A vulnerability was found in the Moby Builder Toolkit, specifically in the Interactive Containers API, where entitlement checks are not adequately validated, caused by a missing privilege check in a G ...
Continue Reading
February 01, 2024
Impact There is a bug in Wasmtime's C API implementation where the definition of the wasmtime_trap_code does not match its declared signature in the wasmtime/trap.h header file. This discrepancy ...
Continue Reading
February 01, 2024
An issue has been discovered in GitLab CE/EE affecting all versions after 13.7 before 16.6.6, 16.7 prior to 16.7.4, and 16.8 prior to 16.8.1. Improper input sanitization of user name allows arbitrary ...
Continue Reading
February 01, 2024
Google-owned Mandiant said it identified new malware employed by a China-nexus espionage threat actor known as UNC5221 and other threat groups during post-exploitation activity targeting Ivanti Connec ...
Continue Reading
February 01, 2024
An issue has been discovered in GitLab CE/EE affecting all versions starting from 10.5 before 14.3.6, all versions starting from 14.4 before 14.4.4, all versions starting from 14.5 before 14.5.2. Unau ...
Continue Reading
February 01, 2024
Improper access control in the GraphQL API in GitLab CE/EE affecting all versions starting from 13.0 before 14.3.6, all versions starting from 14.4 before 14.4.4, all versions starting from 14.5 befor ...
Continue Reading
February 01, 2024
TensorFlow is an end-to-end open source platform for machine learning. In affected versions an attacker can trigger a crash via a CHECK-fail in debug builds of TensorFlow using tf.raw_ops.ResourceGath ...
Continue Reading
February 01, 2024
An information disclosure vulnerability in the GitLab CE/EE API since version 8.9.6 allows a user to see basic information on private groups that a public project has been shared...Read More ...
Continue Reading
February 01, 2024
Back to Main
