Tag
#sap
SAP Enable Now Manager version 10.6.5 Build 2804 Cloud Edition suffers from cross site request forgery, cross site scripting, and open redirection vulnerabilities.
In Mosquitto before 2.0.16, excessive memory is allocated based on malicious initial packets that are not CONNECT packets.
Missing Authorization in GitHub repository hamza417/inure prior to build94.
Plus: Mozilla patches 10 Firefox bugs, Cisco fixes a vulnerability with a rare maximum severity score, and SAP releases updates to stamp out three highly critical flaws.
Two notable vulnerabilities in Google Chrome should be patched asap, and an allegedly new ransomware-as-a-service group.
An attacker with standard privileges on macOS when requesting administrator privileges from the application can submit input which causes a buffer overflow resulting in a crash of the application. This could make the application unavailable and allow reading or modification of data.
By Owais Sultan Snapchat is a platform that may not be suitable for everyone, especially if the user is an underage child. So, what can you do? This is a post from HackRead.com Read the original post: Snapchat Safety for Parents: How to Safeguard Your Child
By Deeba Ahmed If you’ve installed Bitwarden Password Manager recently, ensure that you downloaded it from its official website and not… This is a post from HackRead.com Read the original post: Fake Bitwarden Password Manager Website Drops Windows ZenRAT
By Deeba Ahmed JetBrains has fixed this flaw in version 2023.05.4 of the product released on September 18. It also released a security advisory but didn't disclose technical details of the vulnerability for now. This is a post from HackRead.com Read the original post: JetBrains Patches Severe TeamCity Flaw Allowing RCE and Server Hijacking
An update for the nodejs:18 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-25883: A Regular Expression Denial of Service (ReDoS) vulnerability was discovered in node-semver package via the 'new Range' function. This issue could allow an attacker to pass untrusted malicious regex user data as a range, causing the service to excessively consume CPU depending upon the input size, resulting in a denial of service. * ...