GitLab 安全漏洞

GitLab is an end-to-end software development platform provided by the American company GitLab. It includes built-in features such as version control, issue tracking, code review, and CI/CD Continuous Integration and Delivery. Prior to GitLab CE/EE 18.8.4, there was a security vulnerability. This...

IBM Security Guardium Path Traversal Vulnerability (CNVD-2024-0117144)

IBM Security Guardium is a suite of platforms from International Business Machines IBM that provide data protection capabilities. The platform includes features such as custom UI, report management and streamlined audit process building. A path traversal vulnerability exists in IBM Security...

SUSE CVE-2011-2646

Unspecified vulnerability in Kiwi before 3.74.2, as used in SUSE Studio 1.1 before 1.1.4, allows remote attackers to execute arbitrary code via a crafted filename in the list of testdrive modified files...

Security Bulletin: A vulnerability in Java SE affects IBM Control Center (CVE-2021-2369)

Summary A flaw in the JAR validation implementation may, under certain limited circumstances, lead to a failure to detect signedJAR files that have been modified. The fix ensures that JARs that have been modified since they were signed are properly detected and treated asunsigned. Vulnerability...

Input validation

An issue was discovered in Foxit PhantomPDF before 8.3.10. It allows signature validation bypass via a modified file or a file with non-standard signatures...

Struts2 remote code execution vulnerability(S2-0 1 3) temporary solutions-vulnerability warning-the black bar safety net

Struts2 again broke remote code execution vulnerability, specifically as detailed in the Struts2 remote code execution vulnerability analysisS2-0 1 3 of The following is the LH Team out of a temporary solution: Modified files: org. apache. struts2. views. util. DefaultUrlHelper 2 8 1–2 8 4 lines:...

Code injection

Unspecified vulnerability in Kiwi before 3.74.2, as used in SUSE Studio 1.1 before 1.1.4, allows remote attackers to execute arbitrary code via a crafted filename in the list of testdrive modified files...

Code injection

Unspecified vulnerability in Kiwi before 3.74.2, as used in SUSE Studio 1.1 before 1.1.4, allows remote attackers to execute arbitrary code via a crafted archive name in the list of testdrive modified files...

CVE-2011-2647

Unspecified vulnerability in Kiwi before 3.74.2, as used in SUSE Studio 1.1 before 1.1.4, allows remote attackers to execute arbitrary code via a crafted archive name in the list of testdrive modified files...

Дырка в pico

Проблема символьных линков при сохранении измененных файлов...

Security Update for Microsoft SharePoint Server 2019 Core (KB5002825) farm-deployment

A security vulnerability exists in Microsoft SharePoint Server 2019 Core that could allow arbitrary code to run when a maliciously modified file is opened. This update resolves that vulnerability...

Security Update for Microsoft Office 2016 (KB5002838) 64-Bit Edition

A security vulnerability exists in Microsoft Office 2016 64-Bit Edition that could allow arbitrary code to run when a maliciously modified file is opened. This update resolves that vulnerability...