MAL-2026-4501 Malicious code in btd-smart (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3ad22b27351879a89349a1232ee5abb46bc589399ea710b9769526a8080b3199 The package presents itself as a clone of juliangruber/balanced-match stolen author identity 'Julian Gruber ', verbatim README, identical API renamed...

PT-2025-52371

Name of the Vulnerable Software and Affected Versions Kibana affected versions not specified Description An improper authorization issue exists in Kibana that can lead to privilege escalation. An authenticated user can modify a document's sharing type to "global" without the necessary permissions...

Jenkins build-metrics Plugin信息泄露漏洞

Jenkins and Jenkins Plugin are both Jenkins open source products.Jenkins is an application. Jenkins Plugin is an application that provides hundreds of plugins to support building, deploying, and automating any project. Jenkins build-metrics Plugin version 1.3 and earlier versions are vulnerable t...

How to Securely Access Remote Desktop?

By Owais Sultan Since remote desktop access allows a device to be accessed from anywhere globally over the public internet, security is an important consideration. This is a post from HackRead.com Read the original post: How to Securely Access Remote Desktop?...

jenkins-2-plugins/config-file-provider: Does not correctly perform permission checks in several HTTP endpoints.

A flaw was found in the config-file-provider Jenkins plugin. The plugin does not correctly perform permission checks in several HTTP endpoints, as a consequence an attacker with global Job/Configure permission can enumerate system-scoped credentials IDs of credentials stored in Jenkins...

Streaming and Security: In Conversation With Smita Aeron

People from around the globe are looking for instant and uninterrupted access to streaming services, on any device and in any location. But delivering high-quality streams that can easily scale to meet audience demand is no easy task. To better...

Redis unauthorized access with SSH key file use analysis: ZoomEye the latest global exclusive data V2-vulnerability warning-the black bar safety net

Updates ! 2. Vulnerability overview Redis by default, it will bind on 0.0.0.0:6 3 7 9, This will be the Redis service exposed to the public Internet, if there is no open authentication, can cause any user can access the target server is not authorized to access Redis and read the Redis data...

Microsoft .NET Framework XML Digital Signature CVE-2013-1336 Security Bypass Vulnerability

Description Microsoft .NET Framework is prone to a security-bypass vulnerability because it fails to properly validate the signature of a specially crafted XML file. Attackers can exploit this issue to bypass XML digital signature validation and spoof XML content by conducting man-in-the-middle...

PHP 5.2.x < 5.2.15 Multiple Vulnerabilities

Binary data 801097.prm...

Recently updated links for users with personal spaces link to profile if personal space is not accessible

Users without the global access right for personal space can still see links to personal spaces in the "Recently updated" list on their dashboard. This is a serious security problem for extranets, when one wants to prevent non anonymous external users to see who's using the wiki. Note: this probl...