Lucene search
+L

63 matches found

GithubExploit
GithubExploit
added 2024/01/28 8:3 p.m.782 views

Exploit for Deserialization of Untrusted Data in Alibaba Fastjson

json.org CVE-2022-45688 true & false positive WTF ?? The p...

9.8CVSS7.7AI score0.17767EPSS
Exploits9
The Hacker News
The Hacker News
added 2024/01/24 9:1 a.m.42 views

The Unknown Risks of The Software Supply Chain: A Deep-Dive

In a world where more & more organizations are adopting open-source components as foundational blocks in their application's infrastructure, it's difficult to consider traditional SCAs as complete protection mechanisms against open-source threats. Using open-source libraries saves tons of coding...

9.8CVSS7.4AI score0.12661EPSS
Exploits0
Qualys Blog
Qualys Blog
added 2023/10/17 6:46 a.m.26 views

Discover and Assess the Risk of Embedded Open-Source Software (OSS) Vulnerabilities

Runtime Software Composition Analysis with the Qualys Cloud Agent In a blog post published last week, we discussed the importance of managing risk across software developed in-house. A great deal of that risk is introduced by vulnerabilities in open-source packages like Log4Shell, OpenSSL, etc...

7.4AI score
Exploits0
The Hacker News
The Hacker News
added 2023/10/03 11:48 a.m.57 views

Protecting your IT infrastructure with Security Configuration Assessment (SCA)

Security Configuration Assessment SCA is critical to an organization's cybersecurity strategy. SCA aims to discover vulnerabilities and misconfigurations that malicious actors exploit to gain unauthorized access to systems and data. Regular security configuration assessments are essential in...

7.1AI score
Exploits0
Kitploit
Kitploit
added 2023/04/05 12:30 p.m.141 views

Grepmarx - A Source Code Static Analysis Platform For AppSec Enthusiasts

Grepmarx is a web application providing a single platform to quickly understand, analyze and identify vulnerabilities in possibly large and unknown code bases. Features SAST Static Analysis Security Testing capabilities: Multiple languages support: C/C++, C, Go, HTML, Java, Kotlin, JavaScript,...

7.8AI score
Exploits0References9
SUSE CVE
SUSE CVE
added 2023/02/15 6:4 a.m.5 views

SUSE CVE-2009-0906

The Service Component Architecture SCA feature pack for IBM WebSphere Application Server WAS SCA 1.0 before 1.0.0.3 allows remote authenticated users to bypass intended authentication.transport access restrictions and obtain unspecified access via unknown vectors...

6.5CVSS6.7AI score0.01205EPSS
Exploits0References3
OSV
OSV
added 2022/12/15 9:43 a.m.13 views

SUSE-FU-2022:4496-1 Feature update for SCA patterns

This update for SCA patterns fixes the following issues: sca-patterns-base: - Version update from 1.3.1 to 1.5.0 to implement the conversion of SCA Tool to Python3 jscSLE-25064, jscSLE-24335: Convert SCA Tool from Python2 to Python3 bsc1191005, SLE-21579 Added Core.loadFullFile for sectionless...

10CVSS7.2AI score0.99512EPSS
Exploits81References69
NVD
NVD
added 2022/08/24 4:15 p.m.12 views

CVE-2021-4142

The Candlepin component of Red Hat Satellite was affected by an improper authentication flaw. Few factors could allow an attacker to use the SCA simple content access certificate for authentication with Candlepin...

5.5CVSS0.00166EPSS
Exploits0References5
OSV
OSV
added 2022/08/24 4:15 p.m.15 views

CVE-2021-4142

The Candlepin component of Red Hat Satellite was affected by an improper authentication flaw. Few factors could allow an attacker to use the SCA simple content access certificate for authentication with Candlepin...

5.5CVSS9.5AI score0.00166EPSS
Exploits0References5
Prion
Prion
added 2022/08/24 4:15 p.m.9 views

Authentication flaw

The Candlepin component of Red Hat Satellite was affected by an improper authentication flaw. Few factors could allow an attacker to use the SCA simple content access certificate for authentication with Candlepin...

1.7CVSS5.8AI score0.00166EPSS
Exploits0References5Affected Software1
OSV
OSV
added 2022/06/20 8:12 p.m.7 views

MAL-2022-3835 Malicious code in ing-orange-login-sca-es (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 8ead5ed601ba0e5ae4f1c0bb3896d3e65abf85e1407cbed94361b44a0e676793 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score
Exploits0References1
OSV
OSV
added 2022/06/20 8:12 p.m.10 views

MAL-2022-3819 Malicious code in ing-app-login-sca-es (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 2733895abf197c52df4677d58952c072674d664777a0ff775d6bb7c7b9c59dbf Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score
Exploits0References1
ThreatPost
ThreatPost
added 2022/05/20 12:42 p.m.45 views

Closing the Gap Between Application Security and Observability

Infosec Insiders columnist Daniel Kaar, global director application security engineering at Dynatrace. When it’s all said and done, application security pros may come to look upon the Log4Shell vulnerability as a gift. Potentially one of the most devastating software flaws ever found, Log4Shell...

7.2AI score
Exploits0References3
OSV
OSV
added 2022/03/15 9:12 a.m.13 views

ALBA-2022:0897 subscription-manager bug fix and enhancement update

The subscription-manager packages provide programs and libraries to allow users to manage subscriptions and yum repositories from the AlmaLinux entitlement platform. Bug Fixes and Enhancements: Subscription manager sends redundant requests to the server in SCA mode BZ2044349...

7.1AI score
Exploits0
Rockylinux
Rockylinux
added 2022/03/15 9:12 a.m.16 views

subscription-manager bug fix and enhancement update

An update is available for subscription-manager. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The subscription-manager packages provide programs and libraries...

1AI score
Exploits0
AlmaLinux
AlmaLinux
added 2022/03/15 9:12 a.m.23 views

subscription-manager bug fix and enhancement update

The subscription-manager packages provide programs and libraries to allow users to manage subscriptions and yum repositories from the AlmaLinux entitlement platform. Bug Fixes and Enhancements: Subscription manager sends redundant requests to the server in SCA mode BZ2044349...

3AI score
Exploits0
RedhatCVE
RedhatCVE
added 2022/01/17 11:33 a.m.31 views

CVE-2021-4142

The Candlepin component of Red Hat Satellite was affected by an improper authentication flaw. Few factors could allow an attacker to use the SCA simple content access certificate for authentication with Candlepin. Mitigation Mitigation for this issue is not available because it doesnt meet the Re...

5.5CVSS1.6AI score0.00166EPSS
Exploits0References3
Rapid7 Blog
Rapid7 Blog
added 2021/11/10 2:26 p.m.13 views

tCell by Rapid7 Supports the Newly Released .NET 6.0

We’re excited to share that we've coordinated our recent .NET and .NET Core agent releases with the brand new .NET 6.0 release from Microsoft. What is tCell? Since the founding of tCell by Rapid7, our web application and API protection solution, we’ve prided ourselves on providing both breadth an...

6.8AI score
Exploits0
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.32 views

SUSE: Security Advisory (SUSE-SU-2021:1497-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.5CVSS7.3AI score0.0054EPSS
Exploits0References4
OSV
OSV
added 2021/05/04 3:16 p.m.9 views

SUSE-SU-2021:1497-1 Security update for sca-patterns-sle11

This update for sca-patterns-sle11 fixes the following issues: - New regular patterns 1 for version 1.3.1 Special Register Buffer Data Sampling aka CrossTalk CVE-2020-0543 bsc1154824...

5.5CVSS6.8AI score0.0054EPSS
Exploits0References3
Rows per page
Query Builder