Security
Headlines
HeadlinesLatestCVEs

Tag

#java

RHSA-2022:5597: Red Hat Security Advisory: pandoc security update

An update for pandoc is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-24724: cmark-gfm: possible RCE due to integer overflow

Red Hat Security Data
Open in Source
#vulnerability#web#linux#red_hat#nodejs#js#git#java#kubernetes#rce#aws#ibm
‘Endemic’ Log4j bug set to persist in the wild for at least a decade, US government warns

Inaugural report from cyber safety panel outlines strengths and weaknesses exposed by momentous security flaw

Mitigation for Azure Storage SDK Client-Side Encryption Padding Oracle Vulnerability

Summary: Google informed Microsoft under Coordinated Vulnerability Disclosure (CVD) of a padding oracle vulnerability that may affect customers using Azure Storage SDK (for Python, .NET, Java) client-side encryption (CVE-2022-30187). To mitigate this vulnerability, we released a new General Availability (GA) version of the Azure Storage SDK client-side encryption feature (v2) on July 12, 2022. Microsoft … Mitigation for Azure Storage SDK Client-Side Encryption Padding Oracle Vulnerability Read More »

Google Boots Multiple Malware-laced Android Apps from Marketplace

Google removed eight Android apps, with 3M cumulative downloads, from its marketplace for being infected with a Joker spyware variant.

Mitigation for Azure Storage SDK Client-Side Encryption Padding Oracle Vulnerability

Summary Summary Google informed Microsoft under Coordinated Vulnerability Disclosure (CVD) of a padding oracle vulnerability that may affect customers using Azure Storage SDK (for Python, .NET, Java) client-side encryption (CVE-2022-30187). To mitigate this vulnerability, we released a new General Availability (GA) version of the Azure Storage SDK client-side encryption feature (v2) on July 12, 2022.

CVE-2021-41419: nuclei-templates/qvisdvr-deserialization-rce.yaml at master · projectdiscovery/nuclei-templates

QVIS NVR DVR before 2021-12-13 is vulnerable to Remote Code Execution via Java deserialization.

Mitigation for Azure Storage SDK Client-Side Encryption Padding Oracle Vulnerability

Summary Summary Google informed Microsoft under Coordinated Vulnerability Disclosure (CVD) of a padding oracle vulnerability that may affect customers using Azure Storage SDK (for Python, .NET, Java) client-side encryption (CVE-2022-30187). To mitigate this vulnerability, we released a new General Availability (GA) version of the Azure Storage SDK client-side encryption feature (v2) on July 12, 2022.

CVE-2022-31202: Multiple vulnerabilities in SoftGuard SNMP Network Management Extension

The export function in SoftGuard Web (SGW) before 5.1.5 allows directory traversal to read an arbitrary local file via export or man.tcl.

CVE-2022-30982: Multiple vulnerabilies in Gentics CMS

An issue was discovered in Gentics CMS before 5.43.1. There is stored XSS in the profile description and in the username.