Security Bulletin: A vulnerability in Open JDK affecting Rational Functional Tester

Summary A vulnerability in Open JDK Version 8, OpenJ9 used by Rational Functional Tester RFT. RFT has addressed the applicable CVEs. Vulnerability Details CVEID:CVE-2023-21830 DESCRIPTION: An unspecified vulnerability in Java SE related to the Serialization component could allow a remote attacker...

SUSE CVE-2020-2250

Jenkins SoapUI Pro Functional Testing Plugin 1.3 and earlier stores project passwords unencrypted in job config.xml files on the Jenkins controller where they can be viewed by attackers with Extended Read permission, or access to the Jenkins controller file system...

Pixel Update Bulletin—February 2023Stay organized with collectionsSave and categorize content based on your preferences.

The Pixel Update Bulletin contains details of security vulnerabilities and functional improvements affecting supported Pixel devices Google devices. For Google devices, security patch levels of 2023-02-05 or later address all issues in this bulletin and all issues in the February 2023 Android...

Security Bulletin: A vulnerability in Open JDK affecting Rational Functional Tester

Summary A vulnerability in Open JDK Version 8, OpenJ9 used by Rational Functional Tester RFT. RFT has addressed the applicable CVEs. Vulnerability Details CVEID:CVE-2022-3676 DESCRIPTION: Eclipse Openj9 could allow a remote attacker to bypass security restrictions, caused by improper runtime type...

GHSA-GCJF-29M9-888Q PaddlePaddle vulnerable to Code Injection

Code injection in paddle.audio.functional.getwindow in PaddlePaddle 2.4.0-rc0 allows arbitrary code execution. A patch is available on the develop branch of the repository and anticipated to be part of a 2.4 release...

Code injection

Code injection in paddle.audio.functional.getwindow in PaddlePaddle 2.4.0-rc0 allows arbitrary code execution...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK and IBM Java Runtime affect Rational Functional Tester

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 1.8 and IBM® Runtime Environment Java™ Version 1.8 used by Rational Functional Tester. Rational Functional Tester has addressed the applicable CVEs. Vulnerability Details CVEID:CVE-2022-21628 DESCRIPTION: Jav...

Security Bulletin: A vulnerability in Open JDK affecting Rational Functional Tester

Summary A vulnerability in Open JDK Version 8, OpenJ9 used by Rational Functional Tester RFT versions 10.5. RFT has addressed the applicable CVEs. Vulnerability Details CVEID:CVE-2021-41041 DESCRIPTION: Eclipse Openj9 could allow a remote attacker to bypass security restrictions, caused by failin...

Code injection

In PaddlePaddle before 2.4, paddle.audio.functional.getwindow is vulnerable to code injection because it calls eval on a user-supplied winstr. This may lead to arbitrary code execution...

[SECURITY] Fedora 37 Update: elixir-1.14.2-1.fc37

Elixir is a programming language built on top of the Erlang VM. As Erlang, it is a functional language built to support distributed, fault-tolerant, non-stop applications with hot code swapping...

LodaRAT Malware Resurfaces with New Variants Employing Updated Functionalities

The LodaRAT malware has resurfaced with new variants that are being deployed in conjunction with other sophisticated malware, such as RedLine Stealer and Neshta. "The ease of access to its source code makes LodaRAT an attractive tool for any threat actor who is interested in its capabilities,"...

Cross-functional re-entrancy resulting in stealing any additional/extra ether sent by the execute() 's caller

Lines of code Vulnerability details Impact The contract Exchange.sol has execute function which can be called by anyone to execute a single buy and sell order. The function calls execute then returnDust. The latter sends the unrequired ether back to the caller. However, a malicious actor could...

Design/Logic Flaw

Vulnerability in the Oracle Transportation Management product of Oracle Supply Chain component: Data, Functional Security. Supported versions that are affected are 6.4.3 and 6.5.1. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle...

CVE-2022-39420

CVE-2022-39420 affects Oracle Transportation Management (Oracle Supply Chain) with affected versions 6.4.3 and 6.5.1. The issue arises in the Data/Functional Security component and allows a low-privileged attacker with network access over HTTP to perform unauthorized updates/inserts/deletes and r...

[SECURITY] Fedora 36 Update: scala-2.13.9-1.fc36

Scala is a general purpose programming language designed to express common programming patterns in a concise, elegant, and type-safe way. It smoothly integrates features of object-oriented and functional languages. It is also fully interoperable with Java. This package contains the Scala compiler...

Fedora: Security Advisory for scala (FEDORA-2022-07dd9375b2)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK and IBM Java Runtime affect Rational Functional Tester

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 1.8 and IBM® Runtime Environment Java™ Version 1.8 used by Rational Functional Tester. Rational Functional Tester has addressed the applicable CVEs. Vulnerability Details CVEID:CVE-2022-21541 DESCRIPTION: An...

SUSE: Security Advisory (SUSE-SU-2022:2838-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Security Bulletin: An Eclipse Jetty vulnerability affects IBM Rational Functional Tester

Summary There are multiple vulnerabilities in Eclipse Jetty used by Rational Functional Tester. Rational Functional Tester has addressed the applicable CVEs. Vulnerability Details CVEID:CVE-2022-2047 DESCRIPTION: Eclipse Jetty could allow a remote authenticated attacker to bypass security...

[SECURITY] Fedora 36 Update: golang-k8s-sample-apiserver-1.22.0-6.fc36

Demonstration of how to use the k8s.io/apiserver library to build a functional API server...