ジャパン・トゥエンティワン株式会社(本社:愛知県豊橋市、以下:J21)は、VESA規格のフロアスタン…
ギグス、元彼女に「ノートパソコンが入った鞄を投げつける」行為か…裁判で証言
現在、元彼女であるケイト・グレヴィルに対する暴行の容疑で裁判に臨んでいるライアン・ギグス氏。 『Th…
[update_by_case] update_by_case before 0.1.3 can be vulnerable to sql injection
Before version 0.1.3 update_by_case gem used custom sql strings, and it was not sanitized, making it vulnerable to sql injection. Upgrade to version >= 0.1.3 that uses Arel instead to construct the resulting sql statement, with sanitized sql.
Refere…
[temporary] `temporary` makes use of uninitialized memory
Uninit memory is used as a RNG seed in temporary. This has been resolved in the 0.6.4 release. The crate is not intended to be used outside of a testing environment. For a general purpose crate to create temporary directories, tempfile is an alternativ…
[tower-http] tower-http’s improper validation of Windows paths could lead to directory traversal attack
tower_http::services::fs::ServeDir didn’t correctly validate Windows paths, meaning paths like /foo/bar/c:/windows/web/screen/img101.png would be allowed and respond with the contents of c:/windows/web/screen/img101.png. Thus users could potentially re…
Survey shows how people decide what to trust online
Alex Mahadevan is director of MediaWiseat the Poynter Institute. He has taught digital media literacy to thousands of middle and high schoolers, and has trained hundreds of journalists from around the world in verification and digital investigative too…
New ways we’re helping you find high-quality information
People turn to Google every day for information in the moments that matter most. Sometimes that’s to look for the best recipe for dinner, other times it’s to check the facts about a claim they heard about from a friend.No matter what you’re searching f…
[nbconvert] nbconvert vulnerable to cross-site scripting (XSS) via multiple exploit paths
Cross-linking to https://github.com/jupyter/nbviewer/security/advisories/GHSA-h274-fcvj-h2wm
Most of the fixes will be in this repo, though, so having it here gives us the private fork to work on patches
Below is currently a duplicate of the original r…
[owning_ref] owning_ref vulnerable to multiple soundness issues
OwningRef::map_with_owner is unsound and may result in a use-after-free.
OwningRef::map is unsound and may result in a use-after-free.
OwningRefMut::as_owner and OwningRefMut::as_owner_mut are unsound and may result in a use-after-free.
The crate viol…
かざして開く、コンパクトな自動開閉式ゴミ箱「Dust Capsule」
今回紹介する「Dust Capsule」は、手をかざすだけで自動開閉するスマートなゴミ箱。スタイリッ…