Improper authorization in Dynamic Lockscreen prior to SMR Sep-2022 Release 1 in Android R(11) and 3.3.03.66 in Android S(12) allows unauthorized use of javascript interface api.Read More ...

Continue Reading

October 07, 2022

[![](https://blogger.googleusercontent.com/img/a/AVvXsEjnZV68nlgZG7KiqYaVB3-ucQJOspZ0Lytex_Ql7bXxJucf-OYBMvdAEj-kMSQW-Xs__geqyStu4k1cv5TlsEgYrNPFSHK3oOXURLjMAe25we1Gz0tXiMAfN9W6WgspIwGj2Kld8Q0vPP3g-JB ...

Continue Reading

October 07, 2022

In Apache Airflow, prior to version 2.4.1, deactivating a user wouldn't prevent an already authenticated user from being able to continue using the UI or API.Read More ...

Continue Reading

October 07, 2022

### Description Tendermint Core v0.34.0 introduced a new way of handling evidence of misbehavior. As part of this, [we added a new `Timestamp` field to `Evidence` structs](https://github.com/tendermi ...

Continue Reading

October 07, 2022

### Description Tendermint Core v0.34.0 introduced a new way of handling evidence of misbehavior. As part of this, [we added a new `Timestamp` field to `Evidence` structs](https://github.com/tendermi ...

Continue Reading

October 07, 2022

### Vulnerability type Access Control ### Workarounds The etcdctl and etcd API do not enforce a specific password length during user creation or user password update operations. [It is the responsibil ...

Continue Reading

October 06, 2022

Researchers at [DCSO CyTec]() recently found a backdoor that specifically targets Microsoft SQL servers. The malware acts as an Extended Stored Procedure, which is a special type of extension used by ...

Continue Reading

October 06, 2022

### Vulnerability type Access Control ### Workarounds The etcdctl and etcd API do not enforce a specific password length during user creation or user password update operations. [It is the responsibil ...

Continue Reading

October 06, 2022