463 matches found
scap-security-guide bug fix and enhancement update
An update is available for scap-security-guide. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The scap-security-guide project provides a guide for configuratio...
Biggest Crypto Scam Tactics in 2024 and How to Avoid Them
Stay alert to crypto scams with our guide to 2024's top threats, including phishing, malware, Ponzi schemes, and…...
SUSE-SU-2024:4019-1 Security update for SUSE Manager Client Tools
This update fixes the following issues: golang-github-lusitaniae-apacheexporter was updated from version 1.0.1 to 1.0.8: - Security issues fixed: CVE-2023-3978: Fixed security bug in x/net dependency in version 1.0.2 bsc1213933 - Bugs fixed: Require Go 1.20 when building for RedHat derivatives...
The Definitive Guide to Linux Process Injection
...
Rails Without Derails: Thwarting Code Injection Attacks
...
scap-security-guide bug fix and enhancement update
An update is available for scap-security-guide. This update affects Rocky Linux 8, Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The scap-security-guide project provides a guide f...
TensorFlow has segfault in array_ops.upper_bound
Impact arrayops.upperbound causes a segfault when not given a rank 2 tensor. Patches We have patched the issue in GitHub commit 915884fdf5df34aaedd00fc6ace33a2cfdefa586. The fix will be included in TensorFlow 2.13. We will also cherrypick this commit in TensorFlow 2.12.1. For more information...
Netscaler CVE & Security Guide
Introduction Begin with an introduction to the main issue topic, explaining its significance and how the hub article serves as a central resource for related information. Overview of the Issue Provide a brief yet comprehensive overview of the issue, outlining the common challenges and key points...
silverstripe/framework allows upload of dangerous file types
Some potentially dangerous file types exist in File.allowedextensions which could allow a malicious CMS user to upload files that then get executed in the security context of the website. We have removed the ability to upload .css, .js, .potm, .dotm, .xltm and .jar files in the default...
XMLUnit for Java has Insecure Defaults when Processing XSLT Stylesheets
Impact When performing XSLT transformations XMLUnit for Java did not disable XSLT extension functions by default. Depending on the XSLT processor being used this could allow arbitrary code to be executed when XMLUnit is used to transform data with a stylesheet who's source can not be trusted. If...
GHSA-CHFM-68VV-PVW5 XMLUnit for Java has Insecure Defaults when Processing XSLT Stylesheets
Impact When performing XSLT transformations XMLUnit for Java did not disable XSLT extension functions by default. Depending on the XSLT processor being used this could allow arbitrary code to be executed when XMLUnit is used to transform data with a stylesheet who's source can not be trusted. If...
scap-security-guide bug fix and enhancement update
An update is available for scap-security-guide. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the SCAP...
Security Notice: Triton Inference Server - November 2023
This notice is regarding Triton Inference Server. Go to NVIDIA Product Security. December 4, 2023: Triton Inference Server is designed for flexibility and allows developers to create and deploy inferencing solutions in various ways. Triton Inference Server enables teams to deploy any AI model fro...
lunigal.fr Cross Site Scripting vulnerability OBB-3786859
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
scap-security-guide bug fix and enhancement update
An update is available for scap-security-guide. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rock...
CVE-2022-46751 Apache Ivy: XML External Entity vulnerability in Apache Ivy
Improper Restriction of XML External Entity Reference, XML Injection aka Blind XPath Injection vulnerability in Apache Software Foundation Apache Ivy.This issue affects any version of Apache Ivy prior to 2.5.2. When Apache Ivy prior to 2.5.2 parses XML files - either its own configuration, Ivy...
August 8, 2023—KB5029304 (Security-only update)
August 8, 2023—KB5029304 Security-only update REMINDER Windows 8.1 reached end of support on January 10, 2023, at which point technical assistance and software updates are no longer provided. If you have devices running Windows 8.1, we recommend upgrading them to a more current, in-service, and...
CISA and Partners Release Joint Guide to Securing Remote Access Software
Today, CISA, Federal Bureau of Investigation FBI, the National Security Agency NSA, Multi-State Information Sharing and Analysis Center MS-ISAC, and the Israel National Cyber Directorate INCD released the Guide to Securing Remote Access Software. This new joint guide is the result of a...
TensorFlow Denial of Service vulnerability
Impact A malicious invalid input crashes a tensorflow model Check Failed and can be used to trigger a denial of service attack. To minimize the bug, we built a simple single-layer TensorFlow model containing a Convolution3DTranspose layer, which works well with expected inputs and can be deployed...
TensorFlow vulnerable to seg fault in `tf.raw_ops.Print`
Impact When the parameter summarize of tf.rawops.Print is zero, the new method SummarizeArray will reference to a nullptr, leading to a seg fault. python import tensorflow as tf tf.rawops.Printinput = tf.constant1, 1, 1, 1,dtype=tf.int32, data = False, False, False, False, False, False, False,...