11 matches found
EUVD-2016-1521
Malware in sbrugna...
EUVD-2016-1516
Malware in sbrugna...
Sailing Securely Across the SDLC: Introducing Wiz's Image Trust and Kubernetes Audit Log Collector
Secure your applications across the SDLC by deploying only trusted images and monitoring your Kubernetes control plane in near-real time to detect potential threats...
Elevate Your Cybersecurity with Imperva Cloud WAF: More Than Just a Checkbox
In the world of digital modernization, having a web application firewall WAF isnt an option - its a necessity. But in the endless sea of security solutions, how do you choose the right one? How do you ensure that youre not merely checking a box, but genuinely fortifying your digital fortress? Whi...
Misuse of `Reference` and other transferable APIs may lead to access to nodejs isolate
Versions of isolated-vm before v4.0.0, and especially before v3.0.0, have API pitfalls which may make it easy for implementers to expose supposed secure isolates to the permissions of the main nodejs isolate. Reference objects allow access to the underlying reference's full prototype chain. In an...
GHSA-MMHJ-4W6J-76H7 Misuse of `Reference` and other transferable APIs may lead to access to nodejs isolate
Versions of isolated-vm before v4.0.0, and especially before v3.0.0, have API pitfalls which may make it easy for implementers to expose supposed secure isolates to the permissions of the main nodejs isolate. Reference objects allow access to the underlying reference's full prototype chain. In an...
Asylo Open-Source Framework Tackles TEEs for Cloud
Asylo, an open-source framework and software development kit SDK for creating applications that run in trusted execution environments TEEs, has launched to tackle the complexity involved in running a confidential computing platform for workloads in the cloud and virtual environments. TEEs provide...
Stack overflow
In all Android releases from CAF using the Linux kernel, stack protection was not enabled for secure applications...
CVE-2016-10337
In all Android releases from CAF using the Linux kernel, some validation of secure applications was not being performed...
CVE-2016-10332
In all Android releases from CAF using the Linux kernel, stack protection was not enabled for secure applications...
Privilege escalation
The high level operating systems HLOS was not providing sufficient memory address information to ensure that secure applications inside Qualcomm Secure Execution Environment QSEE only write to legitimate memory ranges related to the QSEE secure application's HLOS client. When secure applications...