➠ CVE-2023-26486
Vega is a visualization grammar, a declarative format for creating, saving, and sharing interactive visualization designs. The Vega `scale` expression function has the ability to call arbitrary functions with a single controlled argument. The scale expression function passes a user supplied argument group to getScale, which is then used as if it were an internal context. The context.scales[name].value is accessed from group and called as a function back in scale. This can be exploited to escape the Vega expression sandbox in order to execute arbitrary JavaScript. This issue has been fixed in version 5.13.1....
Zur Startseite
➤ Ähnliche Beiträge für 'CVE-2023-26486'
The July 2023 Security Update Review
vom 930.94 Punkte
It’s the second Tuesday of the month, which means Adobe and Microsoft have released their latest security patches. Take a break from your regularly scheduled activities and join us as we review the details of their latest advisories. If you’d rat
The June 2023 Security Update Review
vom 762.57 Punkte
It’s the second Tuesday of the month, which means Adobe and Microsoft have released their latest security patches. Take a break from your regularly scheduled activities and join us as we review the details of their latest advisories. If you’d rat
The October 2023 Security Update Review
vom 758.16 Punkte
Twenty years ago this month, Microsoft introduced the concept of “Patch Tuesday” – although the marketing folks wanted it called “Update Tuesday” (they didn’t like the word “patch”). Over the years, more companies joined the Patch Tuesd
The April 2023 Security Update Review
vom 716.85 Punkte
It’s the second Tuesday of the month, which means Adobe and Microsoft (and others) have released their latest security patches. Take a break from your regularly scheduled activities and join us as we review the details of the latest offerings from Micros
The January 2023 Security Update Review
vom 699.06 Punkte
Welcome to the first patch Tuesday of the new year. As expected, Adobe and Microsoft have released their latest fixes and updates. Take a break from your regularly scheduled activities and join us as we review the details of their latest security offerings.A
The August 2023 Security Update Review
vom 655.58 Punkte
Greetings from hacker summer camp! Black Hat and DEFCON start this week, but let’s kick everything off with Patch Tuesday and the latest security offerings from Adobe and Microsoft. Take a break from your regularly scheduled activities and join us as
The November 2023 Security Update Review
vom 622.13 Punkte
It’s the penultimate second Tuesday of 2023, and Microsoft and Adobe have released their latest security patches into the crisp, fall air. Take a break from your scheduled activities and join us as we review the details of their latest advisories. If you’d
USN-3415-1: tcpdump vulnerabilities
vom 595.48 Punkte
Ubuntu Security Notice USN-3415-1
13th September, 2017
tcpdump vulnerabilities
A security issue affects these releases of Ubuntu and its
derivatives:
Ubuntu 17.04
Ubuntu 16.04 LTS
Ubuntu 14.04 LTS
Summary
Several security issues were fixe
USN-3415-2: tcpdump vulnerabilities
vom 595.48 Punkte
Ubuntu Security Notice USN-3415-2
13th September, 2017
tcpdump vulnerabilities
A security issue affects these releases of Ubuntu and its
derivatives:
Ubuntu 12.04 LTS
Summary
Several security issues were fixed in tcpdump
Software description
tcpdump
The March 2023 Security Update Review
vom 588.69 Punkte
Happy Pi Day, and welcome to the third patch Tuesday of 2023 and the final patch Tuesday before Pwn2Own Vancouver. Take a break from your regularly scheduled activities and join us as we review the details of the latest security offerings from Microso
The February 2023 Security Update Overview
vom 549.66 Punkte
Welcome to the second patch Tuesday of 2023. On this romantic holiday, Microsoft and Adobe have released their latest security patches as Valentine’s gifts for us all. Take a break from your regularly scheduled activities (or Pwn2Own Miami) and join us as we review the details of their latest security offerings.Adobe Patches for February
Build your own CMS using low-code
vom 533.56 Punkte
In this tutorial, We will build CMS(Content Management System) using the ToolJet which is a lowcode application development platform. The CMS can be used to perform CRUD operations to the MongoDB which is used as the database for the NextJS application.