EUVD-2024-35734

Malicious code in bioql PyPI...

CVE-2024-49355

IBM OpenPages with Watson 8.3 and 9.0 may write improperly neutralized data to server log files when the tracing is enabled per the System Tracing feature...

CVE-2024-49355

IBM OpenPages with Watson 8.3 and 9.0 may write improperly neutralized data to server log files when the tracing is enabled per the System Tracing feature...

CVE-2024-35117

IBM OpenPages with Watson 9.0 may write sensitive information, under specific configurations, in clear text to the system tracing log files that could be obtained by a privileged user...

PT-2024-26324 · Ibm · Ibm Openpages With Watson

Name of the Vulnerable Software and Affected Versions: IBM OpenPages with Watson version 9.0 Description: The issue allows sensitive information to be written in clear text to the system tracing log files under specific configurations. This information could be obtained by a privileged user...

Security Bulletin: IBM OpenPages may write sensitive information with System tracing enabled (CVE-2024-35117)

Summary IBM OpenPages may write sensitive data to server log files when the 'UI API' tracing is enabled per the System Tracing feature. Vulnerability Details CVEID:CVE-2024-35117 DESCRIPTION: IBM OpenPages may write sensitive information, under specific configurations, in clear text to the system...

Xiaomi Android Devices Hit by Multiple Flaws Across Apps and System Components

Multiple security vulnerabilities have been disclosed in various applications and system components within Xiaomi devices running Android. "The vulnerabilities in Xiaomi led to access to arbitrary activities, receivers and services with system privileges, theft of arbitrary files with system...

ASB-A-270050064

In multiple functions of multiple files, there is a possible way to bypass the DISALLOWDEBUGGINGFEATURES restriction for tracing due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...

Bpflock - eBPF Driven Security For Locking And Auditing Linux Machines

bpflock - eBPF driven security for locking and auditing Linux machines. Note: bpflock is currently in experimental stage , it may break, options and security semantics may change, some BPF programs will be updated to use Cilium ebpf library. 1. Introduction bpflock uses eBPF to strength Linux...

Dynamic Tracing Tools for Linux: BCC

BCC – BPF Compiler Collection – is a toolkit for creating efficient kernel tracing and manipulation programs, and includes several useful tools and examples. It makes use of eBPF Extended Berkeley Packet Filters, a new feature that was first added to Linux 3.15. Much of what BCC uses requires Lin...