PT-2024-29946 · Zoom · Zoom Sdks +3

Name of the Vulnerable Software and Affected Versions: Zoom Workplace Apps, SDKs, Rooms Clients, and Rooms Controllers affected versions not specified Description: A buffer overflow issue may allow an authenticated user to conduct a denial of service via network access. This issue affects some Zo...

PT-2024-28685 · Zoom · Zoom Sdks +3

Name of the Vulnerable Software and Affected Versions: Zoom Workplace Apps, SDKs, Rooms Clients, and Rooms Controllers affected versions not specified Description: The issue allows a privileged user to conduct an information disclosure via network access. This is related to sensitive information...

SUSE: Security Advisory (SUSE-SU-2024:2868-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Education in Secure Software Development

The Linux Foundation and OpenSSF released a report on the state of education in secure software development. …many developers lack the essential knowledge and skills to effectively implement secure software development. Survey findings outlined in the report show nearly one-third of all...

SUSE: Security Advisory (SUSE-SU-2024:2681-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Spring Tips: Spring Security method security with special guest Rob Winch

Hi, Spring fans! In this installment I have special guest Spring Security lead Rob Winch give us a master class in how the method security support works and some of its new features. Come for the security, stay for the incredible opportunity to look over a senior engineer's shoulders as he explai...

SUSE: Security Advisory (SUSE-SU-2024:2589-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2024-39902 Tuleap's recursive permissions to document manager folder are not properly applied

Tuleap is an open source suite to improve management of software developments and collaboration. Prior to Tuleap Community Edition 15.10.99.128 and Tuleap Enterprise Edition 15.10-6 and 15.9-8, the checkbox "Apply same permissions to all sub-items of this folder" in the document manager permissio...

The vulnerability of the Outside In Core component within Oracle’s software development kit (SDK) allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the Outside In Core component in Oracle’s software development toolset SDK exists due to insufficient testing of input data. Exploiting this vulnerability could allow attackers to compromise the confidentiality, integrity, and accessibility of protected information...

The vulnerability of the JT Open Toolkit (JTTK) and PLM XML SDK development tools arises from the possibility of an operation exceeding the buffer boundaries in memory, allowing a hacker to execute arbitrary code.

The vulnerability of the JT Open Toolkit JTTK and PLM XML SDK development tools is related to the execution of operations outside the buffer in memory. Exploiting this vulnerability can allow an attacker to execute arbitrary code using a specially created malicious XML file...

ALSA-2024:4563 Important: java-1.8.0-openjdk security update

The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Security Fixes: OpenJDK: RangeCheckElimination array index overflow 8323231 CVE-2024-21147 OpenJDK: potential UTF8 size overflow 8314794 CVE-2024-21131 OpenJDK: Excessiv...

CVE-2024-27241

Improper input validation in some Zoom Apps and SDKs may allow an authenticated user to conduct a denial of service via network access...

CVE-2024-39819

Integrity check in the installer for some Zoom Workplace Apps and SDKs for Windows may allow an authenticated user to conduct a privilege escalation via local access...

The vulnerability of the Azure Kinect SDK development software package, related to numerical truncation errors, allows a hacker to execute arbitrary code.

The vulnerability of the Azure Kinect SDK development software package for sensor development is related to numerical truncation errors. Exploiting this vulnerability could allow an attacker to execute arbitrary code...

SUSE: Security Advisory (SUSE-SU-2024:2371-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2024:2361-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Microsoft Azure Security Vulnerabilities

Microsoft Azure is a suite of open, enterprise-grade cloud computing platforms from Microsoft Corporation USA. A security vulnerability exists in the Microsoft Azure Kinect SDK. An attacker exploiting the vulnerability could remotely execute code...

PT-2024-5107 · Zoom · Zoom

Name of the Vulnerable Software and Affected Versions: Zoom affected versions not specified Description: The issue is related to insufficient input validation in some Zoom Apps and SDKs, which may allow an authenticated user to conduct a denial of service via network access. This could potentiall...

Realtek AP-Router SDK Security Vulnerability

Realtek AP-Router SDK is a software package for wireless chipsets from Realtek Semiconductor Realtek, a Chinese company. A security vulnerability exists in the Realtek AP-Router SDK that originates from a stack-based buffer overflow vulnerability in the boa setRadvdPrefixParam function, which can...

SUSE: Security Advisory (SUSE-SU-2024:2298-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...