EUVD-2019-8042

Malware in sbrugna...

EUVD-2024-32351

Malicious code in bioql PyPI...

Security Bulletin: An out-of-bounds write issue was addressed with improved checks to prevent unauthorized actions., affect watsonx.data

Summary An out-of-bounds write issue was addressed with improved checks to prevent unauthorized actions. These could affect watsonx.data. Vulnerability Details CVEID:CVE-2025-24201 DESCRIPTION: An out-of-bounds write issue was addressed with improved checks to prevent unauthorized actions. This...

Security Bulletin: Vulnerability in snappy-java affects watsonx.data

Summary snappy-java is vulnerable to a denial of service attacks, which could affect watsonx.data. Vulnerability Details CVEID:CVE-2023-34455 DESCRIPTION: snappy-java is vulnerable to a denial of service, caused by the use of an unchecked chunk length in the hasNextChunk function. By sending a...

Security Bulletin: Vulnerability in json-path affects watsonx.data

Summary json-path is vulnerable to a stack-based buffer overflow allowing an attacker to cause an uncontrolled recursion which results in a denial of service condition. This affects watsonx.data. Vulnerability Details CVEID:CVE-2023-51074 DESCRIPTION: json-path is vulnerable to a denial of servic...

Security Bulletin: Vulnerabilities in JetBrains Kotlin affects watsonx.data

Summary jetBrains Kotlin is vulnerable to sensitive data disclosure and to weaker than expected security. These could affect watsonx.data. Vulnerability Details CVEID:CVE-2020-29582 DESCRIPTION: JetBrains Kotlin could allow a local authenticated attacker to obtain sensitive information, caused by...

Security Bulletin: Vulnerability in GNU Wget affects watsonx.data

Summary GNU Wget could allow a remote authenticated attacker to bypass security restrictions, and this could affect watsonx.data. Vulnerability Details CVEID:CVE-2024-38428 DESCRIPTION: GNU Wget could allow a remote authenticated attacker to bypass security restrictions, caused by the mishandling...

Security Bulletin: Vulnerability in jackson-databind affects IBM watsonx.data

Summary FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization. This could affect IBM watsonx.data. Vulnerability Details CVEID:CVE-2020-36188 DESCRIPTION: FasterXML jackson-databind could allow a remote attacker to...

Security Bulletin: Vulnerabilities in Eclipse Jetty and JUnit4 affect watsonx.data

Summary Eclipse Jetty could allow remote attacks to obtain sensitive information and JUnit4 could allow a local attacker to obtain sensitive information. These can affect watsonx.data. Vulnerability Details CVEID:CVE-2019-10246 DESCRIPTION: Eclipse Jetty could allow a remote attacker to obtain...

Security Bulletin: Vulnerability in Netty affects watsonx.data

Summary Netty is vulnerable to a denial of service, caused by a StackOverflowError in HAProxyMessageDecoder. This can affect watsonx.data. Vulnerability Details CVEID:CVE-2022-41881 DESCRIPTION: Netty is vulnerable to a denial of service, caused by a StackOverflowError in HAProxyMessageDecoder. B...

Dell Rugged Control Center Access Control Error Vulnerability (CNVD-2024-0019327)

Dell Rugged Control Center is an application from Dell USA. It allows a range of settings to be configured on the ruggedized device, such as application settings, keyboard backlight settings, night mode settings, stealth mode settings, window settings, antenna switch settings and GPS settings. An...

Dell Rugged Control Center 安全漏洞

Dell Rugged Control Center is an application from Dell USA. It allows a range of settings to be configured on the ruggedized device, such as application settings, keyboard backlight settings, night mode settings, stealth mode settings, window settings, antenna switch settings and GPS settings. An...

Input validation

In declareDuplicatePermission of ParsedPermissionUtils.java, there is a possible way to obtain a dangerous permission without user consent due to improper input validation. This could lead to local escalation of privilege during app installation or upgrade with no additional execution privileges...

CVE-2022-24812

Grafana is an open-source platform for monitoring and observability. When fine-grained access control is enabled and a client uses Grafana API Key to make requests, the permissions for that API Key are cached for 30 seconds for the given organization. Because of the way the cache ID is constructe...

CVE-2019-18244

In OSIsoft PI System multiple products and versions, a local attacker could view sensitive information in log files when service accounts are customized during installation or upgrade of PI Vision. The update fixes a previously reported issue...

Compatibility update for installing Windows 10, version 1803: May 21, 2019

Compatibility update for installing Windows 10, version 1803: May 21, 2019 Summary This update makes improvements to ease the installation experience when updating to Windows 10, version 1803. How to get this update This update is available through Windows Update. It will be downloaded and...

Remote Command Execution in git client (CVE-2017-12426)

Remote Command Execution in git client CVE-2017-12426 An external code review performed by Recurity-Labs identified a remote command execution vulnerability in git that could be exploited via the "Repo by URL" import option in GitLab. The command line git client was not properly escaping command...

CVE-2014-7170

Race condition in Puppet Server 0.2.0 allows local users to obtain sensitive information by accessing it in between package installation or upgrade and the start of the service...

[SECURITY] [DSA 173-1] New bugzilla packages fix privilege escalation

-------------------------------------------------------------------------- Debian Security Advisory DSA 173-1 [email protected] http://www.debian.org/security/ Martin Schulze October 9th, 2002 http://www.debian.org/security/faq -...