is a tool to help attackers and defenders identify lateral movement and privilege escalation paths in GitHub organizations by abusing CI/CD pipelines and GitHub access controls. It works by mapping relationships between a GitHub organization and its CI/CD jobs and environment variables...
Security Bulletin: IBM Cloud Pak for Integration is vulnerable to Go vulnerability CVE-2021-31525
Summary IBM Cloud Pak for Integration is vulnerable to Go vulnerability CVE-2021-31525 with details below Vulnerability Details CVEID: CVE-2021-31525 DESCRIPTION: Golang Go is vulnerable to a denial of service, caused by a flaw in net/http. By sending a specially-crafted header to ReadRequest or...
CVE-2021-41773
creationtimestamp| type| source ---|---|--- 2021-10-05 14:37:33+00:00| published-proof-of-concept| https://t.me/cKure/7469 2021-10-05 15:14:23+00:00| seen| https://t.me/ptswarm/79 2021-10-05 15:39:32+00:00| published-proof-of-concept|...
Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2021-2.0-0401
An update of 'apache-tomcat' packages of Photon OS has been released...
[SECURITY] Fedora 33 Update: kernel-tools-5.14.9-100.fc33
This package contains the tools/ directory from the kernel source and the supporting documentation...
Fedora: Security Advisory for kernel-tools (FEDORA-2021-884d245ef8)
The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
[SECURITY] Fedora 34 Update: kernel-tools-5.14.9-200.fc34
This package contains the tools/ directory from the kernel source and the supporting documentation...
CVE-2021-40926
Cross-site scripting XSS vulnerability in demos/demo.mysqli.php in getID3 1.X and v2.0.0-beta allows remote attackers to inject arbitrary web script or HTML via the showtagfiles parameter...
[SECURITY] Fedora 34 Update: python-flask-restx-0.3.0-2.fc34
Flask-RESTX is an extension for Flask that adds support for quickly building REST APIs. It encourages best practices with minimal setup. If you are familiar with Flask, Flask-RESTX should be easy to pick up. It provides a coherent collection of decorators and tools to describe your API and expose...
Kodex - A Privacy And Security Engineering Toolkit: Discover, Understand, Pseudonymize, Anonymize, Encrypt And Securely Share Sensitive And Personal Data: Privacy And Security As Code
Kodex Community Edition - CE is an open-source toolkit for privacy and security engineering. It helps you to automate data security and data protection measures in your data engineering workflows. It offers the following functionality: Read data items from a variety of sources such as files,...