Security
Headlines
HeadlinesLatestCVEs

Tag

#alibaba

RHSA-2022:7399: Red Hat Security Advisory: OpenShift Container Platform 4.12.0 bug fix and security update

Red Hat OpenShift Container Platform release 4.12.0 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.12. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-38561: golang: out-of-bounds read in golang.org/x/text/language leads to DoS * CVE-2022-1705: golang: net/http: improper sanitization of Transfer-Encoding header * CVE-2022-2879: golang: arc...

Red Hat Security Data
Open in Source
#vulnerability#web#ios#mac#windows#linux#red_hat#dos#nodejs#js#git#java#kubernetes#perl#ldap#vmware#aws#lenovo#amd#bios#alibaba#oauth#auth#ssh#ibm#rpm#docker#jira#firefox#sap#ssl
Intel's New Xeon Chip Pushes Confidential Computing to the Cloud

After a delay of more than a year, Intel's on-chip confidential computing feature is coming to all the major cloud providers, starting with Microsoft's Azure.

CVE-2020-36566: Snyk Vulnerability Database | Snyk

Due to improper path santization, archives containing relative file paths can cause files to be written (or overwritten) outside of the target directory.

Indiana sues TikTok, describes it as "Chinese Trojan Horse"

Categories: News Tags: TikTok Tags: ban TikTok Tags: states that banned TikTok Tags: Indiana bans TikTok Tags: Maryland bans TikTok Tags: Shou Zi Chew Tags: Brendan Carr Tags: ByteDance Tags: Brooke Oberwetter The State of Indiana has filed two lawsuits against TikTok, Inc, the company behind the same name app, and its parent company, ByteDance. (Read more...) The post Indiana sues TikTok, describes it as "Chinese Trojan Horse" appeared first on Malwarebytes Labs.

TikTok Banned on Govt. Devices; Will Private Sector Follow Suit?

Texas and Maryland this week joined three other states in prohibiting accessing the popular social media app from state-owned devices.

Zhuhai Suny Technology ESL Tag Forgery / Replay Attacks

Zhuhai Suny Technology ESL Tag suffers from replay attacks and a forgery attack allowing for the displaying of arbitrary contents.

CVE-2022-4127: [PATCH] io_uring: check that we have a file table when allocating update slots

A NULL pointer dereference issue was discovered in the Linux kernel in io_files_update_with_index_alloc. A local user could use this flaw to potentially crash the system causing a denial of service.

CVE-2022-39397: fix(auth): Prevent secret exposure · tu6ge/oss-rs@e4553f7

aliyun-oss-client is a rust client for Alibaba Cloud OSS. Users of this library will be affected, the incoming secret will be disclosed unintentionally. This issue has been patched in version 0.8.1.

CVE-2022-42060: Vulnerabilities in Tenda's W15Ev2 AC1200 Router

Tenda AC1200 Router Model W15Ev2 V15.11.0.10(1576) was discovered to contain a stack overflow via the setWanPpoe function. This vulnerability allows attackers to cause a Denial of Service (DoS) via crafted overflow data.

CVE-2022-40847: Vulnerabilities in Tenda's W15Ev2 AC1200 Router

In Tenda AC1200 Router model W15Ev2 V15.11.0.10(1576), there exists a command injection vulnerability in the function formSetFixTools. This vulnerability allows attackers to run arbitrary commands on the server via the hostname parameter.