266 matches found
DEBIAN-CVE-2023-52741
In the Linux kernel, the following vulnerability has been resolved: cifs: Fix use-after-free in rdata-readintopages When the network status is unstable, use-after-free may occur when read data from the server. BUG: KASAN: use-after-free in readpagesfillpages+0x14c/0x7e0 Call Trace:...
UBUNTU-CVE-2023-52741
In the Linux kernel, the following vulnerability has been resolved: cifs: Fix use-after-free in rdata-readintopages When the network status is unstable, use-after-free may occur when read data from the server. BUG: KASAN: use-after-free in readpagesfillpages+0x14c/0x7e0 Call Trace:...
CVE-2024-5098
A vulnerability has been found in SourceCodester Simple Inventory System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file login.php. The manipulation of the argument username leads to sql injection. The exploit has been disclosed to the public...
python-into-dbus-python bug fix and enhancement update
An update is available for python-into-dbus-python. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the...
CVE-2023-39495
PDF-XChange Editor readFileIntoStream Exposed Dangerous Function Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that t...
into-highschool.nl Improper Access Control vulnerability OBB-3922310
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
CVE-2023-48251
The vulnerability allows a remote attacker to authenticate to the SSH service with root privileges through a hidden hard-coded account...
Medium: python-cryptography
Issue Overview: cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. In affected versions Cipher.updateinto would accept Python objects which implement the buffer protocol, but provide only immutable buffers. This would allow immutable objects su...
Manage Enterprise Risk at Scale with a Unified, Holistic Approach
The rapid pace of technological change and the attendant rise of cyber threats in both speed and number leave most organizations at a disadvantage. Historically, many firms faced this challenge simply by purchasing more technology in the hopes that the latest threat protection software would keep...
python-cryptography: memory corruption via immutable objects
A vulnerability was found in python-cryptography. In affected versions, Cipher.updateinto would accept Python objects which implement the buffer protocol but provide only immutable buffers. This issue allows immutable objects such as bytes to be mutated, thus violating the fundamental rules of...
python-cryptography: memory corruption via immutable objects
A vulnerability was found in python-cryptography. In affected versions, Cipher.updateinto would accept Python objects which implement the buffer protocol but provide only immutable buffers. This issue allows immutable objects such as bytes to be mutated, thus violating the fundamental rules of...
python-cryptography: memory corruption via immutable objects
A vulnerability was found in python-cryptography. In affected versions, Cipher.updateinto would accept Python objects which implement the buffer protocol but provide only immutable buffers. This issue allows immutable objects such as bytes to be mutated, thus violating the fundamental rules of...
python-cryptography: memory corruption via immutable objects
A vulnerability was found in python-cryptography. In affected versions, Cipher.updateinto would accept Python objects which implement the buffer protocol but provide only immutable buffers. This issue allows immutable objects such as bytes to be mutated, thus violating the fundamental rules of...
python-cryptography: memory corruption via immutable objects
A vulnerability was found in python-cryptography. In affected versions, Cipher.updateinto would accept Python objects which implement the buffer protocol but provide only immutable buffers. This issue allows immutable objects such as bytes to be mutated, thus violating the fundamental rules of...
3 Reasons SaaS Security is the Imperative First Step to Ensuring Secure AI Usage
In today's fast-paced digital landscape, the widespread adoption of AI Artificial Intelligence tools is transforming the way organizations operate. From chatbots to generative AI models, these SaaS-based applications offer numerous benefits, from enhanced productivity to improved decision-making...
intothyword.org Cross Site Scripting vulnerability OBB-3422896
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
The vulnerability of the Cipher.update_into function in the Python programming language-based cryptography interpreter allows a attacker to compromise the integrity and accessibility of the output data.
The vulnerability of the Cipher.updateinto function in the Python programming language’s cryptographic library is related to insufficient checking of unusual or exceptional states. Exploiting this vulnerability could allow a malicious actor to compromise the integrity and accessibility of the...
SUSE CVE-2006-7224
DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2006-7227, CVE-2005-4872, CVE-2006-7228. Reason: this candidate was SPLIT into other identifiers in order to reflect different affected versions and distinct vendor fixes. Notes: All CVE users should consult CVE-2006-7227, CVE-2005-4872, and...
SUSE CVE-2013-4349
DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2012-4540. Reason: This candidate was MERGED into CVE-2012-4540, since it was later discovered that it affected an additional version, but it does not constitute a regression error. Notes: All CVE users should reference CVE-2012-4540 instead of th...
PYSEC-2023-11
cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. In affected versions Cipher.updateinto would accept Python objects which implement the buffer protocol, but provide only immutable buffers. This would allow immutable objects such as bytes to b...