Log in to see all content. Some content is hidden to the public.
Can't find what you're looking for? Help us improve the search functionality by reporting the expected results.
1509 Results
Vulnerability in Splunk Enterprise 9.0.0
Splunk released a security advisory to address a vulnerability in Splunk Enterprise 9.0.0. For a complete description of the vulnerabilities and affected systems go to Ingest Actions UI in Splunk Enterprise 9.0.0 disabled TLS certificate validation. IT Security
Important Vulnerability in Apache Flume
The Apache Software Foundation has released a security update to address a vulnerability in Apache Flume. An attacker could exploit this vulnerability to perform arbitrary remote code execution.
Severe Vulnerabilities in IBM MQ Messaging Middleware
IBM has released security updates to address Severe vulnerabilities in IBM MQ Messaging Middleware. Multiple issues were identified within the libcurl library that affect IBM MQ. IBM MQ server and non-Java client installations use libcurl to provide HTTPURL functionality which is used to download remote CCDT files.
High Vulnerabilities in Multiple Mozilla Products
Mozilla has released security updates to address High vulnerabilities in multiple Mozilla products. An attacker could exploit these vulnerabilities to take control of an affected system.
Critical Vulnerability in Gitlab Community and Enterprise Software
Gitlab released security updates to address Critical vulnerabilities in Gitlab Community Edition (CE) and Enterprise Edition (EE) versions. The vulnerabilities could allow an attacker to perform arbitrary remote code execution.
Important Vulnerability in VMware Tools
VMware has released security updates to address Important vulnerabilities in VMware Tools. A remote attacker could likely exploit the vulnerability to take control of an affected system. For a complete description of the vulnerabilities and affected systems go to VMSA-2022-0024. IT Security
Vulnerability in Linux Kernel
Researchers have disclosed an eight-year-old Linux Kernel vulnerability that could be as impactful as the "Dirty Pipe" vulnerability. Dubbed DirtyCred, an attacker could exploit this vulnerability to escalate privileges to the maximum level.
Vulnerability in OmniAuth 1.9.0
Mandiant released a vulnerability report about a vulnerability in OmniAuth 1.9.0. An improper encoding or escaping of output vulnerability exists within OmniAuth 1.9.0. For a complete description of the vulnerabilities and affected systems go to CVE-2020-36599 Detail. IT Security
Vulnerabilities Impacting Ultra-Wideband (UWB) Real-Time Locating Systems (RTLS)
Researchers have disclosed vulnerabilities impacting Ultra-wideband (UWB) Real-time Locating Systems (RTLS). A threat actor could exploit these vulnerabilities to tamper with safety zones designated by RTLS to protect workers in hazardous areas.
High Zero-Day Vulnerability in Zoom
Zoom released a security update to address a High actively exploited vulnerability in Zoom. Local low-privileged users could exploit this vulnerability to escalate their privileges to root.