SUSE: Security Advisory (SUSE-SU-2023:3739-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2023:3731-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

The vulnerability relates to the set of tools and libraries used for creating, importing, and exporting 3D models with the Autodesk FBX SDK. It stems from the use of memory after it is freed, allowing an attacker to execute arbitrary code.

The vulnerability of the tools and libraries used for creating, importing, and exporting 3D models in the Autodesk FBX SDK is related to the use of memory after it is freed. Exploiting this vulnerability can allow an attacker to execute arbitrary code using a specially created FBX file...

Malicious code in cloud-message-sdks (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 479df48e71ae41e05b71f56e47a5a0a444e5992d40ed13730baf980dd5d3e7ef Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

nodejs:16 security update

An update is available for nodejs-nodemon, module.nodejs, nodejs, module.nodejs-nodemon, module.nodejs-packaging, nodejs-packaging. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...

nodejs:18 security update

An update is available for nodejs-nodemon, module.nodejs, nodejs, module.nodejs-nodemon, module.nodejs-packaging, nodejs-packaging. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...

SUSE: Security Advisory (SUSE-SU-2023:3495-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2023-39521

CVE-2023-39521 affects Tuleap, where content in the Kanban and PV2 apps’ card fields is not properly escaped. The issue can be triggered when an agile dashboard administrator deletes a kanban with a malicious label, potentially allowing uncontrolled code execution. Affected products/versions: Tul...

CVE-2023-39521 Tuleap vulnerable to Cross-site Scripting on the success message of a kanban deletion

Tuleap is an open source suite to improve management of software developments and collaboration. In Tuleap Community Edition prior to version 14.11.99.28 and Tuleap Enterprise Edition prior to versions 14.10-6 and 14.11-3, content displayed in the "card fields" visible in the kanban and PV2 apps ...

CVE-2023-38508

Summary: CVE-2023-38508 affects Tuleap: Community Edition < 14.11.99.28 and Enterprise Edition < 14.10-6,

SUSE: Security Advisory (SUSE-SU-2023:3398-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EMUI 安全漏洞

SIMATIC Cloud Connect 7 is an IoT gateway for connecting programmable logic controllers to cloud services and allows field devices with an OPC UA server interface to be connected as OPC UA clients.SIMATIC Drive Controllers are designed for the automation of production machines and combine the...

Intel PSR Code Issue Vulnerability

Intel PSR is a management and security status application from IntelR Corporation. A security vulnerability exists in IntelR PSR SDK versions prior to 1.0.0.20. An attacker can exploit the vulnerability to elevate privileges...

Intel AMT SDK Security Vulnerability

Intel AMT SDK is an IntelR development kit for providing basic development capabilities for Active Management Technology AMT. A security vulnerability exists in IntelR AMT and IntelR Standard Manageability that originates from incorrect input validation. An attacker could exploit the vulnerabilit...

SUSE: Security Advisory (SUSE-SU-2023:3239-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2023:3232-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Moderate: Red Hat Security Advisory: nodejs:18 security, bug fix, and enhancement update

An update for the nodejs:18 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

Zoom Client Security Vulnerability

Zoom Client is a video conferencing client application from Zoom USA that supports multiple platforms. A security vulnerability exists in the Zoom Client SDK prior to version 5.15.5 that stems from an issue with the exposure of sensitive information...

Zoom Client Security Vulnerability

Zoom Client is a video conferencing client application from Zoom USA that supports multiple platforms. A security vulnerability exists in the Zoom Client SDK prior to version 5.14.10 that stems from an improper input validation issue...

2022 Top Routinely Exploited Vulnerabilities

SUMMARY The following cybersecurity agencies coauthored this joint Cybersecurity Advisory CSA: United States: The Cybersecurity and Infrastructure Security Agency CISA, National Security Agency NSA, and Federal Bureau of Investigation FBI Australia: Australian Signals Directorate’s Australian Cyb...