### Impact A [vulnerability](https://www.cve.org/CVERecord?id=CVE-2022-24785) in an upstream library means an authenticated attacker can abuse locale input to execute arbitrary commands from a file th ...
Continue Reading
June 16, 2022
### Impact The /api/v2/config endpoint exposes message bus credentials to local unauthenticated users. In security-enabled mode, message bus credentials are supposed to be kept in the EdgeX secret st ...
Continue Reading
June 16, 2022
### Impact A path traversal issue was found in the (g *GitArtifactReader).Read() API. Read() calls into (g *GitArtifactReader).readFromRepository() that opens and reads the file that contains the trig ...
Continue Reading
June 16, 2022
### Impact Several `HandleRoute` endpoints make use of the deprecated `ioutil.ReadAll()`. `ioutil.ReadAll()` reads all the data into memory. As such, an attacker who sends a large request to the Argo ...
Continue Reading
June 16, 2022
`rdiff` performs a diff of two provided strings or files. As part of its reading code it uses the return value of a `Read` instance to set the length of its internal character vector. If the `Read` im ...
Continue Reading
June 16, 2022
In the affected versions of the crate, `AtomicBucket` unconditionally implements `Send`/`Sync` traits. Therefore, users can create a data race to the inner `T: !Sync` by using the `AtomicBucket::data_ ...
Continue Reading
June 16, 2022
# Cve-2022-30136-RCE CVE-2022-30136 Unauthenticated RCE in Micro...Read More ...
Continue Reading
June 16, 2022
The Microsoft Office Products are missing security updates. It is, therefore, affected by a remote code execution vulnerability. An authenticated attacker can exploit this to execute arbitrary code on ...
Continue Reading
June 16, 2022
Back to Main
