CVE-2023-25575: Secured properties may be accessible within collections

Impact Resource properties secured with the security option of the ApiPlatform\Metadata\ApiProperty attribute can be disclosed to unauthorized users. The problem affects most serialization formats, including raw JSON, which is enabled by default when installing API Platform. Custom serialization...

api-platform/core's secured properties may be accessible within collections

API Platform Core is the server component of API Platform: hypermedia and GraphQL APIs. Resource properties secured with the security option of the ApiPlatform\Metadata\ApiProperty attribute can be disclosed to unauthorized users. The problem affects most serialization formats, including raw JSON...

Introducing Microservices Patterns with Spring Integration

Hey Spring Community! I hope you are enjoying Spring One Essentials these days. The most exciting feature for me is an Observability which is spread throughout the Spring portfolio from now on. Nevertheless, today Id like to share with a project Im working on since holidays, where the mentioned...

Introducing Microservices Patterns with Spring Integration

Hey Spring Community! I hope you are enjoying Spring One Essentials these days. The most exciting feature for me is an Observability which is spread throughout the Spring portfolio from now on. Nevertheless, today I’d like to share with a project I’m working on since holidays, where the mentioned...

Malicious code in amount-normalizer (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware d09735973491e8bc50b7327031ed78e899206756947f1e87796071689767917d Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2022-974 Malicious code in amount-normalizer (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware d09735973491e8bc50b7327031ed78e899206756947f1e87796071689767917d Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

OracleRef assumes backup oracle uses the same normalizer as main oracle

Lines of code Vulnerability details Impact The OracleRef assumes that the backup oracle uses the same normalizer as the main oracle. This generally isn't the case as it could be a completely different oracle, not even operated by Chainlink. If the main oracle fails, the backup oracle could be...

CVE-2021-34793

A vulnerability in the TCP Normalizer of Cisco Adaptive Security Appliance ASA Software and Firepower Threat Defense FTD Software operating in transparent mode could allow an unauthenticated, remote attacker to poison MAC address tables, resulting in a denial of service DoS vulnerability. This...

CVE-2021-34793

CVE-2021-34793 is a DoS vulnerability in Cisco ASA/FTD software (transparent mode) due to improper handling of certain TCP segments by the TCP Normalizer, allowing an unauthenticated remote attacker to poison MAC address tables and disrupt networks. Affected products include Cisco ASA and Cisco F...

CVE-2021-34793 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Transparent Mode Denial of Service Vulnerability

A vulnerability in the TCP Normalizer of Cisco Adaptive Security Appliance ASA Software and Firepower Threat Defense FTD Software operating in transparent mode could allow an unauthenticated, remote attacker to poison MAC address tables, resulting in a denial of service DoS vulnerability. This...

CVE-2021-34793 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Transparent Mode Denial of Service Vulnerability

A vulnerability in the TCP Normalizer of Cisco Adaptive Security Appliance ASA Software and Firepower Threat Defense FTD Software operating in transparent mode could allow an unauthenticated, remote attacker to poison MAC address tables, resulting in a denial of service DoS vulnerability. This...

Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Transparent Mode Denial of Service Vulnerability

A vulnerability in the TCP Normalizer of Cisco Adaptive Security Appliance ASA Software and Firepower Threat Defense FTD Software operating in transparent mode could allow an unauthenticated, remote attacker to poison MAC address tables, resulting in a denial of service DoS vulnerability. This...

PT-2021-5001 · Cisco · Cisco Asa +1

Name of the Vulnerable Software and Affected Versions: Cisco Adaptive Security Appliance ASA Software and Firepower Threat Defense FTD Software affected versions not specified Description: A vulnerability in the TCP Normalizer of Cisco Adaptive Security Appliance ASA Software and Firepower Threat...

Malicious Package

Overview arabic-normalizer is a malicious package. Affected versions of this package were found to be a Malicious Package, as it utilised typosquatting to run Malicious 3rd party scripts. It replaced genuine packages using an and replaced it with - and vice versa Remediation Avoid using...

Cisco ASA Software TCP Normalizer Denial of Service Vulnerability (cisco-sa-20170419-asa-norm)

A vulnerability in the TCP normalizer of Cisco Adaptive Security Appliance ASA Software could allow an unauthenticated, remote attacker to cause Cisco ASA to drop any further incoming traffic on all interfaces, resulting in a denial of service DoS condition. Copyright C 2017 Greenbone Networks Gm...

Cisco ASA Software and Cisco FTD Software TCP Normalizer Denial of Service Vulnerability

A vulnerability in the TCP normalizer of Cisco Adaptive Security Appliance ASA Software and Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to cause Cisco ASA and FTD to drop any further incoming traffic on all interfaces, resulting in a denial of servi...

Suricata IDPE 2.0.3 - Open Source Next Generation Intrusion Detection and Prevention Engine

The Suricata Engine is an Open Source Next Generation Intrusion Detection and Prevention Engine. This engine is not intended to just replace or emulate the existing tools in the industry, but will bring new ideas and technologies to the field. OISF is part of and funded by the Department of...

Fedora 16 : java-1.6.0-openjdk-1.6.0.0-67.1.11.3.fc16 (2012-9545)

Security fixes S7079902, CVE-2012-1711: Refine CORBA data models S7110720: Issue with vm config file loadingIssue with vm config file loading S7143606, CVE-2012-1717: File.createTempFile should be improved for temporary files created by the platform. S7143614, CVE-2012-1716: SynthLookAndFeel...

Mac OS X 10.6.3 Update / Mac OS X Security Update 2010-002

The remote host is missing Mac OS X 10.6.3 Update / Mac OS X Security Update 2010-002. SPDX-FileCopyrightText: 2010 LSS Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later ifdescription...

Mac OS X 10.6.3 Update / Mac OS X Security Update 2010-002

The remote host is missing Mac OS X 10.6.3 Update / Mac OS X Security Update 2010-002. One or more of the following components are affected: AppKit Application Firewall AFP Server Apache ClamAV CoreAudio CoreMedia CoreTypes CUPS curl Cyrus IMAP Cyrus SASL DesktopServices Disk Images Directory...