EUVD-2023-47237

Malicious code in bioql PyPI...

Design/Logic Flaw

Kyverno is a policy engine designed for Kubernetes. A security vulnerability was found in Kyverno where an attacker could cause denial of service of Kyverno. The vulnerable component in Kyvernos Notary verifier. An attacker would need control over the registry from which Kyverno would fetch...

CVE-2023-42815 Denial of service from malicious image manifest in kyverno

Kyverno is a policy engine designed for Kubernetes. A security vulnerability was found in Kyverno where an attacker could cause denial of service of Kyverno. The vulnerability was in Kyvernos Notary verifier. An attacker would need control over the registry from which Kyverno would fetch...

CVE-2023-42816 Denial of service from malicious signature in kyverno

Kyverno is a policy engine designed for Kubernetes. A security vulnerability was found in Kyverno where an attacker could cause denial of service of Kyverno. The vulnerability was in Kyvernos Notary verifier. An attacker would need control over the registry from which Kyverno would fetch...

CVE-2019-9011

creationtimestamp| type| source ---|---|--- 2022-12-26 22:40:55+00:00| seen| https://t.me/cibsecurity/55364 2026-03-17 12:00:00+00:00| seen| https://www.cisa.gov/news-events/ics-advisories/icsa-26-076-01...

Heap overflow

Heap-based Buffer Overflow in GitHub repository strukturag/libde265 prior to and including 1.0.8. The fix is established in commit 8e89fe0e175d2870c39486fdd09250b230ec10b8 but does not yet belong to an official release...

CVE-2022-1253

Heap-based Buffer Overflow in GitHub repository strukturag/libde265 prior to and including 1.0.8. The fix is established in commit 8e89fe0e175d2870c39486fdd09250b230ec10b8 but does not yet belong to an official release...

WordPress 信息泄露漏洞

WordPress is a set of blogging platforms developed using the PHP language by the WordPress Wordpress Foundation. The platform supports setting up personal blog sites on servers with PHP and MySQL. WordPress 5.8 beta had an information disclosure vulnerability that could be exploited by an attacke...

SUSE-SU-2020:3514-1 Security update for ucode-intel

This update for ucode-intel fixes the following issues: - Updated Intel CPU Microcode to 20201118 official release. bsc1178971 - Removed TGL/06-8c-01/80 due to functional issues with some OEM platforms. - CVE-2020-8695: Fixed Intel RAPL sidechannel attack SGX INTEL-SA-00389 bsc1170446 -...

SUSE-SU-2019:3090-1 Security update for ucode-intel

This update for ucode-intel fixes the following issues: - Updated to 20191115 official security release bsc1157004...

Tor Browser for Android — First Official App Released On Play Store

Wohooo! Great news for privacy-focused users. Tor Browser, the most popular privacy-focused browser, for Android is finally out of beta, and the first stable version has now arrived on Google Play Store for anyone to download. The Tor Project announced Tuesday the first official stable release of...

Code Execution Vulnerability in Frontend of zzzcms V1.5.8 Official Version

zzcms is a free and open source building system, mainly facing the majority of webmasters use. zzzcms V1.5.8 official version of the foreground there is a code execution vulnerability, an attacker can use the vulnerability to obtain control of the web server...

Epic Games Fortnite for Android–APK Downloads Leads to Malware

Given Fortnite's current popularity and craziness across the globe, we understand if you have been searching the web for download links to Fortnite APK for Android phone. However, you are not alone, thousands of people out there are also searching tutorials and links for, "how to install Fortnite...

CVE-2017-8833

Zen Cart 1.6.0 has XSS in the mainpage parameter to index.php. NOTE: 1.6.0 is not an official release but the vendor's README.md file offers a link to v160.zip with a description of "Download latest in-development version from github."...

Immediately following Google's footsteps, Samsung repair Galaxy high-risk vulnerabilities-vulnerability warning-the black bar safety net

Samsung this month released the latest version of bug fixes, contains the arbitrary code execution, memory error, reset factory settings, and re-activate the locks, FRP/RL）vulnerability patch. The official Google fix Galaxy vulnerability With this update, the official total fix for Galaxy devices...

Windows 10 to deliver updates and App downloads via Peer-to-Peer Technology

Does downloading Windows updates from Microsoft's servers and waiting too long really annoy you? It might not be with the arrival of Windows 10. Microsoft seems to make a major change in Windows 10 to the way it delivers updates for the software. The leaked version of Windows 10 build 10036 the...

Crlf injection

CRLF injection vulnerability in index.php in Drake CMS 0.4.0 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via CRLF sequences in the lang parameter. NOTE: Drake CMS has only a beta version available, and the vendor has previously stated "We d...

Directory traversal

Directory traversal vulnerability in 404.php in Drake CMS allows remote attackers to include and execute arbitrary local arbitrary files via a .. dot dot in the dprivate parameter. NOTE: some of these details are obtained from third party information. NOTE: Drake CMS has only a beta version...