Update 21.1 for Microsoft Dynamics 365 Business Central (on-premises) 2022 Release Wave 2 (Application Build 21.1.48638, Platform Build 21.0.48504)

Update 21.1 for Microsoft Dynamics 365 Business Central on-premises 2022 Release Wave 2 Application Build 21.1.48638, Platform Build 21.0.48504 Overview This update replaces previously released updates. You should always install the latest update. This update also fixes an information disclosure...

[SECURITY] Fedora 36 Update: samba-4.16.6-0.fc36

Samba is the standard Windows interoperability suite of programs for Linux and Unix...

Atomicity Literally NOT Guaranteed

Lines of code Vulnerability details Impact According to the Arbitrum documentation, "... Cross chain and cross shard interoperability is a hard problem, ... It's important to differentiate between calls from Ethereum to Arbitrum and calls from Arbitrum to Ethereum. Ethereum contracts can send...

[SECURITY] Fedora 37 Update: samba-4.17.0-1.fc37

Samba is the standard Windows interoperability suite of programs for Linux and Unix...

Security Bulletin: A security vulnerability in FileNet Content Management Interoperability Services (CMIS) might affect IBM Business Automation Workflow and IBM Business Process Manager (BPM) (CVE-2018-1364)

Summary An XML external entity security vulnerability has been reported for FileNet Content Management Interoperability Services CMIS shipped with IBM Business Automation Workflow and IBM BPM. Vulnerability Details CVEID: CVE-2018-1364 DESCRIPTION: IBM Content Navigator 2.0 and 3.0 is vulnerable ...

Samba 安全漏洞

Samba is the standard Windows interoperability program suite for Linux and Unix. A security vulnerability exists in Samba that stems from not verifying the write permission of dnsHostname...

[SECURITY] Fedora 35 Update: samba-4.15.9-0.fc35

Samba is the standard Windows interoperability suite of programs for Linux and Unix...

CVE-2022-36007

Venice (com.github.jlangch:venice) contains a Partial Path Traversal flaw in the load-file and load-resource functions. When given absolute paths whose name prefix matches a configured load path (e.g., "/Users/foo/resources"), an attacker can access files outside the intended directory (e.g., "/U...

CVE-2022-36007 Partial Path Traversal in com.github.jlangch:venice

Venice is a Clojure inspired sandboxed Lisp dialect with excellent Java interoperability. A partial path traversal issue exists within the functions load-file and load-resource. These functions can be limited to load files from a list of load paths. Assuming Venice has been configured with the lo...

PT-2022-20573 · Unknown · Lti 1.3 Tool Library

Name of the Vulnerable Software and Affected Versions: LTI 1.3 Tool Library versions prior to 5.0 Description: The issue concerns the Nonce Claim Value not being validated against the nonce value sent in the Authentication Request. This affects the LTI 1.3 Tool Library, a library used for buildin...

LTI 1.3 Tool Library 安全特征问题漏洞

The LTI 1.3 Tool Library is a library of LTI 1.3 tool providers for building IMS certifications in PHP. A security feature issue vulnerability exists in versions of the LTI 1.3 Tool Library prior to 5.0, which stems from the LTI 1.3 Tool Library is a library used to build LTI 1.3 tool providers f...

KuppingerCole rates Microsoft as outstanding in functionality for secure collaboration

We are excited to share that Microsoft has been rated "Outstanding in Functionality" in the KuppingerCole Market Compass for Secure Collaboration, May 2022. Microsoft was also the only company to be awarded the highest possible score of "Strong Positive" in all five categories: security,...

KuppingerCole rates Microsoft as outstanding in functionality for secure collaboration

We are excited to share that Microsoft has been rated "Outstanding in Functionality" in the KuppingerCole Market Compass for Secure Collaboration, May 2022. Microsoft was also the only company to be awarded the highest possible score of "Strong Positive" in all five categories: security,...

CVE-2021-32966

Philips Interoperability Solution XDS versions 2.5 through 3.11 and 2018-1 through 2021-1 are vulnerable to clear text transmission of sensitive information when configured to use LDAP via TLS and where the domain controller returns LDAP referrals, which may allow an attacker to remotely read LDA...

CVE-2021-32966

Philips Interoperability Solution XDS versions 2.5 through 3.11 and 2018-1 through 2021-1 are vulnerable to clear text transmission of sensitive information when configured to use LDAP via TLS and where the domain controller returns LDAP referrals, which may allow an attacker to remotely read LDA...

Design/Logic Flaw

Philips Interoperability Solution XDS versions 2.5 through 3.11 and 2018-1 through 2021-1 are vulnerable to clear text transmission of sensitive information when configured to use LDAP via TLS and where the domain controller returns LDAP referrals, which may allow an attacker to remotely read LDA...

CVE-2021-32966 Philips Interoperability Solution XDS - Clear Text Transmission of Sensitive Information

Philips Interoperability Solution XDS versions 2.5 through 3.11 and 2018-1 through 2021-1 are vulnerable to clear text transmission of sensitive information when configured to use LDAP via TLS and where the domain controller returns LDAP referrals, which may allow an attacker to remotely read LDA...

CVE-2021-32966

The CVE-2021-32966 issue affects Philips Interoperability Solution XDS (versions 2.5–3.11 and 2018-1–2021-1). It describes clear text transmission of sensitive information when LDAP is used over TLS and the LDAP domain controller returns referrals, potentially allowing an attacker to remotely rea...

CVE-2021-32966 Philips Interoperability Solution XDS - Clear Text Transmission of Sensitive Information

Philips Interoperability Solution XDS versions 2.5 through 3.11 and 2018-1 through 2021-1 are vulnerable to clear text transmission of sensitive information when configured to use LDAP via TLS and where the domain controller returns LDAP referrals, which may allow an attacker to remotely read LDA...

Cesanta MJS has an unspecified vulnerability (CNVD-2022-77023)

Cesanta MJS is an embedded JavaScript engine for C/C from Cesanta Ireland. It is designed for microcontrollers with limited resources. The main design goals are small footprint and simple C/C interoperability.Cesanta MJS has a security vulnerability that could be exploited by an attacker to cause...