CCnews CampusCoin Student Feed Aggregator: Packet Storm Security

Packet Storm Security

+ Cacti 1.2.26 Remote Code Execution—Cacti versions 1.2.26 and below suffer from a remote code execution execution vulnerability in import.php.
+ SAP Cloud Connector 2.16.1 Missing Validation—SAP Cloud Connector versions 2.15.0 through 2.16.1 were found to happily accept self-signed TLS certificates between SCC and SAP BTP.
+ Zope 5.9 Command Injection—Zope version 5.9 suffers from a command injection vulnerability in /utilities/mkwsgiinstance.py.
+ Apple Security Advisory 05-13-2024-8—Apple Security Advisory 05-13-2024-8 - tvOS 17.5 addresses bypass and code execution vulnerabilities.
+ Apple Security Advisory 05-13-2024-7—Apple Security Advisory 05-13-2024-7 - watchOS 10.5 addresses bypass and code execution vulnerabilities.
+ Apple Security Advisory 05-13-2024-6—Apple Security Advisory 05-13-2024-6 - macOS Monterey 12.7.5 addresses an issue where a malicious application may be able to access Find My data.
+ Apple Security Advisory 05-13-2024-5—Apple Security Advisory 05-13-2024-5 - macOS Ventura 13.6.7 addresses bypass vulnerabilities.
+ Apple Security Advisory 05-08-2024-1—Apple Security Advisory 05-08-2024-1 - iTunes 12.13.2 for Windows addresses a code execution vulnerability.
+ Apple Security Advisory 05-13-2024-4—Apple Security Advisory 05-13-2024-4 - macOS Sonoma 14.5 addresses bypass and code execution vulnerabilities.
+ Apple Security Advisory 05-13-2024-3—Apple Security Advisory 05-13-2024-3 - iOS 16.7.8 and iPadOS 16.7.8 addresses bypass vulnerabilities.
+ Apple Security Advisory 05-13-2024-2—Apple Security Advisory 05-13-2024-2 - iOS 17.5 and iPadOS 17.5 addresses bypass and code execution vulnerabilities.
+ Apple Security Advisory 05-13-2024-1—Apple Security Advisory 05-13-2024-1 - Safari 17.5 addresses a bypass vulnerability.
+ Red Hat Security Advisory 2024-2846-03—Red Hat Security Advisory 2024-2846-03 - An update for kernel-rt is now available for Red Hat Enterprise Linux 9.2 Extended Update Support.
+ Red Hat Security Advisory 2024-2845-03—Red Hat Security Advisory 2024-2845-03 - An update for kernel is now available for Red Hat Enterprise Linux 9.2 Extended Update Support.
+ Red Hat Security Advisory 2024-2843-03—Red Hat Security Advisory 2024-2843-03 - An update for.NET 7.0 is now available for Red Hat Enterprise Linux 9. Issues addressed include a denial of s...
+ Red Hat Security Advisory 2024-2842-03—Red Hat Security Advisory 2024-2842-03 - An update for.NET 8.0 is now available for Red Hat Enterprise Linux 9. Issues addressed include a denial of s...
+ Red Hat Security Advisory 2024-2839-03—Red Hat Security Advisory 2024-2839-03 - An update for expat is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Issues address...
+ Slovakia's Prime Minister Fico Shot After Government Meeting— [Category: headline,government,terror]
+ Cerebral Valley Hackers Build $20 Open Source Smart Glasses— [Category: headline,hacker]
+ Santander Data Breach Impacts Customers, Employees— [Category: headline,hacker,privacy,bank,data loss]
+ Microsoft Warns Of Active Zero Day Exploitation, Patches 60 Windows Vulns— [Category: headline,microsoft,flaw,patch,zero day]
+ LockBit Ransomware Spread In Millions Of Emails Via Phorpiex Botnet— [Category: headline,malware,email,botnet]
+ FCC Names And Shames Royal Tiger AI Robocall Crew— [Category: headline,government,usa,cybercrime,fraud]
+ 400,000 Linux Servers Hit By Ebury Botnet— [Category: headline,hacker,malware,linux,password,backdoor]
+ Ubuntu Security Notice USN-6767-2—Ubuntu Security Notice 6767-2 - Chenyuan Yang discovered that the RDS Protocol implementation in the Linux kernel contained an out-of-bounds read vuln...
+ Ubuntu Security Notice USN-6772-1—Ubuntu Security Notice 6772-1 - Jan Schermer discovered that strongSwan incorrectly validated client certificates in certain configurations. A remote ...
+ CrushFTP Directory Traversal—CrushFTP versions prior to 11.1.0 suffers from a directory traversal vulnerability.
+ TrojanSpy.Win64.EMOTET.A MVID-2024-0684 Code Execution—TrojanSpy.Win64.EMOTET.A malware suffers from a code execution vulnerability.
+ Plantronics Hub 3.25.1 Arbitrary File Read—Plantronics Hub version 3.25.1 suffers from an arbitrary file read vulnerability.
+ Backdoor.Win32.AsyncRat MVID-2024-0683 Code Execution—Backdoor.Win32.AsyncRat malware suffers from a code execution vulnerability.
+ Apache mod_proxy_cluster Cross Site Scripting—Apache mod_proxy_cluster suffers from a cross site scripting vulnerability.
+ Red Hat Security Advisory 2024-2833-03—Red Hat Security Advisory 2024-2833-03 - An update to the images for Red Hat Integration - Service Registry is now available from the Red Hat Containe...
+ Chyrp 2.5.2 Cross Site Scripting—Chryp version 2.5.2 suffers from a persistent cross site scripting vulnerability.
+ Leafpub 1.1.9 Cross Site Scripting—Leafpub version 1.1.9 suffers from a persistent cross site scripting vulnerability.
+ Prison Management System Using PHP SQL Injection—Prison Management System Using PHP suffers from a remote SQL injection vulnerability that allows for authentication bypass.
+ Malicious PyPi Requests Fork Hides Backdoor In PNG File— [Category: headline,malware,backdoor]
+ Christie's Art Auctions Hit By A Cyber Attack— [Category: headline,hacker,britain]
+ Black Basta Ransomware Group Is Imperiling Critical Infrastructure— [Category: headline,hacker,malware,data loss,scada,cryptography]
+ NHS Digital Hints At Exploit Sightings Of Arcserve UDP Vulnerabilities— [Category: headline,hacker,britain,flaw]
+ Google, Apple Gear To Raise Tracking Tag Stalker Alarm— [Category: headline,privacy,phone,google,spyware,apple]
+ VMware Patches Vulnerabilities Exploited At Pwn2Own 2024— [Category: headline,flaw,patch,conference]
+ $2.5 Million Offered Up At Matrix Cup Chinese Hacking Contest— [Category: headline,hacker,china]
+ Zscaler Confirms Only Isolated Test Server Was Hacked— [Category: headline,hacker]
+ SAP Patches Critical Vulnerabilities In CX Commerce, NetWeaver— [Category: headline,flaw,patch]
+ Telegram CEO Calls Out Rival Signal, Claims It Has Ties With US Government— [Category: headline,government,privacy,phone,spyware,cryptography]
+ Debian Security Advisory 5688-1—Debian Linux Security Advisory 5688-1 - It was discovered that missing input sanitising in the Atril document viewer could result in writing arbitrary...
+ Debian Security Advisory 5687-1—Debian Linux Security Advisory 5687-1 - A security issue was discovered in Chromium, which could result in the execution of arbitrary code, denial of ...
+ Kemp LoadMaster Local sudo Privilege Escalation—This Metasploit module abuses a feature of the sudo command on Progress Kemp LoadMaster. Certain binary files are allowed to automatically elevate wit...
+ Gentoo Linux Security Advisory 202405-33—Gentoo Linux Security Advisory 202405-33 - Multiple vulnerabilities have been discovered in PoDoFo, the worst of which could lead to code execution. V...
+ Gentoo Linux Security Advisory 202405-32—Gentoo Linux Security Advisory 202405-32 - Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remo...
+ Gentoo Linux Security Advisory 202405-31—Gentoo Linux Security Advisory 202405-31 - A vulnerability has been discovered in Kubelet, which can lead to privilege escalation. Versions greater th...
+ Ubuntu Security Notice USN-6771-1—Ubuntu Security Notice 6771-1 - It was discovered that SQL parse incorrectly handled certain nested lists. An attacker could possibly use this issue t...
+ Panel.SmokeLoader MVID-2024-0682 Cross Site Request Forgery / Cross Site Scripting—Panel.SmokeLoader malware suffers from cross site request forgery, and cross site scripting vulnerabilities.
+ Panel.SmokeLoader MVID-2024-0681 Cross Site Scripting—Panel.SmokeLoader malware suffers from a cross site scripting vulnerability.
+ Esteghlal F.C. Cross Site Scripting—Esteghlal F.C.'s site suffers from a cross site scripting vulnerability.
+ Red Hat Security Advisory 2024-2822-03—Red Hat Security Advisory 2024-2822-03 - An update for the squid:4 module is now available for Red Hat Enterprise Linux 8.8 Extended Update Support. I...
+ Red Hat Security Advisory 2024-2821-03—Red Hat Security Advisory 2024-2821-03 - An update for bind and dhcp is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Updat...
+ Red Hat Security Advisory 2024-2820-03—Red Hat Security Advisory 2024-2820-03 - An update for varnish is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Issues addre...
+ Red Hat Security Advisory 2024-2817-03—Red Hat Security Advisory 2024-2817-03 - An update is now available for Red Hat OpenShift GitOps v1.10.5 for Argo CD UI and Console Plugin. Red Hat Pr...
+ Red Hat Security Advisory 2024-2816-03—Red Hat Security Advisory 2024-2816-03 - An update is now available for Red Hat OpenShift GitOps v1.12.2 for Argo CD UI and Console Plugin. Red Hat Pr...
+ Red Hat Security Advisory 2024-2815-03—Red Hat Security Advisory 2024-2815-03 - An update is now available for Red Hat OpenShift GitOps v1.11.4 for Argo CD UI and Console Plugin. Red Hat Pr...
+ Arm Mali 5th Gen Dangling ATE—In mmu_insert_pages_no_flush(), when a HUGE_HEAD page is mapped to a 2M aligned GPU address, this is done by creating an Address Translation Entry (AT...
+ NATO Draws A Cyber Red Line In Tensions With Russia— [Category: headline,government,usa,russia,cyberwar,military]
+ Dell Says Info Leaked After Hacker Claims Access To 49M Records— [Category: headline,hacker,data loss]
+ Ascension Making Progress After Ransomware Attack— [Category: headline,hacker,malware,cybercrime,data loss,cryptography]
+ Europol Confirms Incident Following Alleged Auction Of Staff Data— [Category: headline,hacker,government,privacy,data loss]
+ Ubuntu Security Notice USN-6770-1—Ubuntu Security Notice 6770-1 - USN-6729-1 fixed vulnerabilities in Apache HTTP Server. The update lead to the discovery of a regression in Fossil wit...
+ Ubuntu Security Notice USN-6769-1—Ubuntu Security Notice 6769-1 - Le Dinh Hai discovered that Spreadsheet::ParseXLSX did not properly manage memory during cell merge operations. An att...
+ Red Hat Security Advisory 2024-2799-03—Red Hat Security Advisory 2024-2799-03 - An update for glibc is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Issues address...
+ Red Hat Security Advisory 2024-2793-03—Red Hat Security Advisory 2024-2793-03 - An update for the nodejs:16 module is now available for Red Hat Enterprise Linux 8.6 Extended Update Support....
+ Red Hat Security Advisory 2024-2705-03—Red Hat Security Advisory 2024-2705-03 - An update is now available for Red Hat build of Quarkus.
+ Red Hat Security Advisory 2024-2672-03—Red Hat Security Advisory 2024-2672-03 - Red Hat OpenShift Container Platform release 4.14.24 is now available with updates to packages and images tha...
+ Red Hat Security Advisory 2024-2671-03—Red Hat Security Advisory 2024-2671-03 - Red Hat build of MicroShift release 4.14.24 is now available with updates to packages and images that fix sev...
+ Red Hat Security Advisory 2024-2669-03—Red Hat Security Advisory 2024-2669-03 - Red Hat OpenShift Container Platform release 4.15.12 is now available with updates to packages and images tha...
+ Red Hat Security Advisory 2024-2668-03—Red Hat Security Advisory 2024-2668-03 - Red Hat OpenShift Container Platform release 4.14.24 is now available with updates to packages and images tha...
+ Red Hat Security Advisory 2024-2667-03—Red Hat Security Advisory 2024-2667-03 - Red Hat build of MicroShift release 4.15.12 is now available with updates to packages and images that include...
+ Red Hat Security Advisory 2024-2666-03—Red Hat Security Advisory 2024-2666-03 - Red Hat OpenShift Container Platform release 4.14.24 is now available with updates to packages and images tha...
+ Red Hat Security Advisory 2024-2664-03—Red Hat Security Advisory 2024-2664-03 - Red Hat OpenShift Container Platform release 4.15.12 is now available with updates to packages and images tha...
+ 500,000 Impacted By Ohio Lottery Ransomware Attack— [Category: headline,hacker,malware,usa,cybercrime,cryptography]
+ MoD Contractor Hacked By China Failed To Report Breach For Months— [Category: headline,hacker,government,britain,china,cyberwar,military]
+ Ex-White House Election Threat Hunter Weighs In On What To Expect In November— [Category: headline,government,usa,russia,fraud,cyberwar]
+ FBI Working Towards Nabbing Scattered Spider Hackers, Official Says— [Category: headline,hacker,government,usa,fbi]
+ Leaked FBI Email Stresses Need For Warrantless Surveillance Of Americans— [Category: headline,government,privacy,usa,spyware,fbi]
+ Exploited Chrome Zero Day Patched By Google— [Category: headline,flaw,google,patch,chrome]
+ Cybersecurity Incident Impacts Operations At Ascension Hospitals— [Category: headline,hacker,privacy,malware,data loss]
+ World Warned To Prepare For Today's Severe Geomagnetic Storm, First In 20 Years— [Category: headline]
+ GhostStripe Attack Haunts Self-Driving Cars— [Category: headline,hacker,flaw]
+ Openmediavault Remote Code Execution / Local Privilege Escalation—Openmediavault versions prior to 7.0.32 have a vulnerability that occurs when users in the web-admin group enter commands on the crontab by selecting ...
+ RIOT 2024.01 Buffer Overflows / Lack Of Size Checks / Out-Of-Bound Access—RIOT versions 2024.01 and below suffers from multiple buffer overflows, ineffective size checks, and out-of-bounds memory access vulnerabilities.
+ I2P 2.5.1—I2P is an anonymizing network, offering a simple layer that identity-sensitive applications can use to securely communicate. All data is wrapped with ...
+ Zed Attack Proxy 2.15.0 Cross Platform Package—The Zed Attack Proxy (ZAP) is an easy to use integrated penetration testing tool for finding vulnerabilities in web applications. It is designed to be...
+ AIDE 0.18.8—AIDE (Advanced Intrusion Detection Environment) is a free replacement for Tripwire(tm). It generates a database that can be used to check the integrit...
+ Microsoft PlayReady Complete Client Identity Compromise—The Security Explorations team has come up with two attack scenarios that make it possible to extract private ECC keys used by a PlayReady client (Win...
+ Panel Amadey.d.c MVID-2024-0680 Cross Site Scripting—Panel Amadey.d.c malware suffers from cross site scripting vulnerabilities.
+ Clinic Queuing System 1.0 Remote Code Execution—Clinic Queuing System version 1.0 suffers from a remote code execution vulnerability.
+ Debian Security Advisory 5686-1—Debian Linux Security Advisory 5686-1 - Nick Galloway discovered an integer overflow in dav1d, a fast and small AV1 video stream decoder which could r...
+ Ubuntu Security Notice USN-6768-1—Ubuntu Security Notice 6768-1 - Alicia Boya García discovered that GLib incorrectly handled signal subscriptions. A local attacker could use this issu...
+ Debian Security Advisory 5684-1—Debian Linux Security Advisory 5684-1 - The following vulnerabilities have been discovered in the WebKitGTK web engine. Kacper Kwapisz discovered that...
+ Debian Security Advisory 5682-2—Debian Linux Security Advisory 5682-2 - The update for glib2.0 released as DSA 5682-1 caused a regression in ibus affecting text entry with non-trivia...
+ Debian Security Advisory 5685-1—Debian Linux Security Advisory 5685-1 - Several security vulnerabilities have been discovered in Wordpress, a popular content management framework, wh...
+ Debian Security Advisory 5683-1—Debian Linux Security Advisory 5683-1 - Security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of ...
+ Gentoo Linux Security Advisory 202405-29—Gentoo Linux Security Advisory 202405-29 - Multiple vulnerabilities have been discovered in Node.js. Versions greater than or equal to 16.20.2 are aff...
+ Gentoo Linux Security Advisory 202405-28—Gentoo Linux Security Advisory 202405-28 - Multiple vulnerabilities have been discovered in NVIDIA Drivers, the worst of which could result in root pr...
+ Gentoo Linux Security Advisory 202405-27—Gentoo Linux Security Advisory 202405-27 - A vulnerability has been discovered in Epiphany, which can lead to a buffer overflow. Versions greater than...
+ Gentoo Linux Security Advisory 202405-26—Gentoo Linux Security Advisory 202405-26 - Multiple vulnerabilities have been discovered in qtsvg, the worst of which could lead to a denial of servic...
+ Gentoo Linux Security Advisory 202405-25—Gentoo Linux Security Advisory 202405-25 - Multiple vulnerabilities have been discovered in MariaDB, the worst fo which can lead to arbitrary executio...
+ Gentoo Linux Security Advisory 202405-23—Gentoo Linux Security Advisory 202405-23 - A vulnerability has been discovered in U-Boot tools which can lead to execution of arbitrary code. Version...
+ Gentoo Linux Security Advisory 202405-22—Gentoo Linux Security Advisory 202405-22 - Multiple vulnerabilities have been discovered in rsync, the worst of which can lead to denial of service or...
+ Gentoo Linux Security Advisory 202405-21—Gentoo Linux Security Advisory 202405-21 - A vulnerability has been discovered in Commons-BeanUtils, which could lead to execution of arbitrary code. ...
+ Ubuntu Security Notice USN-6766-1—Ubuntu Security Notice 6766-1 - It was discovered that the Open vSwitch implementation in the Linux kernel could overflow its stack during recursive a...
+ Ubuntu Security Notice USN-6767-1—Ubuntu Security Notice 6767-1 - Chenyuan Yang discovered that the RDS Protocol implementation in the Linux kernel contained an out-of-bounds read vuln...
+ Debian Security Advisory 5682-1—Debian Linux Security Advisory 5682-1 - Alicia Boya Garcia reported that the GDBus signal subscriptions in the GLib library are prone to a spoofing vu...
+ AWS CloudQuarry: Digging For Secrets In Public AMIs— [Category: headline,amazon,data loss,flaw,password]
+ LockBit Takes Credit For City Of Wichita Ransomware Attack— [Category: headline,malware,cybercrime,cryptography]
+ UK Armed Forces' Personal Data Hacked In MoD Breach— [Category: headline,privacy,britain,data loss,cyberwar,military]
+ TunnelVision DHCP Flaw Lets Attackers Bypass VPNs, Redirect Traffic— [Category: headline,privacy,flaw]
+ Zscaler Investigates Hacking Claims After Data Offered For Sale— [Category: headline,hacker,flaw]
+ Critical Vulnerabilities In BIG-IP Appliances Leave Big Networks Open To Intrusion— [Category: headline,hacker,flaw]
+ One Year On, Universities Org Admits MOVEit Attack Hit Data Of 800k People— [Category: headline,privacy,data loss,flaw]
+ AIDE 0.18.7—AIDE (Advanced Intrusion Detection Environment) is a free replacement for Tripwire(tm). It generates a database that can be used to check the integrit...
+ Systemd Insecure PTY Handling—Systemd-run/run0 allocates user-owned ptys and attaches the slave to high privilege programs without changing ownership or locking the pty slave.
+ Microsoft PlayReady Toolkit—The Microsoft PlayReady toolkit assists with fake client device identity generation, acquisition of license and content keys for encrypted content, an...
+ Docker Privileged Container Kernel Escape—This Metasploit module performs a container escape onto the host as the daemon user. It takes advantage of the SYS_MODULE capability. If that exists a...
+ Gentoo Linux Security Advisory 202405-16—Gentoo Linux Security Advisory 202405-16 - A vulnerability has been discovered in Apache Commons BCEL, which can lead to remote code execution. Versio...
+ Gentoo Linux Security Advisory 202405-15—Gentoo Linux Security Advisory 202405-15 - Multiple vulnerabilities have been discovered in Mozilla Firefox, the worst of which can lead to remote cod...
+ Gentoo Linux Security Advisory 202405-14—Gentoo Linux Security Advisory 202405-14 - Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to remote code ...
+ Gentoo Linux Security Advisory 202405-13—Gentoo Linux Security Advisory 202405-13 - A vulnerability has been discovered in borgmatic, which can lead to shell injection. Versions greater than ...
+ Gentoo Linux Security Advisory 202405-12—Gentoo Linux Security Advisory 202405-12 - Multiple vulnerabilities have been discovered in Pillow, the worst of which can lead to arbitrary code exec...
+ Gentoo Linux Security Advisory 202405-11—Gentoo Linux Security Advisory 202405-11 - Multiple vulnerabilities have been discovered in MIT krb5, the worst of which could lead to remote code exe...
+ Gentoo Linux Security Advisory 202405-10—Gentoo Linux Security Advisory 202405-10 - A vulnerability has been discovered in Setuptools, which can lead to denial of service. Versions greater th...
+ Gentoo Linux Security Advisory 202405-09—Gentoo Linux Security Advisory 202405-9 - Multiple vulnerabilities have been found in MediaInfo and MediaInfoLib, the worst of which could allow user-...
+ Gentoo Linux Security Advisory 202405-08—Gentoo Linux Security Advisory 202405-8 - Multiple vulnerabilities have been discovered in strongSwan, the worst of which could possibly lead to remot...
+ Gentoo Linux Security Advisory 202405-07—Gentoo Linux Security Advisory 202405-7 - Multiple vulnerabilities have been discovered in HTMLDOC, the worst of which can lead to arbitrary code exec...
+ Gentoo Linux Security Advisory 202405-06—Gentoo Linux Security Advisory 202405-6 - Multiple vulnerabilities have been discovered in mujs, the worst of which could lead to remote code executio...
+ Gentoo Linux Security Advisory 202405-05—Gentoo Linux Security Advisory 202405-5 - Multiple vulnerabilities have been discovered in MPlayer, the worst of which can lead to arbitrary code exec...
+ Debian Security Advisory 5679-1—Debian Linux Security Advisory 5679-1 - Several vulnerabilities were discovered in less, a file pager, which may result in the execution of arbitrary ...
+ Debian Security Advisory 5678-1—Debian Linux Security Advisory 5678-1 - Several vulnerabilities were discovered in nscd, the Name Service Cache Daemon in the GNU C library which may ...
+ Debian Security Advisory 5677-1—Debian Linux Security Advisory 5677-1 - Several vulnerabilities have been discovered in the interpreter for the Ruby language, which may result in inf...
+ Live2D Cubism Heap Corruption—Live2D Cubism suffers from a heap corruption vulnerability.
+ Gentoo Linux Security Advisory 202405-04—Gentoo Linux Security Advisory 202405-4 - Multiple vulnerabilities have been discovered in systemd, the worst of which can lead to a denial of service...
+ Gentoo Linux Security Advisory 202405-03—Gentoo Linux Security Advisory 202405-3 - A vulnerability has been discovered in Dalli, which can lead to code injection. Versions greater than or equ...
+ Red Hat Security Advisory 2024-2700-03—Red Hat Security Advisory 2024-2700-03 - An update for varnish is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Issues addre...
+ Red Hat Security Advisory 2024-2699-03—Red Hat Security Advisory 2024-2699-03 - An update for git-lfs is now available for Red Hat Enterprise Linux 8. Issues addressed include a denial of s...
+ Gentoo Linux Security Advisory 202405-02—Gentoo Linux Security Advisory 202405-2 - Multiple vulnerabilities have been discovered in ImageMagick, the worst of which can lead to remote code exe...
+ RSA Conference 2024: What To Expect— [Category: headline,conference]
+ MS Overhauls Cybersecurity Strategy After Scathing CSRB Report— [Category: headline,hacker,government,microsoft,usa,data loss]
+ US Says North Korean Hackers Exploiting Weak DMARC Settings— [Category: headline,hacker,government,email,flaw,cyberwar,north korea]
+ Iranian Cyberspies Hit Targets With New Backdoors— [Category: headline,hacker,government,spyware,iran,backdoor]
+ Ubuntu Security Notice USN-6757-2—Ubuntu Security Notice 6757-2 - USN-6757-1 fixed vulnerabilities in PHP. Unfortunately these fixes were incomplete for Ubuntu 20.04 LTS, Ubuntu 22.04 ...
+ Ubuntu Security Notice USN-6762-1—Ubuntu Security Notice 6762-1 - It was discovered that GNU C Library incorrectly handled netgroup requests. An attacker could possibly use this issue ...
+ SOPlanning 1.52.00 SQL Injection—SOPlanning version 1.52.00 suffers from a remote SQL injection vulnerability in projects.php.
+ SOPlanning 1.52.00 Cross Site Request Forgery—SOPlanning version 1.52.00 suffers from a cross site request forgery vulnerability in xajax_server.php.
+ SOPlanning 1.52.00 Cross Site Scripting—SOPlanning version 1.52.00 suffers from a cross site scripting vulnerability in groupe_save.php.
+ Red Hat Security Advisory 2024-2679-03—Red Hat Security Advisory 2024-2679-03 - An update for libxml2 is now available for Red Hat Enterprise Linux 9. Issues addressed include a use-after-f...
+ Red Hat Security Advisory 2024-2674-03—Red Hat Security Advisory 2024-2674-03 - An update for kernel is now available for Red Hat Enterprise Linux 8.6 Extended Update Support.
+ Red Hat Security Advisory 2024-2071-03—Red Hat Security Advisory 2024-2071-03 - Red Hat OpenShift Container Platform release 4.15.11 is now available with updates to packages and images tha...
+ Red Hat Security Advisory 2024-2068-03—Red Hat Security Advisory 2024-2068-03 - Red Hat OpenShift Container Platform release 4.15.11 is now available with updates to packages and images tha...
+ Red Hat Security Advisory 2024-2054-03—Red Hat Security Advisory 2024-2054-03 - Red Hat OpenShift Container Platform release 4.14.23 is now available with updates to packages and images tha...
+ Red Hat Security Advisory 2024-2049-03—Red Hat Security Advisory 2024-2049-03 - Red Hat OpenShift Container Platform release 4.13.41 is now available with updates to packages and images tha...
+ Botnet Disrupted By FBI Still Used By Russian Spies, Cybercriminals— [Category: headline,government,usa,russia,cybercrime,botnet,cyberwar,spyware,fbi]
+ Lessons From LOCKED SHIELDS 2024 Cyber Exercise— [Category: headline,government,cyberwar]
+ Microsoft, Google Do A Victory Lap Around Passkeys— [Category: headline,microsoft,google,password]
+ Indonesia Sneakily Buys Spyware, Claims Amnesty International— [Category: headline,government,privacy,spyware,indonesia]
+ Europol Op Shutters 12 Scam Call Centers And Cuffs 21 Suspected Fraudsters— [Category: headline,government,phone,fraud]
+ Debian Security Advisory 5676-1—Debian Linux Security Advisory 5676-1 - Security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of ...
+ Ubuntu Security Notice USN-6747-2—Ubuntu Security Notice 6747-2 - USN-6747-1 fixed vulnerabilities in Firefox. The update introduced several minor regressions. This update fixes the pr...
+ htmlLawed 1.2.5 Remote Command Execution—htmlLawed versions 1.2.5 and below proof of concept remote command execution exploit.
+ Red Hat Security Advisory 2024-2651-03—Red Hat Security Advisory 2024-2651-03 - An update for the nodejs:16 module is now available for Red Hat Enterprise Linux 8.8 Extended Update Support....
+ Red Hat Security Advisory 2024-2645-03—Red Hat Security Advisory 2024-2645-03 - An update for podman is now available for Red Hat Enterprise Linux 9.2 Extended Update Support.
+ 1,400 GitLab Servers Impacted By Exploited Vulnerability— [Category: headline,hacker,data loss,flaw]
+ Hackers Compromised Dropbox eSignature Service— [Category: headline,hacker,flaw]
+ Hacker Free-For-All Fights For Control Of Home And Office Routers Everywhere— [Category: headline,hacker,microsoft,email,spam,botnet]
+ REvil Ransomware Scum Gets 14 Years, $16 Million Fine— [Category: headline,hacker,malware,cybercrime,fraud,cryptography,ukraine]
+ Here's Your Chance To Own A Decommissioned US Government Supercomputer— [Category: headline,government,usa]
+ Packet Storm New Exploits For April, 2024—This archive contains all of the 132 exploits added to Packet Storm in April, 2024.
+ Ubuntu Security Notice USN-6760-1—Ubuntu Security Notice 6760-1 - George-Andrei Iosif and David Fernandez Gonzalez discovered that Gerbv did not properly initialize a data structure wh...
+ Kernel Live Patch Security Notice LSN-0103-1—Lonial Con discovered that the netfilter subsystem in the Linux kernel contained a memory leak when handling certain element flush operations. A local...
+ Microsoft PlayReady Cryptography Weakness—There is yet another attack possible against Protected Media Path process beyond the one involving two global XOR keys. The new attack may also result...
+ Online Tours And Travels Management System 1.0 SQL Injection—Online Tours and Travels Management System version 1.0 suffers from a remote SQL injection vulnerability.
+ Qantas App Glitch Sees Boarding Passes Fly To Other Accounts— [Category: headline,privacy,data loss,flaw]
+ Adobe Adds Content Credentials And Firefly To Bug Bounty Program— [Category: headline,flaw,adobe]
+ Google Boosts Bug Bounty Payouts Tenfold In Mobile App Security Push— [Category: headline,flaw,google]
+ London Drugs Pharmacy Closes All Stores To Respond To Cyber Incident— [Category: headline,hacker,privacy,britain,data loss]
+ China's Attacks On Critical Infrastructure Tip Of Iceberg— [Category: headline,government,usa,china,cyberwar,scada]
+ Red Hat Security Advisory 2024-2639-03—Red Hat Security Advisory 2024-2639-03 - The Migration Toolkit for Containers 1.7.15 is now available.
+ Red Hat Security Advisory 2024-2633-03—Red Hat Security Advisory 2024-2633-03 - Updated container image for Red Hat Ceph Storage 6.1 is now available in the Red Hat Ecosystem Catalog.
+ Red Hat Security Advisory 2024-2631-03—Red Hat Security Advisory 2024-2631-03 - An update is now available for Red Hat Ceph Storage 6.1 in the Red Hat Ecosystem Catalog.
+ Red Hat Security Advisory 2024-2628-03—Red Hat Security Advisory 2024-2628-03 - An update for kernel-rt is now available for Red Hat Enterprise Linux 9.2 Extended Update Support.
+ Red Hat Security Advisory 2024-2627-03—Red Hat Security Advisory 2024-2627-03 - An update for kernel is now available for Red Hat Enterprise Linux 9.2 Extended Update Support.
+ Red Hat Security Advisory 2024-2625-03—Red Hat Security Advisory 2024-2625-03 - An update for rhc-worker-script is now available for Red Hat Enterprise Linux 7. Issues addressed include a d...
+ Red Hat Security Advisory 2024-2624-03—Red Hat Security Advisory 2024-2624-03 - Red Hat Enterprise Linux 8.2 Advanced Update Support, Red Hat Enterprise Linux 8.2 Update Services for SAP So...
+ Red Hat Security Advisory 2024-2621-03—Red Hat Security Advisory 2024-2621-03 - An update for kernel is now available for Red Hat Enterprise Linux 8.8 Extended Update Support. Issues addres...
+ Red Hat Security Advisory 2024-2619-03—Red Hat Security Advisory 2024-2619-03 - An update for rh-mysql80-mysql is now available for Red Hat Software Collections.
+ Red Hat Security Advisory 2024-2616-03—Red Hat Security Advisory 2024-2616-03 - An update for tigervnc is now available for Red Hat Enterprise Linux 9.
+ Red Hat Security Advisory 2024-2587-03—Red Hat Security Advisory 2024-2587-03 - An update for unbound is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Supp...
+ Red Hat Security Advisory 2024-2586-03—Red Hat Security Advisory 2024-2586-03 - An update for the container-tools:3.0 module is now available for Red Hat Enterprise Linux 8.4 Advanced Missi...
+ Red Hat Security Advisory 2024-2585-03—Red Hat Security Advisory 2024-2585-03 - An update for kernel-rt is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Su...
+ Red Hat Security Advisory 2024-2584-03—Red Hat Security Advisory 2024-2584-03 - An update for pcs is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support,...
+ Red Hat Security Advisory 2024-2583-03—Red Hat Security Advisory 2024-2583-03 - An update for linux-firmware is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Upda...
+ Red Hat Security Advisory 2024-2582-03—Red Hat Security Advisory 2024-2582-03 - An update for kernel is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Suppo...
+ Red Hat Security Advisory 2024-2581-03—Red Hat Security Advisory 2024-2581-03 - An update for pcs is now available for Red Hat Enterprise Linux 8.8 Extended Update Support. Issues addressed...
+ Red Hat Security Advisory 2024-2580-03—Red Hat Security Advisory 2024-2580-03 - An update for yajl is now available for Red Hat Enterprise Linux 8.8 Extended Update Support. Issues addresse...
+ Red Hat Security Advisory 2024-2577-03—Red Hat Security Advisory 2024-2577-03 - An update for shadow-utils is now available for Red Hat Enterprise Linux 8.8 Extended Update Support.
+ Red Hat Security Advisory 2024-2575-03—Red Hat Security Advisory 2024-2575-03 - An update for expat is now available for Red Hat Enterprise Linux 8. Issues addressed include a denial of ser...
+ Windows PspBuildCreateProcessContext Double-Fetch / Buffer Overflow—Proof of concept code that demonstrates how the Windows kernel suffers from a privilege escalation vulnerability due to a double-fetch in PspBuildCrea...
+ Windows NtQueryInformationThread Double-Fetch / Arbitrary Write—Proof of concept code that demonstrates how the Windows kernel suffers from a privilege escalation vulnerability due to a double-fetch in NtQueryInfor...
+ undefinedExploiting The NT Kernel In 24H2undefined—This is the full Windows privilege escalation exploit produced from the blog Exploiting the NT Kernel in 24H2: New Bugs in Old Code and Side Channels ...
+ osCommerce 4 Cross Site Scripting—osCommerce version 4 suffers from a cross site scripting vulnerability. Original discovery of cross site scripting in this version is attributed to Cr...
+ Ubuntu Security Notice USN-6758-1—Ubuntu Security Notice 6758-1 - It was discovered that the JSON5 parse method incorrectly handled the parsing of keys named __proto__. An attacker cou...
+ Ubuntu Security Notice USN-6761-1—Ubuntu Security Notice 6761-1 - It was discovered that Anope did not properly process credentials for suspended accounts. An attacker could possibly u...
+ Ubuntu Security Notice USN-6759-1—Ubuntu Security Notice 6759-1 - It was discovered that FreeRDP incorrectly handled certain memory operations. If a user were tricked into connecting t...
+ Ubuntu Security Notice USN-6757-1—Ubuntu Security Notice 6757-1 - It was discovered that PHP incorrectly handled PHP_CLI_SERVER_WORKERS variable. An attacker could possibly use this is...
+ Red Hat Security Advisory 2024-2528-03—Red Hat Security Advisory 2024-2528-03 - An update for mingw-glib2 is now available for Red Hat Enterprise Linux 9.
+ Red Hat Security Advisory 2024-2525-03—Red Hat Security Advisory 2024-2525-03 - An update for mingw-pixman is now available for Red Hat Enterprise Linux 9. Issues addressed include integer ...
+ Red Hat Security Advisory 2024-2517-03—Red Hat Security Advisory 2024-2517-03 - An update for wpa_supplicant is now available for Red Hat Enterprise Linux 9. Issues addressed include a bypa...
+ Red Hat Security Advisory 2024-2512-03—Red Hat Security Advisory 2024-2512-03 - An update for file is now available for Red Hat Enterprise Linux 9. Issues addressed include a buffer over-re...
+ Red Hat Security Advisory 2024-2504-03—Red Hat Security Advisory 2024-2504-03 - An update for libssh is now available for Red Hat Enterprise Linux 9.
+ Red Hat Security Advisory 2024-2483-03—Red Hat Security Advisory 2024-2483-03 - An update for traceroute is now available for Red Hat Enterprise Linux 9.
+ Red Hat Security Advisory 2024-2463-03—Red Hat Security Advisory 2024-2463-03 - An update for systemd is now available for Red Hat Enterprise Linux 9.
+ Red Hat Security Advisory 2024-2456-03—Red Hat Security Advisory 2024-2456-03 - An update for grub2 is now available for Red Hat Enterprise Linux 9. Issues addressed include code execution,...
+ Red Hat Security Advisory 2024-2447-03—Red Hat Security Advisory 2024-2447-03 - An update for openssl and openssl-fips-provider is now available for Red Hat Enterprise Linux 9. Issues addre...
+ Red Hat Security Advisory 2024-2438-03—Red Hat Security Advisory 2024-2438-03 - An update for pam is now available for Red Hat Enterprise Linux 9.
+ Red Hat Security Advisory 2024-2437-03—Red Hat Security Advisory 2024-2437-03 - An update for exfatprogs is now available for Red Hat Enterprise Linux 9.
+ Red Hat Security Advisory 2024-2433-03—Red Hat Security Advisory 2024-2433-03 - An update for avahi is now available for Red Hat Enterprise Linux 9.
+ Red Hat Security Advisory 2024-2410-03—Red Hat Security Advisory 2024-2410-03 - An update for harfbuzz is now available for Red Hat Enterprise Linux 9.
+ Red Hat Security Advisory 2024-2396-03—Red Hat Security Advisory 2024-2396-03 - An update for squashfs-tools is now available for Red Hat Enterprise Linux 9. Issues addressed include a trav...
+ Red Hat Security Advisory 2024-2394-03—Red Hat Security Advisory 2024-2394-03 - An update for kernel is now available for Red Hat Enterprise Linux 9. Issues addressed include code execution...
+ Red Hat Security Advisory 2024-2387-03—Red Hat Security Advisory 2024-2387-03 - An update for mod_jk and mod_proxy_cluster is now available for Red Hat Enterprise Linux 9. Issues addressed ...
+ Red Hat Security Advisory 2024-2377-03—Red Hat Security Advisory 2024-2377-03 - An update for zziplib is now available for Red Hat Enterprise Linux 9.
+ Defending Infrastructure, Securing Systems Key To CISA's New AI Guidelines— [Category: headline,government,usa]
+ Apple's Incredibly Private Safari Is Not So Private In Europe— [Category: headline,privacy,flaw,apple]
+ Hacker Jailed For Blackmailing Therapy Patients— [Category: headline,hacker,privacy,cybercrime,data loss,fraud,finland]
+ UK Outlaws Awful Default Passwords On Connected Devices— [Category: headline,government,britain,password]
+ Vulnerability In R Programming Language Could Fuel Supply Chain Attacks— [Category: headline,flaw]
+ FCC Fines Wireless Carriers For Sharing User Locations Without Consent— [Category: headline,government,privacy,usa,phone]
+ Kemp LoadMaster Unauthenticated Command Injection—This Metasploit module exploits an unauthenticated command injection vulnerability in Progress Kemp LoadMaster in the authorization header after versi...
+ Debian Security Advisory 5675-1—Debian Linux Security Advisory 5675-1 - Security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of ...
+ Doctor Appointment Management System 1.0 Cross Site Scripting—Doctor Appointment Management System version 1.0 suffers from a cross site scripting vulnerability.
+ Ubuntu Security Notice USN-6744-3—Ubuntu Security Notice 6744-3 - USN-6744-1 fixed a vulnerability in Pillow. This update provides the corresponding updates for Ubuntu 24.04 LTS. Hugo ...
+ Ubuntu Security Notice USN-6734-2—Ubuntu Security Notice 6734-2 - USN-6734-1 fixed vulnerabilities in libvirt. This update provides the corresponding updates for Ubuntu 24.04 LTS. Alex...
+ Ubuntu Security Notice USN-6733-2—Ubuntu Security Notice 6733-2 - USN-6733-1 fixed vulnerabilities in GnuTLS. This update provides the corresponding updates for Ubuntu 24.04 LTS. It wa...
+ Ubuntu Security Notice USN-6718-3—Ubuntu Security Notice 6718-3 - USN-6718-1 fixed vulnerabilities in curl. This update provides the corresponding updates for Ubuntu 24.04 LTS. Dan Fan...
+ Ubuntu Security Notice USN-6729-3—Ubuntu Security Notice 6729-3 - USN-6729-1 fixed vulnerabilities in Apache HTTP Server. This update provides the corresponding updates for Ubuntu 24.0...
+ Ubuntu Security Notice USN-6737-2—Ubuntu Security Notice 6737-2 - USN-6737-1 fixed a vulnerability in the GNU C Library. This update provides the corresponding update for Ubuntu 24.04 ...
+ Ubuntu Security Notice USN-6756-1—Ubuntu Security Notice 6756-1 - It was discovered that less mishandled newline characters in file names. If a user or automated system were tricked in...
+ Ubuntu Security Notice USN-6755-1—Ubuntu Security Notice 6755-1 - Ingo Brückl discovered that cpio contained a path traversal vulnerability. If a user or automated system were tricked ...
+ ESET NOD32 Antivirus 17.1.11.0 Unquoted Service Path—ESET NOD32 Antivirus version 17.1.11.0 suffers from an unquoted service path vulnerability.
+ Red Hat Security Advisory 2024-2098-03—Red Hat Security Advisory 2024-2098-03 - An update for the container-tools:rhel8 module is now available for Red Hat Enterprise Linux 8.
+ Red Hat Security Advisory 2024-2097-03—Red Hat Security Advisory 2024-2097-03 - An update for the container-tools:4.0 module is now available for Red Hat Enterprise Linux 8.6 Extended Updat...
+ Red Hat Security Advisory 2024-2088-03—Red Hat Security Advisory 2024-2088-03 - An update is now available for the Red Hat build of Cryostat 2 on RHEL 8. Issues addressed include denial of ...
+ Red Hat Security Advisory 2024-2086-03—Red Hat Security Advisory 2024-2086-03 - An update for shim is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Issues addresse...
+ Red Hat Security Advisory 2024-2079-03—Red Hat Security Advisory 2024-2079-03 - An update for git-lfs is now available for Red Hat Enterprise Linux 9. Issues addressed include a denial of s...
+ Red Hat Security Advisory 2024-2077-03—Red Hat Security Advisory 2024-2077-03 - An update for the container-tools:rhel8 module is now available for Red Hat Enterprise Linux 8.8 Extended Upd...
+ Red Hat Security Advisory 2024-1897-03—Red Hat Security Advisory 2024-1897-03 - Red Hat OpenShift Container Platform release 4.14.22 is now available with updates to packages and images tha...
+ Red Hat Security Advisory 2024-1891-03—Red Hat Security Advisory 2024-1891-03 - Red Hat OpenShift Container Platform release 4.14.22 is now available with updates to packages and images tha...
+ OpenAI's ChatGPT Targeted In Austrian Privacy Complaint— [Category: headline,government,privacy]
+ Okta Warns Of Credential Stuffing Attacks Using Tor, Residential Proxies— [Category: headline,hacker,password,identity theft,phish]
+ Watchdog Reveals Google Privacy Sandbox Worries— [Category: headline,privacy,flaw,google]
+ Meta To Face EU Probe For Not Doing Enough To Stop Russian Disinformation— [Category: headline,government,russia,fraud,facebook,social]
+ Ten Years Of Heartbleed: Lessons Learned— [Category: headline,hacker,privacy,data loss,flaw,backdoor]
+ Kaiser Permanente Notifies 13.4M Patients Of Data Exposure— [Category: headline,hacker,privacy,data loss]
+ The Not-So-Silent Type—Whitepaper called The not-so-silent type - Vulnerabilities across keyboard apps reveal keystrokes to network eavesdroppers.
+ Ubuntu Security Notice USN-6754-1—Ubuntu Security Notice 6754-1 - It was discovered that nghttp2 incorrectly handled the HTTP/2 implementation. A remote attacker could possibly use thi...
+ Ubuntu Security Notice USN-6753-1—Ubuntu Security Notice 6753-1 - Thomas Neil James Shadwell discovered that CryptoJS was using an insecure cryptographic default configuration. A remot...
+ Debian Security Advisory 5674-1—Debian Linux Security Advisory 5674-1 - It was discovered that PDNS Recursor, a resolving name server, was susceptible to denial of service if recursi...
+ Ubuntu Security Notice USN-6751-1—Ubuntu Security Notice 6751-1 - It was discovered that Zabbix incorrectly handled input data in the discovery and graphs pages. A remote authenticated...
+ Ubuntu Security Notice USN-6752-1—Ubuntu Security Notice 6752-1 - It was discovered that FreeRDP incorrectly handled certain memory operations. If a user were tricked into connecting t...
+ Red Hat Security Advisory 2024-2066-03—Red Hat Security Advisory 2024-2066-03 - An update for buildah is now available for Red Hat Enterprise Linux 9.0 Extended Update Support.
+ Red Hat Security Advisory 2024-2064-03—Red Hat Security Advisory 2024-2064-03 - An update for buildah is now available for Red Hat Enterprise Linux 9.2 Extended Update Support.
+ Red Hat Security Advisory 2024-2063-03—Red Hat Security Advisory 2024-2063-03 - An update for yajl is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Issues addresse...
+ Red Hat Security Advisory 2024-2062-03—Red Hat Security Advisory 2024-2062-03 - An update is now available for Service Telemetry Framework 1.5.4 for RHEL 9. Issues addressed include a denia...
+ Red Hat Security Advisory 2024-1899-03—Red Hat Security Advisory 2024-1899-03 - Red Hat OpenShift Container Platform release 4.12.56 is now available with updates to packages and images tha...
+ Red Hat Security Advisory 2024-1896-03—Red Hat Security Advisory 2024-1896-03 - Red Hat OpenShift Container Platform release 4.12.56 is now available with updates to packages and images tha...
+ Red Hat Security Advisory 2024-1892-03—Red Hat Security Advisory 2024-1892-03 - Red Hat OpenShift Container Platform release 4.15.10 is now available with updates to packages and images tha...
+ Red Hat Security Advisory 2024-1887-03—Red Hat Security Advisory 2024-1887-03 - Red Hat OpenShift Container Platform release 4.15.10 is now available with updates to packages and images tha...
+ Powerful Brokewell Android Trojan Allows Device Takeover— [Category: headline,privacy,malware,phone,trojan,data loss,flaw,google,backdoor]
+ Over 1,400 CrushFTP Instances Vulnerable To Exploited 0-Day— [Category: headline,hacker,data loss,flaw]
+ Millions Of IPs Remain Infected By USB Worm Years After Its Creators Left It For Dead— [Category: headline,malware,backdoor]
+ 750 Million Vulnerable To Snooping From Chinese Keyboard Apps— [Category: headline,privacy,china,data loss,flaw]
+ Ubuntu Security Notice USN-6750-1—Ubuntu Security Notice 6750-1 - Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted websi...
+ Ubuntu Security Notice USN-6743-3—Ubuntu Security Notice 6743-3 - Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the sy...
+ Ubuntu Security Notice USN-6657-2—Ubuntu Security Notice 6657-2 - USN-6657-1 fixed several vulnerabilities in Dnsmasq. This update provides the corresponding update for Ubuntu 16.04 LT...
+ Ubuntu Security Notice USN-6749-1—Ubuntu Security Notice 6749-1 - It was discovered that FreeRDP incorrectly handled certain context resets. If a user were tricked into connecting to a...
+ Red Hat Security Advisory 2024-2060-03—Red Hat Security Advisory 2024-2060-03 - Red Hat OpenShift Virtualization release 4.14.5 is now available with updates to packages and images that fix...
+ Red Hat Security Advisory 2024-2055-03—Red Hat Security Advisory 2024-2055-03 - An update for buildah is now available for Red Hat Enterprise Linux 9.
+ Red Hat Security Advisory 2024-2045-03—Red Hat Security Advisory 2024-2045-03 - An update for unbound is now available for Red Hat Enterprise Linux 8.6 Extended Update Support.
+ Red Hat Security Advisory 2024-2044-03—Red Hat Security Advisory 2024-2044-03 - An update for gnutls is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Issues addres...
+ Red Hat Security Advisory 2024-2042-03—Red Hat Security Advisory 2024-2042-03 - An update for tigervnc is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Sup...
+ Red Hat Security Advisory 2024-2041-03—Red Hat Security Advisory 2024-2041-03 - An update for tigervnc is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support, Red Hat Ent...
+ Red Hat Security Advisory 2024-2040-03—Red Hat Security Advisory 2024-2040-03 - An update for tigervnc is now available for Red Hat Enterprise Linux 9.2 Extended Update Support.
+ Red Hat Security Advisory 2024-2039-03—Red Hat Security Advisory 2024-2039-03 - An update for tigervnc is now available for Red Hat Enterprise Linux 8.6 Extended Update Support.
+ Red Hat Security Advisory 2024-2038-03—Red Hat Security Advisory 2024-2038-03 - An update for tigervnc is now available for Red Hat Enterprise Linux 8.8 Extended Update Support.
+ Red Hat Security Advisory 2024-2037-03—Red Hat Security Advisory 2024-2037-03 - An update for tigervnc is now available for Red Hat Enterprise Linux 8.
+ Red Hat Security Advisory 2024-2036-03—Red Hat Security Advisory 2024-2036-03 - An update for tigervnc is now available for Red Hat Enterprise Linux 9.0 Extended Update Support.
+ PowerVR PMRMMapPMR() Writability Check—PowerVR has a security issue where a writability check in PMRMMapPMR() does not clear VM_MAYWRITE.
+ Nation-State Hackers Exploit Cisco Firewall Zero Days To Backdoor Government Networks— [Category: headline,hacker,government,cyberwar,cisco,backdoor]
+ FTC Sending $5.6 Million To Ring Customers Over Security Failures— [Category: headline,government,privacy,usa,amazon,flaw]
+ Palo Alto Networks Shares Remediation Advice— [Category: headline,flaw]
+ Russia, Iran Pose Most Aggressive Threat To 2024 Election— [Category: headline,government,usa,russia,fraud,cyberwar,iran]
+ Apache Solr Backup/Restore API Remote Code Execution—Apache Solr versions 6.0.0 through 8.11.2 and versions 9.0.0 up to 9.4.1 are affected by an unrestricted file upload vulnerability which can result in...
+ Ubuntu Security Notice USN-6748-1—Ubuntu Security Notice 6748-1 - It was discovered that Sanitize incorrectly handled noscript elements under certain circumstances. An attacker could p...
+ Ubuntu Security Notice USN-6747-1—Ubuntu Security Notice 6747-1 - Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, ...
+ Ubuntu Security Notice USN-6742-2—Ubuntu Security Notice 6742-2 - Daniele Antonioli discovered that the Secure Simple Pairing and Secure Connections pairing in the Bluetooth protocol c...
+ Relate Learning And Teaching System SSTI / Remote Code Execution—Relate Learning and Teaching System versions prior to 2024.1 suffers from a server-side template injection vulnerability that leads to remote code exe...
+ Nginx 1.25.5 Host Header Validation—Nginx versions 1.25.5 and below appear to have a host header filtering validation bug that could possibly be used for malice.
+ Red Hat Security Advisory 2024-2033-03—Red Hat Security Advisory 2024-2033-03 - An update for libreswan is now available for Red Hat Enterprise Linux 9.
+ Red Hat Security Advisory 2024-2011-03—Red Hat Security Advisory 2024-2011-03 - Updated Satellite Client packages that fixes Important security bugs and regular bugs are now available for R...
+ Red Hat Security Advisory 2024-2010-03—Red Hat Security Advisory 2024-2010-03 - An update is now available for Red Hat Satellite 6.15. The release contains a new version of Satellite and im...
+ Red Hat Security Advisory 2024-2008-03—Red Hat Security Advisory 2024-2008-03 - An update for kernel-rt is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support, Red Hat En...
+ Red Hat Security Advisory 2024-2007-03—Red Hat Security Advisory 2024-2007-03 - An update for pcs is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support, Red Hat Enterpri...
+ Red Hat Security Advisory 2024-2006-03—Red Hat Security Advisory 2024-2006-03 - An update for kernel is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support, Red Hat Enter...
+ Red Hat Security Advisory 2024-2005-03—Red Hat Security Advisory 2024-2005-03 - An update for linux-firmware is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support, Red H...
+ Red Hat Security Advisory 2024-2004-03—Red Hat Security Advisory 2024-2004-03 - An update for kernel is now available for Red Hat Enterprise Linux 7. Issues addressed include null pointer a...
+ Red Hat Security Advisory 2024-2003-03—Red Hat Security Advisory 2024-2003-03 - An update for kernel-rt is now available for Red Hat Enterprise Linux 7. Issues addressed include null pointe...
+ Red Hat Security Advisory 2024-2002-03—Red Hat Security Advisory 2024-2002-03 - An update for grub2 is now available for Red Hat Enterprise Linux 7. Issues addressed include buffer overflow...
+ Red Hat Security Advisory 2024-1999-03—Red Hat Security Advisory 2024-1999-03 - An update for postgresql-jdbc is now available for Red Hat Enterprise Linux 9.0 Extended Update Support.
+ Red Hat Security Advisory 2024-1998-03—Red Hat Security Advisory 2024-1998-03 - An update for libreswan is available for Red Hat Enterprise Linux 8.
+ Red Hat Security Advisory 2024-1997-03—Red Hat Security Advisory 2024-1997-03 - An update for gnutls is now available for Red Hat Enterprise Linux 8.8 Extended Update Support. Issues addres...
+ Red Hat Security Advisory 2024-1994-03—Red Hat Security Advisory 2024-1994-03 - An update for the container-tools:rhel8 module is now available for Red Hat Enterprise Linux 8.6 Extended Upd...
+ Red Hat Security Advisory 2024-1992-03—Red Hat Security Advisory 2024-1992-03 - An update for opencryptoki is now available for Red Hat Enterprise Linux 8.6 Extended Update Support.
+ Red Hat Security Advisory 2024-1989-03—Red Hat Security Advisory 2024-1989-03 - An update for less is now available for Red Hat Enterprise Linux 8.6 Extended Update Support.
+ Red Hat Security Advisory 2024-1982-03—Red Hat Security Advisory 2024-1982-03 - An update for thunderbird is now available for Red Hat Enterprise Linux 8.4 Advanced Mission critical Update ...
+ Google Patches Critical Chrome Vulnerability— [Category: headline,flaw,google,patch,chrome]
+ Hackers Are Using Developing Countries For Ransomware Practice— [Category: headline,hacker,malware,cybercrime,fraud,cryptography]
+ North Korean Hackers Hijack Antivirus Updates For Malware Delivery— [Category: headline,hacker,government,malware,flaw,cyberwar,military,north korea]
+ CISA Warns Of Windows Print Spooler Flaw After Microsoft Sees Russian Exploitation— [Category: headline,government,microsoft,usa,russia,flaw,cyberwar]
+ US Charges Iranians With Cyber Snooping On Government, Companies— [Category: headline,hacker,government,privacy,usa,cyberwar,spyware,iran]
+ TensorFlow AI Models At Risk Due To Keras API Flaw— [Category: headline,flaw]
+ Nmap Port Scanner 7.95—Nmap is a utility for port scanning large networks, although it works fine for single hosts. Sometimes you need speed, other times you may need stealt...
+ Debian Security Advisory 5673-1—Debian Linux Security Advisory 5673-1 - Charles Fol discovered that the iconv() function in the GNU C library is prone to a buffer overflow vulnerabil...
+ Ubuntu Security Notice USN-6746-1—Ubuntu Security Notice 6746-1 - It was discovered that Google Guest Agent and Google OS Config Agent incorrectly handled certain JSON files. An attack...
+ FortiNet FortiClient EMS 7.2.2 / 7.0.10 SQL Injection / Remote Code Execution—A remote SQL injection vulnerability exists in FortiNet FortiClient EMS (Endpoint Management Server) versions 7.2.0 through 7.2.2 and 7.0.1 through 7....
+ Suricata IDPE 7.0.5—Suricata is a network intrusion detection and prevention engine developed by the Open Information Security Foundation and its supporting vendors. The ...
+ Debian Security Advisory 5672-1—Debian Linux Security Advisory 5672-1 - Several vulnerabilities have been discovered in the OpenJDK Java runtime, which may result in denial of servic...
+ GitLens Git Local Configuration Execution—GitKraken GitLens versions prior to 14.0.0 allow an untrusted workspace to execute git commands. A repo may include its own .git folder including a ma...
+ Ubuntu Security Notice USN-6728-3—Ubuntu Security Notice 6728-3 - USN-6728-1 fixed vulnerabilities in Squid. The fix for CVE-2023-5824 caused Squid to crash in certain environments on ...
+ Ubuntu Security Notice USN-6743-2—Ubuntu Security Notice 6743-2 - Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the sy...
+ Visual Studio Code Execution—This Metasploit module creates a vsix file which can be installed in Visual Studio Code as an extension. At activation/install, the extension will exe...
+ Debian Security Advisory 5671-1—Debian Linux Security Advisory 5671-1 - Several vulnerabilities have been discovered in the OpenJDK Java runtime, which may result in denial of servic...
+ Gambio Online Webshop 4.9.2.0 Remote Code Execution—A remote code execution vulnerability in Gambio online webshop versions 4.9.2.0 and below allows remote attackers to run arbitrary commands via an una...
+ Palo Alto Networks PAN-OS Unauthenticated Remote Code Execution—This Metasploit module exploits two vulnerabilities in Palo Alto Networks PAN-OS that allow an unauthenticated attacker to create arbitrarily named fi...
+ Debian Security Advisory 5670-1—Debian Linux Security Advisory 5670-1 - Multiple security issues were discovered in Thunderbird, which could result in denial of service or the execut...
+ Ubuntu Security Notice USN-6744-2—Ubuntu Security Notice 6744-2 - USN-6744-1 fixed a vulnerability in Pillow. This update provides the corresponding updates for Pillow in Ubuntu 20.04 ...
+ Palo Alto PAN-OS Command Execution / Arbitrary File Creation—Palo Alto PAN-OS versions prior to 11.1.2-h3 command injection and arbitrary file creation exploit.
+ Ubuntu Security Notice USN-6744-1—Ubuntu Security Notice 6744-1 - Hugo van Kemenade discovered that Pillow was not properly performing bounds checks when processing an ICC file, which ...
+ Ubuntu Security Notice USN-6745-1—Ubuntu Security Notice 6745-1 - It was discovered that in Percona XtraBackup, a local crafted filename could trigger arbitrary code execution.
+ Ubuntu Security Notice USN-6738-1—Ubuntu Security Notice 6738-1 - Fabian Bäumer, Marcus Brinkmann, and Joerg Schwenk discovered that LXD incorrectly handled the handshake phase and the...
+ Red Hat Security Advisory 2024-1963-03—Red Hat Security Advisory 2024-1963-03 - An update for golang is now available for Red Hat Enterprise Linux 9. Issues addressed include a denial of se...
+ Red Hat Security Advisory 2024-1962-03—Red Hat Security Advisory 2024-1962-03 - An update for the go-toolset:rhel8 module is now available for Red Hat Enterprise Linux 8. Issues addressed i...
+ Red Hat Security Advisory 2024-1961-03—Red Hat Security Advisory 2024-1961-03 - An update for kpatch-patch is now available for Red Hat Enterprise Linux 8.2 Update Services for SAP Solution...
+ Red Hat Security Advisory 2024-1960-03—Red Hat Security Advisory 2024-1960-03 - An update for kpatch-patch is now available for Red Hat Enterprise Linux 7. Issues addressed include a use-af...
+ Red Hat Security Advisory 2024-1959-03—Red Hat Security Advisory 2024-1959-03 - An update for shim is now available for Red Hat Enterprise Linux 7. Issues addressed include buffer overflow,...
+ Red Hat Security Advisory 2024-1948-03—Red Hat Security Advisory 2024-1948-03 - An update for Red Hat Build of Apache Camel 3.18 for Quarkus 2.13 is now available. The purpose of this text-...
+ Authorities Investigate LabHost Users After Phishing Service Shutdown— [Category: headline,cybercrime,fraud,phish]
+ Windows Vulnerability Reported By The NSA Exploited To Install Russian Malware— [Category: headline,government,microsoft,usa,russia,flaw,cyberwar,spyware,nsa]
+ UnitedHealth Admits Breach Could Cover Substantial Proportion Of People In America— [Category: headline,hacker,privacy,data loss]
+ Microsoft DRM Hack Could Allow Movie Downloads From Streaming— [Category: headline,microsoft,flaw,pirate]
+ Over A Million Neighbourhood Watch Members Exposed— [Category: headline,privacy,britain,data loss]
+ MITRE Hacked By State Sponsored Group Via Ivanti Zero Days— [Category: headline,hacker,government]
+ Debian Security Advisory 5665-1—Debian Linux Security Advisory 5665-1 - Several security vulnerabilities have been discovered in the Tomcat servlet and JSP engine.
+ Debian Security Advisory 5664-1—Debian Linux Security Advisory 5664-1 - Jetty 9 is a Java based web server and servlet engine. It was discovered that remote attackers may leave many ...
+ Elber Wayber Analog/Digital Audio STL 4.00 Insecure Direct Object Reference—Elber Wayber Analog/Digital Audio STL version 4.00 suffers from an unauthenticated device configuration and client-side hidden functionality disclosur...
+ Elber Wayber Analog/Digital Audio STL 4.00 Authentication Bypass—Elber Wayber Analog/Digital Audio STL version 4.00 suffers from an authentication bypass vulnerability through a direct and unauthorized access to the...
+ Elber ESE DVB-S/S2 Satellite Receiver 1.5.x Insecure Direct Object Reference—Elber ESE DVB-S/S2 Satellite Receiver version 1.5.x suffers from an unauthenticated device configuration and client-side hidden functionality disclosu...
+ Elber ESE DVB-S/S2 Satellite Receiver 1.5.x Authentication Bypass—Elber ESE DVB-S/S2 Satellite Receiver version 1.5.x suffers from an authentication bypass vulnerability through a direct and unauthorized access to th...
+ Elber Reble610 M/ODU XPIC IP-ASI-SDH Microwave Link Insecure Direct Object Reference—Elber Reble610 M/ODU XPIC IP-ASI-SDH Microwave Link suffers from an unauthenticated device configuration and client-side hidden functionality disclosu...
+ Elber Reble610 M/ODU XPIC IP-ASI-SDH Microwave Link Authentication Bypass—Elber Reble610 M/ODU XPIC IP-ASI-SDH Microwave Link suffers from an authentication bypass vulnerability through a direct and unauthorized access to th...
+ Elber Cleber/3 Broadcast Multi-Purpose Platform 1.0.0 Insecure Direct Object Reference—Elber Cleber/3 Broadcast Multi-Purpose Platform version 1.0.0 suffers from an unauthenticated device configuration and client-side hidden functionalit...
+ Elber Cleber/3 Broadcast Multi-Purpose Platform 1.0.0 Authentication Bypass—Elber Cleber/3 Broadcast Multi-Purpose Platform version 1.0.0 suffers from an authentication bypass vulnerability through a direct and unauthorized ac...
+ Elber Signum DVB-S/S2 IRD For Radio Networks 1.999 Insecure Direct Object Reference—Elber Signum DVB-S/S2 IRD for Radio Networks version 1.999 suffers from an unauthenticated device configuration and client-side hidden functionality d...
+ Elber Signum DVB-S/S2 IRD For Radio Networks 1.999 Authentication Bypass—Elber Signum DVB-S/S2 IRD for Radio Networks version 1.999 suffers from an authentication bypass vulnerability through a direct and unauthorized acces...
+ Ubuntu Security Notice USN-6737-1—Ubuntu Security Notice 6737-1 - Charles Fol discovered that the GNU C Library iconv feature incorrectly handled certain input sequences. An attacker c...
+ Clam AntiVirus Toolkit 1.3.1—Clam AntiVirus is an anti-virus toolkit for Unix. The main purpose of this software is the integration with mail servers (attachment scanning). The pa...
+ Ubuntu Security Notice USN-6729-2—Ubuntu Security Notice 6729-2 - USN-6729-1 fixed several vulnerabilities in Apache. This update provides the corresponding update for Ubuntu 16.04 LTS...
+ Red Hat Security Advisory 2024-1904-03—Red Hat Security Advisory 2024-1904-03 - An update for firefox is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support, Red Hat Ente...
+ Red Hat Security Advisory 2024-1901-03—Red Hat Security Advisory 2024-1901-03 - OpenShift container images for the Red Hat Service Interconnect 1.5 release.
+ Red Hat Security Advisory 2024-1883-03—Red Hat Security Advisory 2024-1883-03 - An update for shim is now available for Red Hat Enterprise Linux 8.8 Extended Update Support. Issues addresse...
+ Red Hat Security Advisory 2024-1882-03—Red Hat Security Advisory 2024-1882-03 - An update for kernel-rt is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Issues add...
+ Red Hat Security Advisory 2024-1881-03—Red Hat Security Advisory 2024-1881-03 - An update for kernel is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Issues addres...
+ Red Hat Security Advisory 2024-1880-03—Red Hat Security Advisory 2024-1880-03 - An update for the nodejs:18 module is now available for Red Hat Enterprise Linux 8.8 Extended Update Support....
+ Red Hat Security Advisory 2024-1879-03—Red Hat Security Advisory 2024-1879-03 - An update for gnutls is now available for Red Hat Enterprise Linux 9. Issues addressed include an information...
+ Red Hat Security Advisory 2024-1878-03—Red Hat Security Advisory 2024-1878-03 - An updated version of Red Hat Update Infrastructure is now available. RHUI 4.8 fixes several security an oper...
+ Red Hat Security Advisory 2024-1877-03—Red Hat Security Advisory 2024-1877-03 - An update for kernel is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Issues addres...
+ Red Hat Security Advisory 2024-1876-03—Red Hat Security Advisory 2024-1876-03 - An update for shim is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Issues addresse...
+ Russia's Sandworm APT Linked To Attack On Texas Water Plant— [Category: headline,malware,usa,russia,cyberwar,scada]
+ EU Tells Meta It Can't Paywall Privacy— [Category: headline,government,privacy,facebook,social]
+ Kremlin-Backed Actors Spread Disinformation Ahead Of US Elections— [Category: headline,government,usa,russia,fraud,cyberwar]
+ Lawmakers Are Kicking Warrantless Wiretapping Into Overdrive— [Category: headline,government,privacy,usa,phone,spyware]
+ Five Eyes Agencies Release New AI Security Guidance— [Category: headline,government]
+ Phishing Platform LabHost Shut Down By Law Enforcement— [Category: headline,government,fraud,phish]
+ Palo Alto OS Command Injection—Palo Alto OS was recently hit by a command injection zero day attack. These are exploitation details related to the zero day.
+ Palo Alto OS Command Injection Proof Of Concept—This is a scanning script to validate vulnerable Palo Alto OS systems for the recent zero day command injection vulnerability.
+ pgAdmin 8.3 Remote Code Execution—pgAdmin versions 8.3 and below have a path traversal vulnerability within their session management logic that can allow a pickled file to be loaded fr...
+ Debian Security Advisory 5655-2—Debian Linux Security Advisory 5655-2 - The update of cockpit released in DSA 5655-1 did not correctly build binary packages due to unit test failures...
+ Debian Security Advisory 5662-1—Debian Linux Security Advisory 5662-1 - Multiple vulnerabilities have been discovered in the Apache HTTP server, which may result in HTTP response spl...
+ Ubuntu Security Notice USN-6726-3—Ubuntu Security Notice 6726-3 - Pratyush Yadav discovered that the Xen network backend implementation in the Linux kernel did not properly handle zero...
+ Ubuntu Security Notice USN-6726-2—Ubuntu Security Notice 6726-2 - Pratyush Yadav discovered that the Xen network backend implementation in the Linux kernel did not properly handle zero...
+ Ubuntu Security Notice USN-6725-2—Ubuntu Security Notice 6725-2 - Chih-Yen Chang discovered that the KSMBD implementation in the Linux kernel did not properly validate certain data str...
+ Ubuntu Security Notice USN-6724-2—Ubuntu Security Notice 6724-2 - Pratyush Yadav discovered that the Xen network backend implementation in the Linux kernel did not properly handle zero...
+ Red Hat Security Advisory 2024-1868-03—Red Hat Security Advisory 2024-1868-03 - An update is now available for Red Hat build of Keycloak. Issues addressed include bypass, cross site scripti...
+ Red Hat Security Advisory 2024-1865-03—Red Hat Security Advisory 2024-1865-03 - Red Hat Single Sign-On 7.6.8 Operator enhancement and security update.
+ Red Hat Security Advisory 2024-1859-03—Red Hat Security Advisory 2024-1859-03 - OpenShift API for Data Protection 1.3.1 is now available. Issues addressed include a denial of service vulner...
+ Red Hat Security Advisory 2024-1856-03—Red Hat Security Advisory 2024-1856-03 - An update for opencryptoki is now available for Red Hat Enterprise Linux 9.2 Extended Update Support.
+ Red Hat Security Advisory 2024-1846-03—Red Hat Security Advisory 2024-1846-03 - An update for pcs is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Issues addressed...
+ Red Hat Security Advisory 2024-1841-03—Red Hat Security Advisory 2024-1841-03 - An update for pcs is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Issues addressed...
+ Red Hat Security Advisory 2024-1840-03—Red Hat Security Advisory 2024-1840-03 - An update for kernel-rt is now available for Red Hat Enterprise Linux 9.0 Extended Update Support.
+ Red Hat Security Advisory 2024-1836-03—Red Hat Security Advisory 2024-1836-03 - An update for kernel is now available for Red Hat Enterprise Linux 9.0 Extended Update Support.
+ Red Hat Security Advisory 2024-1835-03—Red Hat Security Advisory 2024-1835-03 - An update for shim is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Issues addresse...
+ Red Hat Security Advisory 2024-1834-03—Red Hat Security Advisory 2024-1834-03 - An update for shim is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support, Red Hat Enterpr...
+ Red Hat Security Advisory 2024-1833-03—Red Hat Security Advisory 2024-1833-03 - An update for squid is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Issues address...
+ Red Hat Security Advisory 2024-1832-03—Red Hat Security Advisory 2024-1832-03 - An update for the squid:4 module is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical ...
+ Red Hat Security Advisory 2024-1770-03—Red Hat Security Advisory 2024-1770-03 - Red Hat OpenShift Container Platform release 4.15.9 is now available with updates to packages and images that...
+ Scammers Offer Cash To Phone Carrier Staff To Swap SIM Cards— [Category: headline,phone,cybercrime,fraud,password]
+ Ivanti Patches 27 Vulns In Avalanche MDM Product— [Category: headline,flaw,patch]
+ Attackers Are Pummeling Networks Around The World With Millions Of Login Attempts— [Category: headline,hacker,password]
+ Recent OT And Espionage Attacks Linked To Russia's Sandworm, Now Named APT44— [Category: headline,hacker,government,malware,cyberwar,spyware]
+ OpenAI's ChatGPT Can Exploit Real Vulnerabilities By Reading Advisories— [Category: headline,flaw,science]
+ Debian Security Advisory 5661-1—Debian Linux Security Advisory 5661-1 - Multiple security issues were found in PHP, a widely-used open source general purpose scripting language which...
+ Debian Security Advisory 5660-1—Debian Linux Security Advisory 5660-1 - Multiple security issues were found in PHP, a widely-used open source general purpose scripting language which...
+ Centreon 23.10-1.el8 SQL Injection—Centreon version 23.10-1.el8 suffers from a remote authenticated SQL injection vulnerability.
+ Backdoor.Win32.Dumador.c MVID-2024-0679 Buffer Overflow—Backdoor.Win32.Dumador.c malware suffers from a buffer overflow vulnerability.
+ Ubuntu Security Notice USN-6736-1—Ubuntu Security Notice 6736-1 - It was discovered that zlib, vendored in klibc, incorrectly handled pointer arithmetic. An attacker could use this iss...
+ Ubuntu Security Notice USN-6735-1—Ubuntu Security Notice 6735-1 - It was discovered that Node.js incorrectly handled the use of invalid public keys while creating an x509 certificate. ...
+ Ubuntu Security Notice USN-6734-1—Ubuntu Security Notice 6734-1 - Alexander Kuznetsov discovered that libvirt incorrectly handled certain API calls. An attacker could possibly use this...
+ Ubuntu Security Notice USN-6733-1—Ubuntu Security Notice 6733-1 - It was discovered that GnuTLS had a timing side-channel when performing certain ECDSA operations. A remote attacker co...
+ Ubuntu Security Notice USN-6732-1—Ubuntu Security Notice 6732-1 - Several security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewi...
+ Red Hat Security Advisory 2024-1831-03—Red Hat Security Advisory 2024-1831-03 - An update for kernel is now available for Red Hat Enterprise Linux 6 Extended Lifecycle Support. Issues addre...
+ Google Location Tracking Deal Could Be Derailed By Politics— [Category: headline,government,privacy,google,spyware]
+ Cryptojacker Arrested For Defrauding Cloud Providers Of $3.5 Million— [Category: headline,hacker,cybercrime,fraud,cryptography]
+ Delinea Scrambles To Patch Critical Flaw After Ignoring Researcher— [Category: headline,hacker,flaw,patch]
+ AI Watchdog Defends Against New LLM Jailbreak Method— [Category: headline,hacker,microsoft,flaw]
+ Amazon AWS Glue Database Password Disclosure—The password of database connections in AWS Glue is loaded into the website when a connection's edit page is requested. Principals with appropriate pe...
+ CrushFTP Remote Code Execution—This Metasploit exploit module leverages an improperly controlled modification of dynamically-determined object attributes vulnerability (CVE-2023-431...
+ American Fuzzy Lop plus plus 4.20c—Google's American Fuzzy Lop is a brute-force fuzzer coupled with an exceedingly simple but rock-solid instrumentation-guided genetic algorithm. afl++ ...
+ Debian Security Advisory 5659-1—Debian Linux Security Advisory 5659-1 - Bartek Nowotarski discovered that Apache Traffic Server, a reverse and forward proxy server, was susceptible t...
+ OpenSSH 8 Password Backdoor—This is a backdoored version of openssh-8.0p1 where the ssh client will log the ssh username and ssh password into /opt/.../log.txt.
+ Ubuntu Security Notice USN-6731-1—Ubuntu Security Notice 6731-1 - It was discovered that YARD before 0.9.11 does not block relative paths with an initial ../ sequence, which allows att...
+ GLPI 10.x.x Remote Command Execution—GLPI versions 10.x.x suffers from a remote command execution vulnerability via the shell commands plugin.
+ WordPress WP Video Playlist 1.1.1 Cross Site Scripting—WordPress WP Video Playlist plugin version 1.1.1 suffers from a persistent cross site scripting vulnerability.
+ Debian Security Advisory 5658-1txt—Debian Linux Security Advisory 5658-1 - Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, deni...
+ BMC Compuware iStrobe Web 20.13 Shell Upload—BMC Compuware iStrobe Web version 20.13 suffers from a remote shell upload vulnerability.
+ Kruxton 1.0 SQL Injection—Kruxton version 1.0 suffers from a remote SQL injection vulnerability.
+ Kruxton 1.0 Shell Upload—Kruxton version 1.0 suffers from a remote shell upload vulnerability.
+ WBCE 1.6.0 SQL Injection—WBCE version 1.6.0 suffers from a remote SQL injection vulnerability.
+ AMPLE BILLS 0.1 SQL injection—AMPLE BILLS version 0.1 suffers from a remote SQL injection vulnerability.
+ Debian Security Advisory 5657-1—Debian Linux Security Advisory 5657-1 - Several vulnerabilities were discovered in the Xorg X server, which may result in privilege escalation if the ...
+ PrusaSlicer 2.6.1 Arbitrary Code Execution—PrusaSlicer versions 2.6.1 and below suffer from an arbitrary code execution vulnerability.
+ Red Hat Security Advisory 2024-1812-03—Red Hat Security Advisory 2024-1812-03 - Custom Metrics Autoscaler Operator for Red Hat OpenShift including security updates. Issues addressed include...
+ Moodle 3.10.1 SQL Injection—Moodle version 3.10.1 suffers from a remote time-based SQL injection vulnerability.
+ Django REST Framework SimpleJWT 5.3.1 Information Disclosure—Django REST Framework SimpleJWT versions 5.3.1 and below suffer from an information disclosure vulnerability.
+ Red Hat Security Advisory 2024-1804-03—Red Hat Security Advisory 2024-1804-03 - An update for unbound is now available for Red Hat Enterprise Linux 8.6 Extended Update Support.
+ Red Hat Security Advisory 2024-1803-03—Red Hat Security Advisory 2024-1803-03 - Updates for bind and bind-dyndb-ldap are now available for Red Hat Enterprise Linux 9.2 Extended Update Suppo...
+ Jenkins 2.441 Local File Inclusion—Jenkins version 2.441 suffers from a local file inclusion vulnerability.
+ Red Hat Security Advisory 2024-1802-03—Red Hat Security Advisory 2024-1802-03 - An update for unbound is now available for Red Hat Enterprise Linux 8.8 Extended Update Support.
+ Red Hat Security Advisory 2024-1801-03—Red Hat Security Advisory 2024-1801-03 - An update for unbound is now available for Red Hat Enterprise Linux 9.0 Extended Update Support.
+ Red Hat Security Advisory 2024-1800-03—Red Hat Security Advisory 2024-1800-03 - Updates for bind and bind-dyndb-ldap are now available for Red Hat Enterprise Linux 9.0 Extended Update Suppo...
+ Juniper Networks Publishes Dozens Of New Security Advisories— [Category: headline,flaw,juniper]
+ Ransomware Group Claims Theft Of Data From Chipmaker Nexperia— [Category: headline,hacker,malware,data loss,cryptography]
+ Palo Alto Networks Releases Fixes For Firewall Zero-Day As Attribution Attempts Emerge— [Category: headline,flaw,patch,zero day]
+ Roku Makes 2FA Mandatory For All After Nearly 600k Accounts Pwned— [Category: headline,hacker,data loss,flaw,password]
+ Delinea Secret Server Customers Should Apply Latest Patches— [Category: headline,flaw,patch]

As of 5/16/24 6:18am. Last new 5/15/24 11:15am. Score: 202

Next feed in category: Microsoft Support Content - Windows 10/11