All versions of package @pendo324/get-process-by-name are vulnerable to Arbitrary Code Execution due to improper sanitization of getProcessByName function.
References
https://nvd.nist.gov/vuln/detail/CVE-2022-25644
https://github.com/pendo324/get-proc…
A cross-site scripting (XSS) vulnerability in Pagekit CMS v1.0.18 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Markdown text box under /blog/post/edit.
References
https://nvd.nist.gov/vuln/detail/CV…
Cross Site Scripting (XSS) in the Admin Panel of Subrion CMS 4.2.1 allows attacker to inject arbitrary code via the Login Field.
References
https://nvd.nist.gov/vuln/detail/CVE-2022-37059
https://drive.google.com/file/d/1lmU8zuyzyC9LHFXuXzamnkcLcjcfs0…
A flaw was found in python-oslo-utils. Due to improper parsing, passwords with a double quote ( ” ) in them cause incorrect masking in debug logs, causing any part of the password after the double quote to be plaintext.
References
https://nvd.nist.gov…
Quick summary Building upon the recently announced emoji reaction feature, you can now express yourself in a new way by searching for and inserting emojis directly inline with your text in Google Docs. Getting started Admins: There is no…
What’s changing In December 2021, we announced the ability for admins to use their displays as digital signage when their Meet hardware devices are not in use. Today, we’re giving admins more options for customization by using their Appspace digit…
OpenStreet株式会社(以下、OpenStreet)ら4者は、さいたま市内のJR埼京線沿線に、…
What’s changing We’re adding support for a dark home page theme for Google Meet hardware devices. When using Dark Canvas, devices will now feature dark user interface elements on the home screen when not in an active call. Dark Canvas mode can be …
scheme verge株式会社(以下、scheme verge)は、愛知県のスタートアップ支援事業…
株式会社DeNA SOMPO Mobility(以下、DeNA SOMPO Mobility)とTe…
