19 matches found
EUVD-2023-57920
Malicious code in bioql PyPI...
EUVD-2023-36606
Malicious code in bioql PyPI...
EUVD-2025-16419
Malicious code in bioql PyPI...
EUVD-2023-44974
Malicious code in bioql PyPI...
Wyse Management Suite WMS Information Disclosure Vulnerability
Wyse Management Suite WMS is a cloud and local management platform from Dell, Inc. It is used to centrally manage Wyse lightweight endpoint devices and supports remote configuration, firmware updates, security policy management and other features. An information disclosure vulnerability exists in...
CVE-2022-32896
This issue was addressed by enabling hardened runtime. This issue is fixed in macOS Monterey 12.6, macOS Big Sur 11.7. A user may be able to view sensitive user information...
Securing AI Innovation: Enterprise Strategies for LLM and Generative AI Security
The adoption of Large Language Models LLMs and Generative AI is revolutionizing enterprise operations, delivering unmatched innovation, efficiency, and competitive advantage. However, this rapid integration brings significant AI security challenges that organizations must address. Insights from...
CVE-2023-5627
A vulnerability has been identified in NPort 6000 Series, making the authentication mechanism vulnerable. This vulnerability arises from the incorrect implementation of sensitive information protection, potentially allowing malicious users to gain unauthorized access to the web service...
CVE-2023-5627 Incorrect Implementation of Authentication Algorithm Vulnerability
A vulnerability has been identified in NPort 6000 Series, making the authentication mechanism vulnerable. This vulnerability arises from the incorrect implementation of sensitive information protection, potentially allowing malicious users to gain unauthorized access to the web service...
CVE-2023-5627 Incorrect Implementation of Authentication Algorithm Vulnerability
A vulnerability has been identified in NPort 6000 Series, making the authentication mechanism vulnerable. This vulnerability arises from the incorrect implementation of sensitive information protection, potentially allowing malicious users to gain unauthorized access to the web service...
Leverage cloud-powered security with Microsoft Defender for IoT
Traditionally, operational technology OT and IT have occupied separate sides of enterprise security. But with digital transformation and the advent of Industry 4.0, the old, siloed approach is showing its age.1 The rise of manufacturing execution systems has enabled more “smart factories” to...
SUSE-SU-2022:4642-1 Security update for webkit2gtk3
This update for webkit2gtk3 fixes the following issues: Update to version 2.38.3: - CVE-2022-42856: Fixed a potential arbitrary code execution when processing maliciously crafted web content bsc1206474. - CVE-2022-42852: Fixed disclosure of process memory by improved memory handling. -...
MGASA-2018-0343 Updated chromium-browser-stable packages fix security vulnerabilities
Chromium-browser 68.0.3440.106 fixes security issues: Multiple flaws were found in the way Chromium 67.0.3396.87 processes various types of web content, where loading a web page containing malicious content could cause Chromium to crash, execute arbitrary code, or disclose sensitive information...
Passit: Insecure Account Removal
Hi Team, The removal of account is one of the sensitive part of a web application that needs to protect, therefor removing an account should validate the authenticity of the legitimate user. Scenario: =============== The user logins to a shared computer office, library, cafe Left the account open...
SUSE-SU-2016:0636-1 Security update for java-1_7_0-ibm
This update for java-170-ibm fixes the following issues by updating to 7.0-9.30 bsc963937: - CVE-2015-5041: Could could have invoked non-public interface methods under certain circumstances - CVE-2015-7575: The TLS protocol could allow weaker than expected security caused by a collision attack wh...
FanFootage: Reporting Bugs
1This page allows visitors to upload files to the server. Various web applications allow users to upload files such as pictures, images, sounds, .... Uploaded files may pose a significant risk if not handled correctly. A remote attacker could send a multipart/form-data POST request with a...
Low: Red Hat Security Advisory: abrt, libreport, btparser, and python-meh security and bug fix update
Updated abrt, libreport, btparser, and python-meh packages that fix two security issues and several bugs are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having low security impact. Common Vulnerability Scoring System CVSS base scores,...
File inputs can disclose the path to selected files
When a file is selected in a file upload input, the path to that file is not exposed through the input's value property. This is done to protect any sensitive information which may be contained in the directory names. When manipulated by DOM this information should also not be exposed. Certain DO...
Office 2010 1025
Office 2010 1025...