NeuVector process with sensitive arguments lead to leakage

Impact When a Java command with password parameters is executed and terminated by NeuVector for Process rule violation. For example, java -cp /app ... Djavax.net.ssl.trustStorePassword= The command with the password appears in the NeuVector security event. To prevent this, NeuVector uses the...

CVE-2021-28692

inappropriate x86 IOMMU timeout detection / handling IOMMUs process commands issued to them in parallel with the operation of the CPUs issuing such commands. In the current implementation in Xen, asynchronous notification of the completion of such commands is not used. Instead, the issuing CPU...

Google Chrome ProcessCommandsInternal Function Denial of Service Vulnerability

Google Chrome is a web browsing tool developed by Google. A denial of service vulnerability exists in the function ProcessCommandsInternal in dec/decode.c within Brotli in versions of Google Chrome prior to 48.0.2564.109, which can cause a denial of service by a remote attacker with data compress...

DEBIAN-CVE-2016-1624

Integer underflow in the ProcessCommandsInternal function in dec/decode.c in Brotli, as used in Google Chrome before 48.0.2564.109, allows remote attackers to cause a denial of service buffer overflow or possibly have unspecified other impact via crafted data with brotli compression...

CuteNews 1.4.6 - 'index.php' Multiple Cross-Site Scripting Vulnerabilities

source: https://www.securityfocus.com/bid/36971/info CuteNews and UTF-8 CuteNews are prone to multiple vulnerabilities, including cross-site scripting, HTML-injection, information-disclosure, arbitrary-script-injection, and security-bypass issues. Note that exploits for some of the issues may...