CVE-2023-32310
DataEase is an open source data visualization and analysis tool. The API interface for DataEase delete dashboard and delete system messages is vulnerable to insecure direct object references (IDOR). This…
CVE-2023-32582
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Kyle Maurer Don8 plugin <=Â 0.4 versions.
In ‘Tears of the Kingdom,’ the Depths Are Where the Action Is
The latest entry in the Zelda series turns its prequel’s sandbox into more of a toybox, encouraging you to build, play, and discover.
Mathematicians Find Hidden Structure in a Common Type of Space
In 50 years of searching, mathematicians found only one example of a “subspace design” that fit their criteria. A new proof reveals that there are infinitely more.
CVE-2023-32324
OpenPrinting CUPS is an open source printing system. In versions 2.4.2 and prior, a heap buffer overflow vulnerability would allow a remote attacker to launch a denial of service (DoS)…
CVE-2023-32690
libspdm is a sample implementation that follows the DMTF SPDM specifications. Prior to versions 2.3.3 and 3.0, following a successful CAPABILITIES response, a libspdm Requester stores the Responder’s CTExponent into…
In ‘Tears of the Kingdom,’ the Depths Are Where the Action Is
The latest entry in the Zelda series turns its prequel’s sandbox into more of a toybox, encouraging you to build, play, and discover.
CVE-2023-32582
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Kyle Maurer Don8 plugin <=Â 0.4 versions.
Apple WWDC 2023: What to Expect for Software and Hardware
The Worldwide Developers Conference kicks off tomorrow. We break down the potential announcements ahead of the keynote.
CVE-2023-32706
On Splunk Enterprise versions below 9.0.5, 8.2.11, and 8.1.14, an unauthenticated attacker can send specially-crafted messages to the XML parser within SAML authentication to cause a denial of service in…