2544 matches found
MAL-2022-5662 Malicious code in react-optimization (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 6b90d112d4cf18b4911d3ade2a096e55ec822a1fed4f5396dac601a658618bda Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MGASA-2022-0234 Updated php packages fix security vulnerability
CLI -Fixed bug 8575 CLI closes standard streams too early. Core -Fixed Haiku ZTS builds. Date -Fixed bug 8471 Segmentation fault when converting immutable and mutable DateTime instances created using reflection. php-fpm - Fixed bug 72185 writes empty fcgi record causing nginx 502. Mysqlnd - Fixed...
GHSA-3PP4-64MP-9CG9 Memory Safety Issue when using `patch` or `merge` on `state` and assign the result back to `state`
Affected versions of this crate maintains references to memory that might have been freed already. If affects the following two tremor-script language constructs: A Merge where we assign the result back to the target expression and the expression to be merged needs to reference the event: let sta...
Memory Safety Issue when using `patch` or `merge` on `state` and assign the result back to `state`
Affected versions of this crate maintains references to memory that might have been freed already. If affects the following two tremor-script language constructs: A Merge where we assign the result back to the target expression and the expression to be merged needs to reference the event: let sta...
Identifying Cloud Waste to Contain Unnecessary Costs
Cloud adoption has exploded over the past decade or so, and for good reason. Many digital transformation advancements – and even the complete reimagination of entire industries – can be directly mapped and attributed to cloud innovation. While this rapid pace of innovation has had a profound impa...
Amazon Linux 2 : microcode_ctl (ALAS-2022-1800)
The version of microcodectl installed on the remote host is prior to 2.1-47. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2022-1800 advisory. A flaw was found in hw. Processor optimization removal or modification of security-critical code for some IntelR processors may...
Be Proactive! Shift Security Validation Left
"Shifting security" left approach in Software Development Life Cycle SDLC means starting security earlier in the process. As organizations realized that software never comes out perfectly and are riddled with many exploitable holes, bugs, and business logic vulnerabilities that require going back...
Creativeitem Academy-LMS 跨站脚本漏洞
Creativeitem Academy-LMS, an online learning platform from Creativeitem, Inc. A cross-site scripting vulnerability exists in Creativeitem Academy-LMS v4.3, which stems from a lack of data validation filtering of user-supplied data and output in the SEO panel. An attacker could exploit this...
CVE-2022-0307
Use after free in Optimization Guide in Google Chrome prior to 97.0.4692.99 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via a crafted HTML page...
DEBIAN-CVE-2022-21151
Processor optimization removal or modification of security-critical code for some IntelR Processors may allow an authenticated user to potentially enable information disclosure via local access...
Information disclosure
Processor optimization removal or modification of security-critical code for some IntelR Processors may allow an authenticated user to potentially enable information disclosure via local access...
CVE-2022-21151
Processor optimization removal or modification of security-critical code for some IntelR Processors may allow an authenticated user to potentially enable information disclosure via local access...
CVE-2022-21151
Processor optimization removal or modification of security-critical code for some IntelR Processors may allow an authenticated user to potentially enable information disclosure via local access...
CVE-2022-21151
Processor optimization removal or modification of security-critical code for some IntelR Processors may allow an authenticated user to potentially enable information disclosure via local access...
NewStart CGSL MAIN 6.02 : sqlite Multiple Vulnerabilities (NS-SA-2022-0052)
The remote NewStart CGSL host, running version MAIN 6.02, has sqlite packages installed that are affected by multiple vulnerabilities: - SQLite through 3.32.0 has an integer overflow in sqlite3strvappendf in printf.c. CVE-2020-13434 - In SQLite before 3.32.3, select.c mishandles query-flattener...
F5 Access for Android Information Disclosure Vulnerability
F5 Access is a US-based company that uses VPN and optimization technologies to protect and accelerate mobile device access to enterprise networks and applications. f5 Access for Android is vulnerable to an information disclosure vulnerability that could be exploited by attackers to gain access to...
USU Oracle Optimization Command Injection Vulnerability
USU Oracle Optimization is used to improve the performance of Oracle queries. command injection vulnerability exists in versions of USU Oracle Optimization prior to 5.17.5. The vulnerability stems from the fact that some common OS commands are blocked, but OS commands for base64 decoding are not...
USU Oracle Optimization Deserialization Vulnerability
USU Oracle Optimization is used to improve Oracle query performance.A deserialization vulnerability exists in versions of USU Oracle Optimization prior to 5.17, which originates from the Java deserialization of /v2/quantum/save-data-upload-big-file, and an attacker can exploit this vulnerability ...
USU Oracle Optimization Licensing Issue Vulnerability
USU Oracle Optimization is used to improve the performance of Oracle queries.USU Oracle Optimization versions prior to 5.17.5 have an authorization issue vulnerability that stems from a lack of Polkit authentication, which can be exploited by an attacker to achieve root user access via pkexec...
USU Oracle Optimization Information Disclosure Vulnerability
USU Oracle Optimization is used to improve Oracle query performance. versions prior to USU Oracle Optimization 5.17.5 contain an information disclosure vulnerability that could be exploited by an attacker to discover quantum credentials via a proxy installer download...