Read Time:2 Second
Akamai spots new digital skimming campaign
Monthly Archives: October 2023
USN-6424-1: kramdown vulnerability
Read Time:8 Second
It was discovered that kramdown did not restrict Rouge formatters to the
correct namespace. An attacker could use this issue to cause kramdown to
execute arbitrary code.
CVE-2020-18336
Read Time:8 Second
Cross Site Scripting (XSS) vulnerability found in Typora v.0.9.65 allows a remote attacker to obtain sensitive information via the PDF file exporting function.
DSA-5521 tomcat10 – security update
Read Time:4 Second
Several security vulnerabilities have been discovered in the Tomcat
servlet and JSP engine.
DSA-5522 tomcat9 – security update
Read Time:4 Second
Several security vulnerabilities have been discovered in the Tomcat
servlet and JSP engine.
DSA-5520 mediawiki – security update
Read Time:8 Second
Multiple security issues were discovered in MediaWiki, a website engine
for collaborative work, which could result in cross-site scripting,
denial of service or information disclosure
GLSA 202310-10: libcue: Arbitrary Code Execution
GLSA 202310-11: less: Denial of service
CVE-2022-3728
Read Time:9 Second
A vulnerability was reported in ThinkPad T14s Gen 3 and X13 Gen3 that could cause the BIOS tamper detection mechanism to not trigger under specific circumstances which could allow unauthorized access.
CVE-2022-36228
Read Time:9 Second
Nokelock Smart padlock O1 Version 5.3.0 is vulnerable to Insecure Permissions. By sending a request, you can add any device and set the device password in the Nokelock app.