CCnews CampusCoin Student Feed Aggregator: Packet Storm Security

Packet Storm Security

+ Apache Solr Backup/Restore API Remote Code Execution—Apache Solr versions 6.0.0 through 8.11.2 and versions 9.0.0 up to 9.4.1 are affected by an unrestricted file upload vulnerability which can result in...
+ Ubuntu Security Notice USN-6748-1—Ubuntu Security Notice 6748-1 - It was discovered that Sanitize incorrectly handled noscript elements under certain circumstances. An attacker could p...
+ Ubuntu Security Notice USN-6747-1—Ubuntu Security Notice 6747-1 - Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, ...
+ Ubuntu Security Notice USN-6742-2—Ubuntu Security Notice 6742-2 - Daniele Antonioli discovered that the Secure Simple Pairing and Secure Connections pairing in the Bluetooth protocol c...
+ Relate Learning And Teaching System SSTI / Remote Code Execution—Relate Learning and Teaching System versions prior to 2024.1 suffers from a server-side template injection vulnerability that leads to remote code exe...
+ Nginx 1.25.5 Host Header Validation—Nginx versions 1.25.5 and below appear to have a host header filtering validation bug that could possibly be used for malice.
+ Red Hat Security Advisory 2024-2033-03—Red Hat Security Advisory 2024-2033-03 - An update for libreswan is now available for Red Hat Enterprise Linux 9.
+ Red Hat Security Advisory 2024-2011-03—Red Hat Security Advisory 2024-2011-03 - Updated Satellite Client packages that fixes Important security bugs and regular bugs are now available for R...
+ Red Hat Security Advisory 2024-2010-03—Red Hat Security Advisory 2024-2010-03 - An update is now available for Red Hat Satellite 6.15. The release contains a new version of Satellite and im...
+ Red Hat Security Advisory 2024-2008-03—Red Hat Security Advisory 2024-2008-03 - An update for kernel-rt is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support, Red Hat En...
+ Red Hat Security Advisory 2024-2007-03—Red Hat Security Advisory 2024-2007-03 - An update for pcs is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support, Red Hat Enterpri...
+ Red Hat Security Advisory 2024-2006-03—Red Hat Security Advisory 2024-2006-03 - An update for kernel is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support, Red Hat Enter...
+ Red Hat Security Advisory 2024-2005-03—Red Hat Security Advisory 2024-2005-03 - An update for linux-firmware is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support, Red H...
+ Red Hat Security Advisory 2024-2004-03—Red Hat Security Advisory 2024-2004-03 - An update for kernel is now available for Red Hat Enterprise Linux 7. Issues addressed include null pointer a...
+ Red Hat Security Advisory 2024-2003-03—Red Hat Security Advisory 2024-2003-03 - An update for kernel-rt is now available for Red Hat Enterprise Linux 7. Issues addressed include null pointe...
+ Red Hat Security Advisory 2024-2002-03—Red Hat Security Advisory 2024-2002-03 - An update for grub2 is now available for Red Hat Enterprise Linux 7. Issues addressed include buffer overflow...
+ Red Hat Security Advisory 2024-1999-03—Red Hat Security Advisory 2024-1999-03 - An update for postgresql-jdbc is now available for Red Hat Enterprise Linux 9.0 Extended Update Support.
+ Red Hat Security Advisory 2024-1998-03—Red Hat Security Advisory 2024-1998-03 - An update for libreswan is available for Red Hat Enterprise Linux 8.
+ Red Hat Security Advisory 2024-1997-03—Red Hat Security Advisory 2024-1997-03 - An update for gnutls is now available for Red Hat Enterprise Linux 8.8 Extended Update Support. Issues addres...
+ Red Hat Security Advisory 2024-1994-03—Red Hat Security Advisory 2024-1994-03 - An update for the container-tools:rhel8 module is now available for Red Hat Enterprise Linux 8.6 Extended Upd...
+ Red Hat Security Advisory 2024-1992-03—Red Hat Security Advisory 2024-1992-03 - An update for opencryptoki is now available for Red Hat Enterprise Linux 8.6 Extended Update Support.
+ Red Hat Security Advisory 2024-1989-03—Red Hat Security Advisory 2024-1989-03 - An update for less is now available for Red Hat Enterprise Linux 8.6 Extended Update Support.
+ Red Hat Security Advisory 2024-1982-03—Red Hat Security Advisory 2024-1982-03 - An update for thunderbird is now available for Red Hat Enterprise Linux 8.4 Advanced Mission critical Update ...
+ Google Patches Critical Chrome Vulnerability— [Category: headline,flaw,google,patch,chrome]
+ Hackers Are Using Developing Countries For Ransomware Practice— [Category: headline,hacker,malware,cybercrime,fraud,cryptography]
+ North Korean Hackers Hijack Antivirus Updates For Malware Delivery— [Category: headline,hacker,government,malware,flaw,cyberwar,military,north korea]
+ CISA Warns Of Windows Print Spooler Flaw After Microsoft Sees Russian Exploitation— [Category: headline,government,microsoft,usa,russia,flaw,cyberwar]
+ US Charges Iranians With Cyber Snooping On Government, Companies— [Category: headline,hacker,government,privacy,usa,cyberwar,spyware,iran]
+ TensorFlow AI Models At Risk Due To Keras API Flaw— [Category: headline,flaw]
+ Nmap Port Scanner 7.95—Nmap is a utility for port scanning large networks, although it works fine for single hosts. Sometimes you need speed, other times you may need stealt...
+ Debian Security Advisory 5673-1—Debian Linux Security Advisory 5673-1 - Charles Fol discovered that the iconv() function in the GNU C library is prone to a buffer overflow vulnerabil...
+ Ubuntu Security Notice USN-6746-1—Ubuntu Security Notice 6746-1 - It was discovered that Google Guest Agent and Google OS Config Agent incorrectly handled certain JSON files. An attack...
+ FortiNet FortiClient EMS 7.2.2 / 7.0.10 SQL Injection / Remote Code Execution—A remote SQL injection vulnerability exists in FortiNet FortiClient EMS (Endpoint Management Server) versions 7.2.0 through 7.2.2 and 7.0.1 through 7....
+ Suricata IDPE 7.0.5—Suricata is a network intrusion detection and prevention engine developed by the Open Information Security Foundation and its supporting vendors. The ...
+ Debian Security Advisory 5672-1—Debian Linux Security Advisory 5672-1 - Several vulnerabilities have been discovered in the OpenJDK Java runtime, which may result in denial of servic...
+ GitLens Git Local Configuration Execution—GitKraken GitLens versions prior to 14.0.0 allow an untrusted workspace to execute git commands. A repo may include its own .git folder including a ma...
+ Ubuntu Security Notice USN-6728-3—Ubuntu Security Notice 6728-3 - USN-6728-1 fixed vulnerabilities in Squid. The fix for CVE-2023-5824 caused Squid to crash in certain environments on ...
+ Ubuntu Security Notice USN-6743-2—Ubuntu Security Notice 6743-2 - Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the sy...
+ Visual Studio Code Execution—This Metasploit module creates a vsix file which can be installed in Visual Studio Code as an extension. At activation/install, the extension will exe...
+ Debian Security Advisory 5671-1—Debian Linux Security Advisory 5671-1 - Several vulnerabilities have been discovered in the OpenJDK Java runtime, which may result in denial of servic...
+ Gambio Online Webshop 4.9.2.0 Remote Code Execution—A remote code execution vulnerability in Gambio online webshop versions 4.9.2.0 and below allows remote attackers to run arbitrary commands via an una...
+ Palo Alto Networks PAN-OS Unauthenticated Remote Code Execution—This Metasploit module exploits two vulnerabilities in Palo Alto Networks PAN-OS that allow an unauthenticated attacker to create arbitrarily named fi...
+ Debian Security Advisory 5670-1—Debian Linux Security Advisory 5670-1 - Multiple security issues were discovered in Thunderbird, which could result in denial of service or the execut...
+ Ubuntu Security Notice USN-6744-2—Ubuntu Security Notice 6744-2 - USN-6744-1 fixed a vulnerability in Pillow. This update provides the corresponding updates for Pillow in Ubuntu 20.04 ...
+ Palo Alto PAN-OS Command Execution / Arbitrary File Creation—Palo Alto PAN-OS versions prior to 11.1.2-h3 command injection and arbitrary file creation exploit.
+ Ubuntu Security Notice USN-6744-1—Ubuntu Security Notice 6744-1 - Hugo van Kemenade discovered that Pillow was not properly performing bounds checks when processing an ICC file, which ...
+ Ubuntu Security Notice USN-6745-1—Ubuntu Security Notice 6745-1 - It was discovered that in Percona XtraBackup, a local crafted filename could trigger arbitrary code execution.
+ Ubuntu Security Notice USN-6738-1—Ubuntu Security Notice 6738-1 - Fabian Bäumer, Marcus Brinkmann, and Joerg Schwenk discovered that LXD incorrectly handled the handshake phase and the...
+ Red Hat Security Advisory 2024-1963-03—Red Hat Security Advisory 2024-1963-03 - An update for golang is now available for Red Hat Enterprise Linux 9. Issues addressed include a denial of se...
+ Red Hat Security Advisory 2024-1962-03—Red Hat Security Advisory 2024-1962-03 - An update for the go-toolset:rhel8 module is now available for Red Hat Enterprise Linux 8. Issues addressed i...
+ Red Hat Security Advisory 2024-1961-03—Red Hat Security Advisory 2024-1961-03 - An update for kpatch-patch is now available for Red Hat Enterprise Linux 8.2 Update Services for SAP Solution...
+ Red Hat Security Advisory 2024-1960-03—Red Hat Security Advisory 2024-1960-03 - An update for kpatch-patch is now available for Red Hat Enterprise Linux 7. Issues addressed include a use-af...
+ Red Hat Security Advisory 2024-1959-03—Red Hat Security Advisory 2024-1959-03 - An update for shim is now available for Red Hat Enterprise Linux 7. Issues addressed include buffer overflow,...
+ Red Hat Security Advisory 2024-1948-03—Red Hat Security Advisory 2024-1948-03 - An update for Red Hat Build of Apache Camel 3.18 for Quarkus 2.13 is now available. The purpose of this text-...
+ Authorities Investigate LabHost Users After Phishing Service Shutdown— [Category: headline,cybercrime,fraud,phish]
+ Windows Vulnerability Reported By The NSA Exploited To Install Russian Malware— [Category: headline,government,microsoft,usa,russia,flaw,cyberwar,spyware,nsa]
+ UnitedHealth Admits Breach Could Cover Substantial Proportion Of People In America— [Category: headline,hacker,privacy,data loss]
+ Microsoft DRM Hack Could Allow Movie Downloads From Streaming— [Category: headline,microsoft,flaw,pirate]
+ Over A Million Neighbourhood Watch Members Exposed— [Category: headline,privacy,britain,data loss]
+ MITRE Hacked By State Sponsored Group Via Ivanti Zero Days— [Category: headline,hacker,government]
+ Debian Security Advisory 5665-1—Debian Linux Security Advisory 5665-1 - Several security vulnerabilities have been discovered in the Tomcat servlet and JSP engine.
+ Debian Security Advisory 5664-1—Debian Linux Security Advisory 5664-1 - Jetty 9 is a Java based web server and servlet engine. It was discovered that remote attackers may leave many ...
+ Elber Wayber Analog/Digital Audio STL 4.00 Insecure Direct Object Reference—Elber Wayber Analog/Digital Audio STL version 4.00 suffers from an unauthenticated device configuration and client-side hidden functionality disclosur...
+ Elber Wayber Analog/Digital Audio STL 4.00 Authentication Bypass—Elber Wayber Analog/Digital Audio STL version 4.00 suffers from an authentication bypass vulnerability through a direct and unauthorized access to the...
+ Elber ESE DVB-S/S2 Satellite Receiver 1.5.x Insecure Direct Object Reference—Elber ESE DVB-S/S2 Satellite Receiver version 1.5.x suffers from an unauthenticated device configuration and client-side hidden functionality disclosu...
+ Elber ESE DVB-S/S2 Satellite Receiver 1.5.x Authentication Bypass—Elber ESE DVB-S/S2 Satellite Receiver version 1.5.x suffers from an authentication bypass vulnerability through a direct and unauthorized access to th...
+ Elber Reble610 M/ODU XPIC IP-ASI-SDH Microwave Link Insecure Direct Object Reference—Elber Reble610 M/ODU XPIC IP-ASI-SDH Microwave Link suffers from an unauthenticated device configuration and client-side hidden functionality disclosu...
+ Elber Reble610 M/ODU XPIC IP-ASI-SDH Microwave Link Authentication Bypass—Elber Reble610 M/ODU XPIC IP-ASI-SDH Microwave Link suffers from an authentication bypass vulnerability through a direct and unauthorized access to th...
+ Elber Cleber/3 Broadcast Multi-Purpose Platform 1.0.0 Insecure Direct Object Reference—Elber Cleber/3 Broadcast Multi-Purpose Platform version 1.0.0 suffers from an unauthenticated device configuration and client-side hidden functionalit...
+ Elber Cleber/3 Broadcast Multi-Purpose Platform 1.0.0 Authentication Bypass—Elber Cleber/3 Broadcast Multi-Purpose Platform version 1.0.0 suffers from an authentication bypass vulnerability through a direct and unauthorized ac...
+ Elber Signum DVB-S/S2 IRD For Radio Networks 1.999 Insecure Direct Object Reference—Elber Signum DVB-S/S2 IRD for Radio Networks version 1.999 suffers from an unauthenticated device configuration and client-side hidden functionality d...
+ Elber Signum DVB-S/S2 IRD For Radio Networks 1.999 Authentication Bypass—Elber Signum DVB-S/S2 IRD for Radio Networks version 1.999 suffers from an authentication bypass vulnerability through a direct and unauthorized acces...
+ Ubuntu Security Notice USN-6737-1—Ubuntu Security Notice 6737-1 - Charles Fol discovered that the GNU C Library iconv feature incorrectly handled certain input sequences. An attacker c...
+ Clam AntiVirus Toolkit 1.3.1—Clam AntiVirus is an anti-virus toolkit for Unix. The main purpose of this software is the integration with mail servers (attachment scanning). The pa...
+ Ubuntu Security Notice USN-6729-2—Ubuntu Security Notice 6729-2 - USN-6729-1 fixed several vulnerabilities in Apache. This update provides the corresponding update for Ubuntu 16.04 LTS...
+ Red Hat Security Advisory 2024-1904-03—Red Hat Security Advisory 2024-1904-03 - An update for firefox is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support, Red Hat Ente...
+ Red Hat Security Advisory 2024-1901-03—Red Hat Security Advisory 2024-1901-03 - OpenShift container images for the Red Hat Service Interconnect 1.5 release.
+ Red Hat Security Advisory 2024-1883-03—Red Hat Security Advisory 2024-1883-03 - An update for shim is now available for Red Hat Enterprise Linux 8.8 Extended Update Support. Issues addresse...
+ Red Hat Security Advisory 2024-1882-03—Red Hat Security Advisory 2024-1882-03 - An update for kernel-rt is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Issues add...
+ Red Hat Security Advisory 2024-1881-03—Red Hat Security Advisory 2024-1881-03 - An update for kernel is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Issues addres...
+ Red Hat Security Advisory 2024-1880-03—Red Hat Security Advisory 2024-1880-03 - An update for the nodejs:18 module is now available for Red Hat Enterprise Linux 8.8 Extended Update Support....
+ Red Hat Security Advisory 2024-1879-03—Red Hat Security Advisory 2024-1879-03 - An update for gnutls is now available for Red Hat Enterprise Linux 9. Issues addressed include an information...
+ Red Hat Security Advisory 2024-1878-03—Red Hat Security Advisory 2024-1878-03 - An updated version of Red Hat Update Infrastructure is now available. RHUI 4.8 fixes several security an oper...
+ Red Hat Security Advisory 2024-1877-03—Red Hat Security Advisory 2024-1877-03 - An update for kernel is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Issues addres...
+ Red Hat Security Advisory 2024-1876-03—Red Hat Security Advisory 2024-1876-03 - An update for shim is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Issues addresse...
+ Russia's Sandworm APT Linked To Attack On Texas Water Plant— [Category: headline,malware,usa,russia,cyberwar,scada]
+ EU Tells Meta It Can't Paywall Privacy— [Category: headline,government,privacy,facebook,social]
+ Kremlin-Backed Actors Spread Disinformation Ahead Of US Elections— [Category: headline,government,usa,russia,fraud,cyberwar]
+ Lawmakers Are Kicking Warrantless Wiretapping Into Overdrive— [Category: headline,government,privacy,usa,phone,spyware]
+ Five Eyes Agencies Release New AI Security Guidance— [Category: headline,government]
+ Phishing Platform LabHost Shut Down By Law Enforcement— [Category: headline,government,fraud,phish]
+ Palo Alto OS Command Injection—Palo Alto OS was recently hit by a command injection zero day attack. These are exploitation details related to the zero day.
+ Palo Alto OS Command Injection Proof Of Concept—This is a scanning script to validate vulnerable Palo Alto OS systems for the recent zero day command injection vulnerability.
+ pgAdmin 8.3 Remote Code Execution—pgAdmin versions 8.3 and below have a path traversal vulnerability within their session management logic that can allow a pickled file to be loaded fr...
+ Debian Security Advisory 5655-2—Debian Linux Security Advisory 5655-2 - The update of cockpit released in DSA 5655-1 did not correctly build binary packages due to unit test failures...
+ Debian Security Advisory 5662-1—Debian Linux Security Advisory 5662-1 - Multiple vulnerabilities have been discovered in the Apache HTTP server, which may result in HTTP response spl...
+ Ubuntu Security Notice USN-6726-3—Ubuntu Security Notice 6726-3 - Pratyush Yadav discovered that the Xen network backend implementation in the Linux kernel did not properly handle zero...
+ Ubuntu Security Notice USN-6726-2—Ubuntu Security Notice 6726-2 - Pratyush Yadav discovered that the Xen network backend implementation in the Linux kernel did not properly handle zero...
+ Ubuntu Security Notice USN-6725-2—Ubuntu Security Notice 6725-2 - Chih-Yen Chang discovered that the KSMBD implementation in the Linux kernel did not properly validate certain data str...
+ Ubuntu Security Notice USN-6724-2—Ubuntu Security Notice 6724-2 - Pratyush Yadav discovered that the Xen network backend implementation in the Linux kernel did not properly handle zero...
+ Red Hat Security Advisory 2024-1868-03—Red Hat Security Advisory 2024-1868-03 - An update is now available for Red Hat build of Keycloak. Issues addressed include bypass, cross site scripti...
+ Red Hat Security Advisory 2024-1865-03—Red Hat Security Advisory 2024-1865-03 - Red Hat Single Sign-On 7.6.8 Operator enhancement and security update.
+ Red Hat Security Advisory 2024-1859-03—Red Hat Security Advisory 2024-1859-03 - OpenShift API for Data Protection 1.3.1 is now available. Issues addressed include a denial of service vulner...
+ Red Hat Security Advisory 2024-1856-03—Red Hat Security Advisory 2024-1856-03 - An update for opencryptoki is now available for Red Hat Enterprise Linux 9.2 Extended Update Support.
+ Red Hat Security Advisory 2024-1846-03—Red Hat Security Advisory 2024-1846-03 - An update for pcs is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Issues addressed...
+ Red Hat Security Advisory 2024-1841-03—Red Hat Security Advisory 2024-1841-03 - An update for pcs is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Issues addressed...
+ Red Hat Security Advisory 2024-1840-03—Red Hat Security Advisory 2024-1840-03 - An update for kernel-rt is now available for Red Hat Enterprise Linux 9.0 Extended Update Support.
+ Red Hat Security Advisory 2024-1836-03—Red Hat Security Advisory 2024-1836-03 - An update for kernel is now available for Red Hat Enterprise Linux 9.0 Extended Update Support.
+ Red Hat Security Advisory 2024-1835-03—Red Hat Security Advisory 2024-1835-03 - An update for shim is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Issues addresse...
+ Red Hat Security Advisory 2024-1834-03—Red Hat Security Advisory 2024-1834-03 - An update for shim is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support, Red Hat Enterpr...
+ Red Hat Security Advisory 2024-1833-03—Red Hat Security Advisory 2024-1833-03 - An update for squid is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Issues address...
+ Red Hat Security Advisory 2024-1832-03—Red Hat Security Advisory 2024-1832-03 - An update for the squid:4 module is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical ...
+ Red Hat Security Advisory 2024-1770-03—Red Hat Security Advisory 2024-1770-03 - Red Hat OpenShift Container Platform release 4.15.9 is now available with updates to packages and images that...
+ Scammers Offer Cash To Phone Carrier Staff To Swap SIM Cards— [Category: headline,phone,cybercrime,fraud,password]
+ Ivanti Patches 27 Vulns In Avalanche MDM Product— [Category: headline,flaw,patch]
+ Attackers Are Pummeling Networks Around The World With Millions Of Login Attempts— [Category: headline,hacker,password]
+ Recent OT And Espionage Attacks Linked To Russia's Sandworm, Now Named APT44— [Category: headline,hacker,government,malware,cyberwar,spyware]
+ OpenAI's ChatGPT Can Exploit Real Vulnerabilities By Reading Advisories— [Category: headline,flaw,science]
+ Debian Security Advisory 5661-1—Debian Linux Security Advisory 5661-1 - Multiple security issues were found in PHP, a widely-used open source general purpose scripting language which...
+ Debian Security Advisory 5660-1—Debian Linux Security Advisory 5660-1 - Multiple security issues were found in PHP, a widely-used open source general purpose scripting language which...
+ Centreon 23.10-1.el8 SQL Injection—Centreon version 23.10-1.el8 suffers from a remote authenticated SQL injection vulnerability.
+ Backdoor.Win32.Dumador.c MVID-2024-0679 Buffer Overflow—Backdoor.Win32.Dumador.c malware suffers from a buffer overflow vulnerability.
+ Ubuntu Security Notice USN-6736-1—Ubuntu Security Notice 6736-1 - It was discovered that zlib, vendored in klibc, incorrectly handled pointer arithmetic. An attacker could use this iss...
+ Ubuntu Security Notice USN-6735-1—Ubuntu Security Notice 6735-1 - It was discovered that Node.js incorrectly handled the use of invalid public keys while creating an x509 certificate. ...
+ Ubuntu Security Notice USN-6734-1—Ubuntu Security Notice 6734-1 - Alexander Kuznetsov discovered that libvirt incorrectly handled certain API calls. An attacker could possibly use this...
+ Ubuntu Security Notice USN-6733-1—Ubuntu Security Notice 6733-1 - It was discovered that GnuTLS had a timing side-channel when performing certain ECDSA operations. A remote attacker co...
+ Ubuntu Security Notice USN-6732-1—Ubuntu Security Notice 6732-1 - Several security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewi...
+ Red Hat Security Advisory 2024-1831-03—Red Hat Security Advisory 2024-1831-03 - An update for kernel is now available for Red Hat Enterprise Linux 6 Extended Lifecycle Support. Issues addre...
+ Google Location Tracking Deal Could Be Derailed By Politics— [Category: headline,government,privacy,google,spyware]
+ Cryptojacker Arrested For Defrauding Cloud Providers Of $3.5 Million— [Category: headline,hacker,cybercrime,fraud,cryptography]
+ Delinea Scrambles To Patch Critical Flaw After Ignoring Researcher— [Category: headline,hacker,flaw,patch]
+ AI Watchdog Defends Against New LLM Jailbreak Method— [Category: headline,hacker,microsoft,flaw]
+ Amazon AWS Glue Database Password Disclosure—The password of database connections in AWS Glue is loaded into the website when a connection's edit page is requested. Principals with appropriate pe...
+ CrushFTP Remote Code Execution—This Metasploit exploit module leverages an improperly controlled modification of dynamically-determined object attributes vulnerability (CVE-2023-431...
+ American Fuzzy Lop plus plus 4.20c—Google's American Fuzzy Lop is a brute-force fuzzer coupled with an exceedingly simple but rock-solid instrumentation-guided genetic algorithm. afl++ ...
+ Debian Security Advisory 5659-1—Debian Linux Security Advisory 5659-1 - Bartek Nowotarski discovered that Apache Traffic Server, a reverse and forward proxy server, was susceptible t...
+ OpenSSH 8 Password Backdoor—This is a backdoored version of openssh-8.0p1 where the ssh client will log the ssh username and ssh password into /opt/.../log.txt.
+ Ubuntu Security Notice USN-6731-1—Ubuntu Security Notice 6731-1 - It was discovered that YARD before 0.9.11 does not block relative paths with an initial ../ sequence, which allows att...
+ GLPI 10.x.x Remote Command Execution—GLPI versions 10.x.x suffers from a remote command execution vulnerability via the shell commands plugin.
+ WordPress WP Video Playlist 1.1.1 Cross Site Scripting—WordPress WP Video Playlist plugin version 1.1.1 suffers from a persistent cross site scripting vulnerability.
+ Debian Security Advisory 5658-1txt—Debian Linux Security Advisory 5658-1 - Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, deni...
+ BMC Compuware iStrobe Web 20.13 Shell Upload—BMC Compuware iStrobe Web version 20.13 suffers from a remote shell upload vulnerability.
+ Kruxton 1.0 SQL Injection—Kruxton version 1.0 suffers from a remote SQL injection vulnerability.
+ Kruxton 1.0 Shell Upload—Kruxton version 1.0 suffers from a remote shell upload vulnerability.
+ WBCE 1.6.0 SQL Injection—WBCE version 1.6.0 suffers from a remote SQL injection vulnerability.
+ AMPLE BILLS 0.1 SQL injection—AMPLE BILLS version 0.1 suffers from a remote SQL injection vulnerability.
+ Debian Security Advisory 5657-1—Debian Linux Security Advisory 5657-1 - Several vulnerabilities were discovered in the Xorg X server, which may result in privilege escalation if the ...
+ PrusaSlicer 2.6.1 Arbitrary Code Execution—PrusaSlicer versions 2.6.1 and below suffer from an arbitrary code execution vulnerability.
+ Red Hat Security Advisory 2024-1812-03—Red Hat Security Advisory 2024-1812-03 - Custom Metrics Autoscaler Operator for Red Hat OpenShift including security updates. Issues addressed include...
+ Moodle 3.10.1 SQL Injection—Moodle version 3.10.1 suffers from a remote time-based SQL injection vulnerability.
+ Django REST Framework SimpleJWT 5.3.1 Information Disclosure—Django REST Framework SimpleJWT versions 5.3.1 and below suffer from an information disclosure vulnerability.
+ Red Hat Security Advisory 2024-1804-03—Red Hat Security Advisory 2024-1804-03 - An update for unbound is now available for Red Hat Enterprise Linux 8.6 Extended Update Support.
+ Red Hat Security Advisory 2024-1803-03—Red Hat Security Advisory 2024-1803-03 - Updates for bind and bind-dyndb-ldap are now available for Red Hat Enterprise Linux 9.2 Extended Update Suppo...
+ Jenkins 2.441 Local File Inclusion—Jenkins version 2.441 suffers from a local file inclusion vulnerability.
+ Red Hat Security Advisory 2024-1802-03—Red Hat Security Advisory 2024-1802-03 - An update for unbound is now available for Red Hat Enterprise Linux 8.8 Extended Update Support.
+ Red Hat Security Advisory 2024-1801-03—Red Hat Security Advisory 2024-1801-03 - An update for unbound is now available for Red Hat Enterprise Linux 9.0 Extended Update Support.
+ Red Hat Security Advisory 2024-1800-03—Red Hat Security Advisory 2024-1800-03 - Updates for bind and bind-dyndb-ldap are now available for Red Hat Enterprise Linux 9.0 Extended Update Suppo...
+ Juniper Networks Publishes Dozens Of New Security Advisories— [Category: headline,flaw,juniper]
+ Ransomware Group Claims Theft Of Data From Chipmaker Nexperia— [Category: headline,hacker,malware,data loss,cryptography]
+ Palo Alto Networks Releases Fixes For Firewall Zero-Day As Attribution Attempts Emerge— [Category: headline,flaw,patch,zero day]
+ Roku Makes 2FA Mandatory For All After Nearly 600k Accounts Pwned— [Category: headline,hacker,data loss,flaw,password]
+ Delinea Secret Server Customers Should Apply Latest Patches— [Category: headline,flaw,patch]

As of 4/24/24 5:35pm. Last new 4/24/24 3:14pm. Score: 157

Next feed in category: Microsoft Support Content - Windows 10/11