PT-2023-8561 · Quarkus · Quarkus

Name of the Vulnerable Software and Affected Versions: Quarkus versions prior to 3.5.1 Quarkus versions prior to 3.2.8 LTS Description: A flaw was found in Quarkus, where it does not properly sanitize artifacts created using the Gradle plugin, allowing certain build system information to remain...

Vulnerabilities fixed in Oracle Fusion Middleware

Vulnerabilities have been fixed in Oracle Fusion Middleware. A malicious party can exploit the vulnerabilities exploit them to carry out attacks that can result in the following categories of damage: Denial-of-Service DoS Remote code execution Administrator/Root privileges Access to sensitive dat...

PT-2023-5787 · Acronis · Acronis Cyber Protect 16 +2

Name of the Vulnerable Software and Affected Versions: Acronis Cyber Protect Cloud Agent Windows versions before build 35739 Acronis Cyber Protect 16 Windows versions before build 37391 Acronis Agent Windows versions before build 35739 Description: The issue is related to sensitive information...

PT-2023-6102 · D Link · D-Link D-View

Name of the Vulnerable Software and Affected Versions: D-Link D-View versions affected versions not specified Description: The issue is related to the addDv7Probe function and involves improper restriction of XML External Entity XXE references. This allows remote attackers to disclose sensitive...

Vulnerabilities fixed in GitLab Enterprise Edition and Community Edition

GitLab has fixed vulnerabilities in GitLab Enterprise Edition and Community Edition. A malicious party could exploit them to manipulate projects and be able to cause damage cause damage in the following categories: Bypassing security measure. Remote code execution User rights Spoofing Accessing...

Acronis Agent和Acronis Cyber Protect 安全漏洞

Acronis Agent and Acronis Cyber Protect are both products of Acronis Singapore.Acronis Agent is an agent software.Acronis Cyber Protect is an all-in-one cyber protection solution for business and enterprise. Combining backup, anti-malware, network security and endpoint management capabilities suc...

CVE-2023-38028

Saho’s attendance devices ADM100 and ADM-100FP have insufficient authentication. An unauthenticated remote attacker can exploit this vulnerability to bypass authentication to read system information and operate user's data, but can’t control system or disrupt service...

Vulnerabilities fixed in Sonicwall

SonicWall has fixed vulnerabilities in Global Management System GMS and Analytics. A malicious party could exploit them to launch attacks that could result in the following categories of damage: Manipulation of data. Bypassing authentication Circumvention of security measure Remote code execution...

The vulnerability of AMD’s microprogramming software lies in the lack of protection for service data, which allows attackers to access the memory contents of other users’ processes.

The vulnerability of AMD’s microprogrammed software lies in the lack of protection for system data. Exploiting this vulnerability can allow attackers to access the memory contents of other users’ processes...

PT-2023-4110 · Abb · Abb Ability Zenon

Name of the Vulnerable Software and Affected Versions: ABB Ability zenon versions 11 build through 11 build 106404 Description: A vulnerability exists in the ABB Ability zenon system, allowing low-privileged users to read and update data in various directories. This issue is related to errors in...

Vulnerabilities fixed in Oracle Database Server

Vulnerabilities have been fixed in Oracle Database Server products. A malicious party can exploit the vulnerabilities to perform attacks that can result in the following categories of damage: Denial-of-Service DoS Manipulation of data Access to sensitive data Access to system data Oracle has fixe...

Vulnerabilities fixed in NVIDIA GPU products

Nvidia has fixed vulnerabilities in the drivers and control software of several GPUs. A malicious party could exploit vulnerabilities to launch attacks that can lead to the following categories of damage: Denial-of-Service DoS. Manipulation of data Remote code execution Administrator/Root...

Vulnerabilities fixed in IBM Qradar

IBM has fixed vulnerabilities in QRadar. An authenticated malicious party can exploit the vulnerabilities to launch attacks execute attacks that could result in the following categories of damage: Cross-Site Scripting XSS. Denial-of-Service DoS. Remote code execution User Rights Access to system...

Vulnerabilities fixed in Apple iOS and iPadOS

Apple has fixed vulnerabilities in iOS and iPadOS. A malicious party can exploit the vulnerabilities to launch attacks execute attacks that can lead to the following categories of damage: Denial-of-Service DoS Circumvention of security measure Remote code execution Administrator/Root rights Remot...

[SECURITY] Fedora 37 Update: rust-below-0.6.3-4.fc37

below is an interactive tool to view and record historical system data. It has support for: - information regarding hardware resource utilization - viewing the cgroup hierarchy - cgroup and process information - pressure stall information PSI - record mode to record system data - replay mode to...

CVE-2023-27919

Authentication bypass vulnerability in NEXT ENGINE Integration Plugin for EC-CUBE 2.0 series all versions allows a remote unauthenticated attacker to alter the information stored in the system...

Vulnerabilities fixed in SAP products

SAP has released updates for several products, including SAP, SAP Gui, CRM, Netweaver and Business Objects. A malicious person could vulnerabilities potentially exploit and cause damage in the categories below: Cross-Site Scripting XSS Denial-of-Service DoS. Manipulation of data Circumvention of...

Fedora: Security Advisory for rust-below (FEDORA-2023-cc21019773)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 38 Update: rust-below-0.6.3-4.fc38

below is an interactive tool to view and record historical system data. It has support for: - information regarding hardware resource utilization - viewing the cgroup hierarchy - cgroup and process information - pressure stall information PSI - record mode to record system data - replay mode to...

Vulnerabilities fixed in Git for Windows

The Git community has fixed vulnerabilities in Git for Windows. A malicious party can exploit the vulnerabilities to launch attacks execute attacks that can lead to the following categories of damage: Manipulation of data Circumvention of security measure Remote code execution Administrator/Root...