Lucene search
K

182 matches found

OSV
OSV
added 2022/05/17 12:33 a.m.1 views

GHSA-244G-8368-6WR9 Apache Wicket allows attackers to check for third-party libraries

In Apache Wicket 1.5.10 or 6.13.0, by issuing requests to special urls handled by Wicket, it is possible to check for the existence of particular classes in the classpath and thus check whether a third party library with a known security vulnerability is in use...

5.3CVSS5.9AI score0.03012EPSS
Exploits0References3
Github Security Blog
Github Security Blog
added 2022/05/17 12:33 a.m.9 views

Apache Wicket allows attackers to check for third-party libraries

In Apache Wicket 1.5.10 or 6.13.0, by issuing requests to special urls handled by Wicket, it is possible to check for the existence of particular classes in the classpath and thus check whether a third party library with a known security vulnerability is in use...

5.3CVSS6.8AI score0.03012EPSS
Exploits0References3Affected Software1
Github Security Blog
Github Security Blog
added 2022/05/13 1:2 a.m.44 views

Apache Flex BlazeDS unsafe deserialization

Previous versions of Apache Flex BlazeDS 4.7.2 and earlier did not restrict which types were allowed for AMFX object deserialization by default. During the deserialization process code is executed that for several known types has undesired side-effects. Other, unknown types may also exhibit such...

9.8CVSS7.7AI score0.21274EPSS
Exploits4References12Affected Software2
Imperva Blog
Imperva Blog
added 2021/09/21 4:34 a.m.36 views

How to mitigate security vulnerabilities automatically with RASP

In a world where DevOps is oiling the wheels of accelerated software development, it’s hardly surprising that automation, code re-use and third-party libraries are integral parts of our high-speed app development cycle. But what happens when the pace of development outstrips security? Or when the...

0.3AI score
Exploits0
Drupal
Drupal
added 2021/08/12 12:0 a.m.20 views

Drupal core - Moderately critical - Third-party libraries - SA-CORE-2021-005

The Drupal project uses the CKEditor, library for WYSIWYG editing. CKEditor has released a security update that impacts Drupal. Vulnerabilities are possible if Drupal is configured to allow use of the CKEditor library for WYSIWYG editing. An attacker that can create or edit content even without...

6AI score
Exploits0References13
ThreatPost
ThreatPost
added 2021/07/14 4:33 p.m.39 views

Apps Built Better: DevSecOps, a Security Silver Bullet

Security should never be an afterthought when developing software and applications. However, as technological advances continue to take hold, the security tools many rely on are changing in real-time, and combatting potential breaches or hacks of your wares before they arise now requires new...

7.7AI score
Exploits0References3
Fedora
Fedora
added 2021/04/24 8:21 p.m.66 views

[SECURITY] Fedora 34 Update: python3.9-3.9.4-1.fc34

Python 3.9 is an accessible, high-level, dynamically typed, interpreted programming language, designed with an emphasis on code readability. It includes an extensive standard library, and has a vast ecosystem of third-party libraries...

5.7CVSS2.1AI score0.01863EPSS
Exploits0
The Hacker News
The Hacker News
added 2021/04/03 6:41 a.m.3 views

Google limits which apps can access the list of installed apps on your device

Apps on Android have been able to infer the presence of specific apps, or even collect the full list of installed apps on the device. What's more, an app can also set to be notified when a new app is installed. Apart from all the usual concerns about misuse of such a data grab, the information ca...

5.8AI score
Exploits0
Fedora
Fedora
added 2021/03/01 5:2 p.m.90 views

[SECURITY] Fedora 33 Update: python3.9-3.9.2-1.fc33

Python 3.9 is an accessible, high-level, dynamically typed, interpreted programming language, designed with an emphasis on code readability. It includes an extensive standard library, and has a vast ecosystem of third-party libraries...

5.9CVSS2.1AI score0.35963EPSS
Exploits1
IBM Security Bulletins
IBM Security Bulletins
added 2021/02/20 6:44 a.m.97 views

Security Bulletin: Multiple vulnerability issues affect IBM Spectrum Symphony 7.3.1

Summary This interim fix provides instructions on upgrading third parity libraries in IBM Spectrum Symphony 7.3.1 in order to address security vulnerabilities CVE-2015-6420, CVE-2019-1311, CVE-2015-4852, CVE-2017-15708, CVE-2015-7501, CVE-2017-18214, CVE-2016-1000027, CVE-2019-8331, CVE-2016-7103...

10CVSS1.5AI score0.99019EPSS
Exploits59Affected Software1
Fedora
Fedora
added 2021/02/06 1:30 a.m.90 views

[SECURITY] Fedora 32 Update: python3-3.8.7-2.fc32

Python is an accessible, high-level, dynamically typed, interpreted program ming language, designed with an emphasis on code readability. It includes an extensive standard library, and has a vast ecosystem of third-party libraries. The python3 package provides the "python3" executable: the...

9.8CVSS2.1AI score0.23293EPSS
Exploits1
Drupal
Drupal
added 2021/01/20 12:0 a.m.50 views

Drupal core - Critical - Third-party libraries - SA-CORE-2021-001

The Drupal project uses the pear ArchiveTar library, which has released a security update that impacts Drupal. For more information please see: CVE-2020-36193 Exploits may be possible if Drupal is configured to allow .tar, .tar.gz, .bz2, or .tlz file uploads and processes them...

7.5CVSS1.7AI score0.70595EPSS
Exploits0References16
The Hacker News
The Hacker News
added 2020/10/01 8:27 a.m.50 views

Critical Flaws Discovered in Popular Industrial Remote Access Systems

Cybersecurity researchers have found critical security flaws in two popular industrial remote access systems that can be exploited to ban access to industrial production floors, hack into company networks, tamper with data, and even steal sensitive business secrets. The flaws, discovered by Tel...

7.7CVSS2.5AI score0.01213EPSS
Exploits0
Fedora
Fedora
added 2020/05/26 3:14 a.m.50 views

[SECURITY] Fedora 32 Update: python3-3.8.3-1.fc32

Python is an accessible, high-level, dynamically typed, interpreted program ming language, designed with an emphasis on code readability. It includes an extensive standard library, and has a vast ecosystem of third-party libraries. The python3 package provides the "python3" executable: the...

7.1CVSS2.1AI score0.06617EPSS
Exploits1
ThreatPost
ThreatPost
added 2020/04/01 4:0 p.m.128 views

Two Zoom Zero-Day Flaws Uncovered

UPDATE Two zero-day flaws have been uncovered in Zoom’s macOS client version, according to researchers. The web conferencing platform vulnerabilities could give local, unprivileged attackers root privileges, and allow them to access victims’ microphone and camera. As of Thursday, the two...

8.1AI score
Exploits0References24
Fedora
Fedora
added 2020/01/20 3:19 a.m.16 views

[SECURITY] Fedora 30 Update: python3-3.7.6-1.fc30

Python is an accessible, high-level, dynamically typed, interpreted program ming language, designed with an emphasis on code readability. It includes an extensive standard library, and has a vast ecosystem of third-party libraries. The python3 package provides the "python3" executable: the...

2.1AI score
Exploits0
Fedora
Fedora
added 2020/01/13 2:20 a.m.9 views

[SECURITY] Fedora 31 Update: python3-3.7.6-1.fc31

Python is an accessible, high-level, dynamically typed, interpreted program ming language, designed with an emphasis on code readability. It includes an extensive standard library, and has a vast ecosystem of third-party libraries. The python3 package provides the "python3" executable: the...

2.1AI score
Exploits0
OpenVAS
OpenVAS
added 2019/11/04 12:0 a.m.39 views

Fedora Update for python3 FEDORA-2019-aba3cca74a

The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

7.5CVSS7.5AI score0.05366EPSS
Exploits0References2
Fedora
Fedora
added 2019/11/02 2:28 a.m.54 views

[SECURITY] Fedora 31 Update: python3-3.7.5-1.fc31

Python is an accessible, high-level, dynamically typed, interpreted program ming language, designed with an emphasis on code readability. It includes an extensive standard library, and has a vast ecosystem of third-party libraries. The python3 package provides the "python3" executable: the...

7.5CVSS2.1AI score0.05366EPSS
Exploits0
Kitploit
Kitploit
added 2019/08/19 9:30 p.m.127 views

Truegaze - Static Analysis Tool For Android/iOS Apps Focusing On Security Issues Outside The Source Code

A static analysis tool for Android and iOS applications focusing on security issues outside the source code such as resource strings, third party libraries and configuration files. Requirements Python 3 is required and you can find all required modules in the requirements.txt file. Only tested on...

7.4AI score
Exploits0References1
Rows per page
Query Builder