CVE-2022-20634

Cisco Enterprise Chat and Email (ECE) Web-based management interface vulnerability (CVE-2022-20634) allows an unauthenticated, remote attacker to cause user redirection to a malicious URL via crafted links. Root cause: improper input validation of URL parameters in HTTP requests. Affects Cisco EC...

CVE-2024-31334

CVE-2024-31334 affects the DevmemIntFreeDefBackingPage function in the Android/Linux kernel code path devicemem_server.c. The described logic error could allow arbitrary code execution leading to local elevation of privilege without requiring user interaction. Exploitation is local (no remote vec...

CVE-2023-47818

CVE-2023-47818 affects LWS Hide Login (WordPress plugin) up to version 2.1.8. The issue is a protection mechanism bypass that could allow an unauthenticated actor to access login functionality by visiting install.php, effectively bypassing the hidden login protection. Patch/mitigation: upgrade to...

CVE-2017-1579

CVE-2017-1579 is addressed in IBM DOORS Next Generation (DNG/RRC). The IBM Security Bulletin reports a cross-site scripting vulnerability in the Web UI of Rational DOORS Next Generation, allowing an attacker to embed arbitrary JavaScript and potentially disclose credentials within a trusted sessi...

SUSE-SU-2023:0079-1 Security update for python-future

This update for python-future fixes the following issues: - CVE-2022-40899: Fixed an issue that could allow attackers to cause an excessive CPU usage via a crafted Set-Cookie header bsc1206673...

Meet Mike Schiessl: Senior Technical Marketing Engineer

Meet Mike Schiessl to learn more about his career path, how companies can support a DevOps to DevSecOps transition, and the future of security and business...

CVE-2012-0424

Technical details for CVE-2012-0424 are not provided in the supplied documents; the Initial Description is a placeholder. Monitor for updates from the sources.

CVE-2020-6913

HP Sure Sense driver may have a vulnerability that could allow Unauthorized Code Execution, per HP PSRT bulletin HPSBHF03663 rev. 1. Details are limited; bulletin may be updated as new information or SoftPaqs become available. HP recommends keeping firmware/software up to date. The connected docu...

Women in Security Part 5: Meet Lavine Oluoch, Threat Analyst

This post is part of our Women’s History Month series - follow along with us on Twitter @VMwareCarbonBlack In continued celebration of Women’s History Month, we are excited to bring you our next featured security expert as a part of our six-part Women in Security series. Throughout March, we are...

The Future of Cloud Security

Effectively securing the cloud is a long-term commitment, as the state of cybercrime and vulnerabilities are constantly evolving. Risk reduction comes from knowing how to secure the cloud now and into the future...

Anonymous Vs Sony : Word By Word Q/A b/w Reporters and Sony during Conference !

Anonymous Vs Sony : Word By Word Q/A b/w Reporters and Sony during Conference ! Q. The accuracy of approximately 10 million credit flow A. There is no firm evidence of leakage. Cannot say wether a leak or not. There is no report so far. Q. prospect of resuming services. A. We want to restart the...