Security
Headlines
HeadlinesLatestCVEs

Tag

#alibaba

Intel's New Xeon Chip Pushes Confidential Computing to the Cloud

After a delay of more than a year, Intel's on-chip confidential computing feature is coming to all the major cloud providers, starting with Microsoft's Azure.

DARKReading
Open in Source
#mac#google#microsoft#intel#amd#alibaba#auth#ibm#sap#ssl
CVE-2020-36566: Snyk Vulnerability Database | Snyk

Due to improper path santization, archives containing relative file paths can cause files to be written (or overwritten) outside of the target directory.

Indiana sues TikTok, describes it as "Chinese Trojan Horse"

Categories: News Tags: TikTok Tags: ban TikTok Tags: states that banned TikTok Tags: Indiana bans TikTok Tags: Maryland bans TikTok Tags: Shou Zi Chew Tags: Brendan Carr Tags: ByteDance Tags: Brooke Oberwetter The State of Indiana has filed two lawsuits against TikTok, Inc, the company behind the same name app, and its parent company, ByteDance. (Read more...) The post Indiana sues TikTok, describes it as "Chinese Trojan Horse" appeared first on Malwarebytes Labs.

TikTok Banned on Govt. Devices; Will Private Sector Follow Suit?

Texas and Maryland this week joined three other states in prohibiting accessing the popular social media app from state-owned devices.

Zhuhai Suny Technology ESL Tag Forgery / Replay Attacks

Zhuhai Suny Technology ESL Tag suffers from replay attacks and a forgery attack allowing for the displaying of arbitrary contents.

CVE-2022-4127: [PATCH] io_uring: check that we have a file table when allocating update slots

A NULL pointer dereference issue was discovered in the Linux kernel in io_files_update_with_index_alloc. A local user could use this flaw to potentially crash the system causing a denial of service.

CVE-2022-39397: fix(auth): Prevent secret exposure · tu6ge/oss-rs@e4553f7

aliyun-oss-client is a rust client for Alibaba Cloud OSS. Users of this library will be affected, the incoming secret will be disclosed unintentionally. This issue has been patched in version 0.8.1.

CVE-2022-42060: Vulnerabilities in Tenda's W15Ev2 AC1200 Router

Tenda AC1200 Router Model W15Ev2 V15.11.0.10(1576) was discovered to contain a stack overflow via the setWanPpoe function. This vulnerability allows attackers to cause a Denial of Service (DoS) via crafted overflow data.

CVE-2022-40847: Vulnerabilities in Tenda's W15Ev2 AC1200 Router

In Tenda AC1200 Router model W15Ev2 V15.11.0.10(1576), there exists a command injection vulnerability in the function formSetFixTools. This vulnerability allows attackers to run arbitrary commands on the server via the hostname parameter.

CVE-2022-27949: Fix secrets rendered in UI when task is not executed. by tirkarthi · Pull Request #22754 · apache/airflow

A vulnerability in UI of Apache Airflow allows an attacker to view unmasked secrets in rendered template values for tasks which were not executed (for example when they were depending on past and previous instances of the task failed). This issue affects Apache Airflow prior to 2.3.1.