4151 matches found
Echo 安全漏洞
Echo is an open source community system with no separation of front and back end for Veal98 individual developers. A security vulnerability exists in Echo version 4.2, which stems from an improper authorization issue in the documentation...
Echo 跨站脚本漏洞
Echo is an open source community system for Veal98 individual developers that does not separate front and back ends. A cross-site scripting vulnerability exists in Echo version 4.2, which stems from improper manipulation of the parameter editormd-image-file in the file /discuss/uploadMdPic, which...
@capriza/far (>=0.1.2 <=2.4.2), @cobalt-engine/cobower (=2.0.0) +387 more potentially affected by CVE-2024-12905 via tar-fs (>=0.1.8 <=1.16.3)
tar-fs NPM version =0.1.8, =0.1.2, =6.0.3, =6.0.3, =6.0.3, =2.1.1, =0.10.2, =0.0.0-beta.1, =0.0.0-beta.1, =0.0.0-beta.1, =0.1.0, =0.1.0, =1.0.5, =1.1.2 - @elm-node/npm-scripts =1.0.0 - @hlsrules-test/fc-libreoffice =1.0.0 and more Source cves: CVE-2024-12905 Source advisory: OSV:GHSA-PQ67-2WWV-3X...
DEBIAN-CVE-2023-52941
In the Linux kernel, the following vulnerability has been resolved: can: isotp: split tx timer into transmission and timeout The timer for the transmission of isotp PDUs formerly had two functions: 1. send two consecutive frames with a given time gap 2. monitor the timeouts for flow control frame...
UBUNTU-CVE-2023-52941
In the Linux kernel, the following vulnerability has been resolved: can: isotp: split tx timer into transmission and timeout The timer for the transmission of isotp PDUs formerly had two functions: 1. send two consecutive frames with a given time gap 2. monitor the timeouts for flow control frame...
A week in security (March 17 – March 23)
Last week on Malwarebytes Labs: What Google Chrome knows about you, with Carey Parker Lock and Code S06E06 Personal data revealed in released JFK files Semrush impersonation scam hits Google Ads Targeted spyware and why it’s a concern to us The "free money" trap: How scammers exploit financial...
Amazon disables privacy option, will send your Echo voice recordings to the cloud
Amazon has announced its Echo devices will no longer have the option to store and process requests on the device itself, meaning your voice recordings will now be sent to the cloud for processing. In an email sent to customers, Amazon explained that the feature "Do Not Send Voice Recordings" will...
Linux Distros Unpatched Vulnerability : CVE-2022-40083
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Labstack Echo v4.8.0 was discovered to contain an open redirect vulnerability via the Static Handler component. This vulnerability can be leveraged by attackers...
CVE-2022-49633
In the Linux kernel, the following vulnerability has been resolved: icmp: Fix data-races around sysctlicmpechoenableprobe. While reading sysctlicmpechoenableprobe, it can be changed concurrently. Thus, we need to add READONCE to its readers...
SUSE CVE-2022-49633
In the Linux kernel, the following vulnerability has been resolved: icmp: Fix data-races around sysctlicmpechoenableprobe. While reading sysctlicmpechoenableprobe, it can be changed concurrently. Thus, we need to add READONCE to its readers...
DEBIAN-CVE-2022-49633
In the Linux kernel, the following vulnerability has been resolved: icmp: Fix data-races around sysctlicmpechoenableprobe. While reading sysctlicmpechoenableprobe, it can be changed concurrently. Thus, we need to add READONCE to its readers...
CVE-2022-49633
In the Linux kernel, the following vulnerability has been resolved: icmp: Fix data-races around sysctlicmpechoenableprobe. While reading sysctlicmpechoenableprobe, it can be changed concurrently. Thus, we need to add READONCE to its readers...
UBUNTU-CVE-2022-49633
In the Linux kernel, the following vulnerability has been resolved: icmp: Fix data-races around sysctlicmpechoenableprobe. While reading sysctlicmpechoenableprobe, it can be changed concurrently. Thus, we need to add READONCE to its readers...
CVE-2022-49633
In the Linux kernel (CVE-2022-49633), a data-race was fixed in icmp_echo_enable_probe where readers could observe concurrent writes. The mitigation adds READ_ONCE() to readers to prevent reading torn data. The provided connected docs confirm this resolution and describe the underlying issue and f...
CVE-2022-49633
In the Linux kernel, the following vulnerability has been resolved: icmp: Fix data-races around sysctlicmpechoenableprobe. While reading sysctlicmpechoenableprobe, it can be changed concurrently. Thus, we need to add READONCE to its readers...
CVE-2022-49633 icmp: Fix data-races around sysctl_icmp_echo_enable_probe.
In the Linux kernel, the following vulnerability has been resolved: icmp: Fix data-races around sysctlicmpechoenableprobe. While reading sysctlicmpechoenableprobe, it can be changed concurrently. Thus, we need to add READONCE to its readers...
CVE-2022-49633 icmp: Fix data-races around sysctl_icmp_echo_enable_probe.
In the Linux kernel, the following vulnerability has been resolved: icmp: Fix data-races around sysctlicmpechoenableprobe. While reading sysctlicmpechoenableprobe, it can be changed concurrently. Thus, we need to add READONCE to its readers...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the fact that sysctlicmpechoenableprobe may be concurrently modified on read, resulting in data contention...
AI-Powered Deception is a Menace to Our Societies
Wherever there’s been conflict in the world, propaganda has never been far away. Travel back in time to 515 BC and read the Behistun Inscription, an autobiography by Persian King Darius that discusses his rise to power. More recently, see how different newspapers report on wars, where it’s said,...
ZOO-Project 跨站脚本漏洞
ZOO-Project is an open source processing platform from ZOO-Project Open Source. A cross-site scripting vulnerability exists in ZOO-Project that stems from the EchoProcess service failing to perform proper security checks on SVG content when processing user input...