Jenkins Conjur Secrets Plugin 1.0.9 and earlier implements functionality that allows attackers able to control agent processes to decrypt secrets stored in Jenkins obtained through another method.
References
https://nvd.nist.gov/vuln/detail/CVE-2022-2…
NVIDIA NeMo before 1.6.0 contains a vulnerability in ASR WebApp, in which ../ Path Traversal may lead to deletion of any directory when admin privileges are available.
References
https://github.com/NVIDIA/NeMo/security/advisories/GHSA-rpx7-33j2-xx9x
h…
kubectl does not neutralize escape, meta or control sequences contained in the raw data it outputs to a terminal. This includes but is not limited to the unstructured string fields in objects such as Events.
References
https://nvd.nist.gov/vuln/detail…
通常、ディスプレイというと、より大きくなるほど高価になります。これは、モニターやテレビ、勿論ラップト…
Apache Log4j2 versions 2.0-beta7 through 2.17.0 (excluding security fix releases 2.3.2 and 2.12.4) are vulnerable to an attack where an attacker with permission to modify the logging configuration file can construct a malicious configuration using a JD…
もはや光らないものはないレベルで様々なアイテムを光らせているゲーミングデバイス界隈。全てのものを光ら…
顔認証が今、静かに広がっている。行政と民間企業が連携した実証実験も日本各地で行われている。新型コロナ…
admin/limits.php in Dolibarr 7.0.2 allows HTML injection, as demonstrated by the MAIN_MAX_DECIMALS_TOT parameter.
References
https://nvd.nist.gov/vuln/detail/CVE-2022-22293
https://github.com/mustgundogdu/Research/blob/main/Dolibar_7.0.2-StoredXSS/REA…
