GitLab 代码注入漏洞

GitLab is an open source, end-to-end software development platform from GitLab, Inc. with built-in version control, issue tracking, code review, CI/CD continuous integration and continuous delivery, and other features. A security vulnerability exists in GitLab that stems from the fact that file...

MZ Automation GmbH libiec61850 parseNormalModeParameters denial of service vulnerability

Summary A denial of service vulnerability exists in the parseNormalModeParameters functionality of MZ Automation GmbH libiec61850 1.5.0. A specially-crafted series of network requests can lead to denial of service. An attacker can send a sequence of malformed iec61850 messages to trigger this...

SUSE-SU-2021:0186-1 Security update for wavpack

This update for wavpack fixes the following issues: - Update to version 5.4.0 CVE-2020-35738: Fixed an out-of-bounds write in WavpackPackSamples bsc1180414 fixed: disable A32 asm code when building for Apple silicon fixed: issues with Adobe-style floating-point WAV files added: --normalize-floats...

Tag Miner <= 1.1.2 - Cross-Site Request Forgery (CSRF) & XSS

The Tag Miner Automatic Tag Extraction WordPress plugin was affected by a Cross-Site Request Forgery CSRF & XSS security vulnerability...