The vulnerability of the Apache Linkis application connection, management, and orchestration software lies in the recovery of unreliable data in memory, allowing an attacker to execute arbitrary code.

The vulnerability of the Apache Linkis application programming interface for connecting, managing, and orchestrating applications is related to the recovery of unreliable data in memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

The vulnerability of the Core Telephony framework in operating systems such as Mac OS, iOS, iPadOS, and watchOS allows attackers to circumvent security restrictions.

The vulnerability of the Core Telephony framework in operating systems such as Mac OS, iOS, iPadOS, and watchOS relates to the restoration of unreliable data in memory. Exploiting this vulnerability can allow a malicious actor to bypass security restrictions remotely...

The vulnerability of the JMX data management platform of Apache Geode allows an attacker to execute arbitrary code.

The vulnerability of the JMX data management platform of Apache Geode involves the restoration of unreliable data in memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

The vulnerability in the function of stapler/core/src/main/java/org/kohsuke/stapler/MetaClass.java of the Jenkins Automation Server component allows a hacker to execute arbitrary code.

The vulnerability in the stapler/core/src/main/java/org/kohsuke/stapler/MetaClass.java file of the Jenkins Automation Server’s Stapler component relates to the restoration of unreliable data in memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

The vulnerability of the application development environment for ISaGRAF Workbench’s programmable logic controllers allows a hacker to execute arbitrary code by restoring unreliable data in memory.

The vulnerability of the development environment for ISaGRAF Workbench programmable logic controllers is related to the restoration of unreliable data in memory. Exploiting this vulnerability can allow an attacker to execute arbitrary code...

The vulnerability of the software responsible for creating, monitoring, and orchestrating data processing scripts in Airflow lies in its ability to restore unreliable data structures in memory, allowing an attacker to execute arbitrary code or cause service failures.

The vulnerability of the software used for creating, monitoring, and orchestrating data processing scripts in Airflow is related to the restoration of unreliable data structures in memory. Exploiting this vulnerability allows a malicious actor to execute arbitrary code or cause service failures...

The vulnerability of the Spring Framework configuration implementation for microprogramming sensors for monitoring the Keysight N6841A RF device and the Keysight N6854A geolocation sensors allows a perpetrator to execute arbitrary code.

The vulnerability of the Spring Framework configuration for microprogramming sensors for monitoring Keysight N6841A RF devices, as well as the microprogramming software for geolocation systems from Keysight N6854A, lies in the recovery of unreliable data structures in memory. Exploiting this...

The vulnerability of the SIMATIC Energy Manager Basic and SIMATIC Energy Manager PRO software lies in the ability to restore unreliable data in memory, allowing a perpetrator to execute arbitrary code.

The vulnerability of the SIMATIC Energy Manager Basic and SIMATIC Energy Manager PRO software lies in the ability to restore unreliable data in memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

CVE-2022-2097

AES OCB mode for 32-bit x86 platforms using the AES-NI assembly optimised implementation will not encrypt the entirety of the data under some circumstances. This could reveal sixteen bytes of data that was preexisting in the memory that wasn't written. In the special case of "in place" encryption...

Citrix Hypervisor Security Update

A security issue has been identified in Citrix Hypervisor 7.1 LTSR CU2 that may allow privileged code in a PV guest VM to compromise the host. Citrix believes that there would be significant complexity in performing this attack in Citrix Hypervisor. The issue has the following CVE identifier:...

The vulnerability of the Hazelcast platform, a software product for data processing, in the Atlassian Bitbucket Data Center allows a perpetrator to execute arbitrary code.

The vulnerability of the Hazelcast platform, a software product for data processing, in the Atlassian/Bitbucket Data Center environment, relates to the restoration of unreliable data in memory. Exploiting this vulnerability could allow an attacker operating remotely to execute arbitrary code...

The vulnerability of the Jenkins automation server, related to the restoration of unreliable data in memory, allows a hacker to execute arbitrary code.

The vulnerability of the Jenkins automation server relates to the restoration of unreliable data in memory. Exploiting this vulnerability allows a malicious actor, operating remotely, to execute arbitrary code by sending a serialized Java object called SignedObject to the Jenkins CLI...

The vulnerability of the software for designing and configuring the Connected Components Workbench (CCW) from Rockwell Automation, related to the restoration of unreliable data in memory, allows a hacker to execute arbitrary code.

The vulnerability of the software used for designing and configuring the Connected Components Workbench CCW from Rockwell Automation lies in the ability to restore unreliable data in memory. Exploiting this vulnerability could allow an attacker to execute arbitrary code...

Adobe Acrobat Reader Dc缓冲区错误漏洞

Adobe Acrobat Reader Dc is a Pdf reading tool from Adobe USA. Adobe Acrobat Reader DC versions 21.007.20099 and earlier, 20.004.30017 and earlier, and 17.011.30204 and earlier contain a buffer error vulnerability that stems from the fact that the vulnerability stems from a networked system or...

Vulnerability fixed in AMD processors

AMD has fixed a vulnerability with reference CVE-2021-26401 for the Ryzen and Athlon processors. This vulnerability has the same cause as the vulnerability known as Spectre, with attribute CVE-2017-5717. This vulnerability allows a malicious party to obtain sensitive data from the memory of a loc...

The vulnerability of the Chart component in the SolarWinds Patch Manager software allows a hacker to execute arbitrary code by restoring unreliable data in memory.

The vulnerability of the Chart component in the SolarWinds Patch Manager software involves the restoration of unreliable data in memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

Vulnerability Spotlight: Vulnerability in Apple iOS, iPad OS and MacOS could lead to disclosure of sensitive memory data

Jaewon Min of Cisco Talos discovered these vulnerabilities. Blog by Jon Munshaw. Cisco Talos recently discovered an out-of-bounds read vulnerability in Apple’s macOS and iOS operating systems that could lead to the disclosure of sensitive memory content. An attacker could capitalize on that... Th...

The vulnerability of the EditResourceControls component in the SolarWinds Patch Manager software allows a hacker to execute arbitrary code.

The vulnerability of the EditResourceControls component in the SolarWinds Patch Manager software relates to the restoration of unreliable data in memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

Important: redis:5 security update

Redis is an advanced key-value store. It is often referred to as a data-structure server since keys can contain strings, hashes, lists, sets, and sorted sets. For performance, Redis works with an in-memory data set. You can persist it either by dumping the data set to disk every once in a while, ...

The vulnerability of the pickle.load() function in Manuscript software, related to the restoration of unreliable data in memory, allows a perpetrator to gain access to confidential data, compromise its integrity, and cause service failures.

The vulnerability of the pickle.load function in software for manuscript writers involves restoring unreliable data in memory. Exploiting this vulnerability can allow a malicious actor to gain access to confidential data, compromise its integrity, and even cause service failures...