- + Ubuntu Security Notice USN-6757-2—Ubuntu Security Notice 6757-2 - USN-6757-1 fixed vulnerabilities in PHP. Unfortunately these fixes were incomplete for Ubuntu 20.04 LTS, Ubuntu 22.04 ...
- + Ubuntu Security Notice USN-6762-1—Ubuntu Security Notice 6762-1 - It was discovered that GNU C Library incorrectly handled netgroup requests. An attacker could possibly use this issue ...
- + SOPlanning 1.52.00 SQL Injection—SOPlanning version 1.52.00 suffers from a remote SQL injection vulnerability in projects.php.
- + SOPlanning 1.52.00 Cross Site Request Forgery—SOPlanning version 1.52.00 suffers from a cross site request forgery vulnerability in xajax_server.php.
- + SOPlanning 1.52.00 Cross Site Scripting—SOPlanning version 1.52.00 suffers from a cross site scripting vulnerability in groupe_save.php.
- + Red Hat Security Advisory 2024-2679-03—Red Hat Security Advisory 2024-2679-03 - An update for libxml2 is now available for Red Hat Enterprise Linux 9. Issues addressed include a use-after-f...
- + Red Hat Security Advisory 2024-2674-03—Red Hat Security Advisory 2024-2674-03 - An update for kernel is now available for Red Hat Enterprise Linux 8.6 Extended Update Support.
- + Red Hat Security Advisory 2024-2071-03—Red Hat Security Advisory 2024-2071-03 - Red Hat OpenShift Container Platform release 4.15.11 is now available with updates to packages and images tha...
- + Red Hat Security Advisory 2024-2068-03—Red Hat Security Advisory 2024-2068-03 - Red Hat OpenShift Container Platform release 4.15.11 is now available with updates to packages and images tha...
- + Red Hat Security Advisory 2024-2054-03—Red Hat Security Advisory 2024-2054-03 - Red Hat OpenShift Container Platform release 4.14.23 is now available with updates to packages and images tha...
- + Red Hat Security Advisory 2024-2049-03—Red Hat Security Advisory 2024-2049-03 - Red Hat OpenShift Container Platform release 4.13.41 is now available with updates to packages and images tha...
- + Botnet Disrupted By FBI Still Used By Russian Spies, Cybercriminals— [Category: headline,government,usa,russia,cybercrime,botnet,cyberwar,spyware,fbi]
- + Lessons From LOCKED SHIELDS 2024 Cyber Exercise— [Category: headline,government,cyberwar]
- + Microsoft, Google Do A Victory Lap Around Passkeys— [Category: headline,microsoft,google,password]
- + Indonesia Sneakily Buys Spyware, Claims Amnesty International— [Category: headline,government,privacy,spyware,indonesia]
- + Europol Op Shutters 12 Scam Call Centers And Cuffs 21 Suspected Fraudsters— [Category: headline,government,phone,fraud]
- + Debian Security Advisory 5676-1—Debian Linux Security Advisory 5676-1 - Security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of ...
- + Ubuntu Security Notice USN-6747-2—Ubuntu Security Notice 6747-2 - USN-6747-1 fixed vulnerabilities in Firefox. The update introduced several minor regressions. This update fixes the pr...
- + htmlLawed 1.2.5 Remote Command Execution—htmlLawed versions 1.2.5 and below proof of concept remote command execution exploit.
- + Red Hat Security Advisory 2024-2651-03—Red Hat Security Advisory 2024-2651-03 - An update for the nodejs:16 module is now available for Red Hat Enterprise Linux 8.8 Extended Update Support....
- + Red Hat Security Advisory 2024-2645-03—Red Hat Security Advisory 2024-2645-03 - An update for podman is now available for Red Hat Enterprise Linux 9.2 Extended Update Support.
- + 1,400 GitLab Servers Impacted By Exploited Vulnerability— [Category: headline,hacker,data loss,flaw]
- + Hackers Compromised Dropbox eSignature Service— [Category: headline,hacker,flaw]
- + Hacker Free-For-All Fights For Control Of Home And Office Routers Everywhere— [Category: headline,hacker,microsoft,email,spam,botnet]
- + REvil Ransomware Scum Gets 14 Years, $16 Million Fine— [Category: headline,hacker,malware,cybercrime,fraud,cryptography,ukraine]
- + Here's Your Chance To Own A Decommissioned US Government Supercomputer— [Category: headline,government,usa]
- + Packet Storm New Exploits For April, 2024—This archive contains all of the 132 exploits added to Packet Storm in April, 2024.
- + Ubuntu Security Notice USN-6760-1—Ubuntu Security Notice 6760-1 - George-Andrei Iosif and David Fernandez Gonzalez discovered that Gerbv did not properly initialize a data structure wh...
- + Kernel Live Patch Security Notice LSN-0103-1—Lonial Con discovered that the netfilter subsystem in the Linux kernel contained a memory leak when handling certain element flush operations. A local...
- + Microsoft PlayReady Cryptography Weakness—There is yet another attack possible against Protected Media Path process beyond the one involving two global XOR keys. The new attack may also result...
- + Online Tours And Travels Management System 1.0 SQL Injection—Online Tours and Travels Management System version 1.0 suffers from a remote SQL injection vulnerability.
- + Qantas App Glitch Sees Boarding Passes Fly To Other Accounts— [Category: headline,privacy,data loss,flaw]
- + Adobe Adds Content Credentials And Firefly To Bug Bounty Program— [Category: headline,flaw,adobe]
- + Google Boosts Bug Bounty Payouts Tenfold In Mobile App Security Push— [Category: headline,flaw,google]
- + London Drugs Pharmacy Closes All Stores To Respond To Cyber Incident— [Category: headline,hacker,privacy,britain,data loss]
- + China's Attacks On Critical Infrastructure Tip Of Iceberg— [Category: headline,government,usa,china,cyberwar,scada]
- + Red Hat Security Advisory 2024-2639-03—Red Hat Security Advisory 2024-2639-03 - The Migration Toolkit for Containers 1.7.15 is now available.
- + Red Hat Security Advisory 2024-2633-03—Red Hat Security Advisory 2024-2633-03 - Updated container image for Red Hat Ceph Storage 6.1 is now available in the Red Hat Ecosystem Catalog.
- + Red Hat Security Advisory 2024-2631-03—Red Hat Security Advisory 2024-2631-03 - An update is now available for Red Hat Ceph Storage 6.1 in the Red Hat Ecosystem Catalog.
- + Red Hat Security Advisory 2024-2628-03—Red Hat Security Advisory 2024-2628-03 - An update for kernel-rt is now available for Red Hat Enterprise Linux 9.2 Extended Update Support.
- + Red Hat Security Advisory 2024-2627-03—Red Hat Security Advisory 2024-2627-03 - An update for kernel is now available for Red Hat Enterprise Linux 9.2 Extended Update Support.
- + Red Hat Security Advisory 2024-2625-03—Red Hat Security Advisory 2024-2625-03 - An update for rhc-worker-script is now available for Red Hat Enterprise Linux 7. Issues addressed include a d...
- + Red Hat Security Advisory 2024-2624-03—Red Hat Security Advisory 2024-2624-03 - Red Hat Enterprise Linux 8.2 Advanced Update Support, Red Hat Enterprise Linux 8.2 Update Services for SAP So...
- + Red Hat Security Advisory 2024-2621-03—Red Hat Security Advisory 2024-2621-03 - An update for kernel is now available for Red Hat Enterprise Linux 8.8 Extended Update Support. Issues addres...
- + Red Hat Security Advisory 2024-2619-03—Red Hat Security Advisory 2024-2619-03 - An update for rh-mysql80-mysql is now available for Red Hat Software Collections.
- + Red Hat Security Advisory 2024-2616-03—Red Hat Security Advisory 2024-2616-03 - An update for tigervnc is now available for Red Hat Enterprise Linux 9.
- + Red Hat Security Advisory 2024-2587-03—Red Hat Security Advisory 2024-2587-03 - An update for unbound is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Supp...
- + Red Hat Security Advisory 2024-2586-03—Red Hat Security Advisory 2024-2586-03 - An update for the container-tools:3.0 module is now available for Red Hat Enterprise Linux 8.4 Advanced Missi...
- + Red Hat Security Advisory 2024-2585-03—Red Hat Security Advisory 2024-2585-03 - An update for kernel-rt is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Su...
- + Red Hat Security Advisory 2024-2584-03—Red Hat Security Advisory 2024-2584-03 - An update for pcs is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support,...
- + Red Hat Security Advisory 2024-2583-03—Red Hat Security Advisory 2024-2583-03 - An update for linux-firmware is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Upda...
- + Red Hat Security Advisory 2024-2582-03—Red Hat Security Advisory 2024-2582-03 - An update for kernel is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Suppo...
- + Red Hat Security Advisory 2024-2581-03—Red Hat Security Advisory 2024-2581-03 - An update for pcs is now available for Red Hat Enterprise Linux 8.8 Extended Update Support. Issues addressed...
- + Red Hat Security Advisory 2024-2580-03—Red Hat Security Advisory 2024-2580-03 - An update for yajl is now available for Red Hat Enterprise Linux 8.8 Extended Update Support. Issues addresse...
- + Red Hat Security Advisory 2024-2577-03—Red Hat Security Advisory 2024-2577-03 - An update for shadow-utils is now available for Red Hat Enterprise Linux 8.8 Extended Update Support.
- + Red Hat Security Advisory 2024-2575-03—Red Hat Security Advisory 2024-2575-03 - An update for expat is now available for Red Hat Enterprise Linux 8. Issues addressed include a denial of ser...
- + Windows PspBuildCreateProcessContext Double-Fetch / Buffer Overflow—Proof of concept code that demonstrates how the Windows kernel suffers from a privilege escalation vulnerability due to a double-fetch in PspBuildCrea...
- + Windows NtQueryInformationThread Double-Fetch / Arbitrary Write—Proof of concept code that demonstrates how the Windows kernel suffers from a privilege escalation vulnerability due to a double-fetch in NtQueryInfor...
- + undefinedExploiting The NT Kernel In 24H2undefined—This is the full Windows privilege escalation exploit produced from the blog Exploiting the NT Kernel in 24H2: New Bugs in Old Code and Side Channels ...
- + osCommerce 4 Cross Site Scripting—osCommerce version 4 suffers from a cross site scripting vulnerability. Original discovery of cross site scripting in this version is attributed to Cr...
- + Ubuntu Security Notice USN-6758-1—Ubuntu Security Notice 6758-1 - It was discovered that the JSON5 parse method incorrectly handled the parsing of keys named __proto__. An attacker cou...
- + Ubuntu Security Notice USN-6761-1—Ubuntu Security Notice 6761-1 - It was discovered that Anope did not properly process credentials for suspended accounts. An attacker could possibly u...
- + Ubuntu Security Notice USN-6759-1—Ubuntu Security Notice 6759-1 - It was discovered that FreeRDP incorrectly handled certain memory operations. If a user were tricked into connecting t...
- + Ubuntu Security Notice USN-6757-1—Ubuntu Security Notice 6757-1 - It was discovered that PHP incorrectly handled PHP_CLI_SERVER_WORKERS variable. An attacker could possibly use this is...
- + Red Hat Security Advisory 2024-2528-03—Red Hat Security Advisory 2024-2528-03 - An update for mingw-glib2 is now available for Red Hat Enterprise Linux 9.
- + Red Hat Security Advisory 2024-2525-03—Red Hat Security Advisory 2024-2525-03 - An update for mingw-pixman is now available for Red Hat Enterprise Linux 9. Issues addressed include integer ...
- + Red Hat Security Advisory 2024-2517-03—Red Hat Security Advisory 2024-2517-03 - An update for wpa_supplicant is now available for Red Hat Enterprise Linux 9. Issues addressed include a bypa...
- + Red Hat Security Advisory 2024-2512-03—Red Hat Security Advisory 2024-2512-03 - An update for file is now available for Red Hat Enterprise Linux 9. Issues addressed include a buffer over-re...
- + Red Hat Security Advisory 2024-2504-03—Red Hat Security Advisory 2024-2504-03 - An update for libssh is now available for Red Hat Enterprise Linux 9.
- + Red Hat Security Advisory 2024-2483-03—Red Hat Security Advisory 2024-2483-03 - An update for traceroute is now available for Red Hat Enterprise Linux 9.
- + Red Hat Security Advisory 2024-2463-03—Red Hat Security Advisory 2024-2463-03 - An update for systemd is now available for Red Hat Enterprise Linux 9.
- + Red Hat Security Advisory 2024-2456-03—Red Hat Security Advisory 2024-2456-03 - An update for grub2 is now available for Red Hat Enterprise Linux 9. Issues addressed include code execution,...
- + Red Hat Security Advisory 2024-2447-03—Red Hat Security Advisory 2024-2447-03 - An update for openssl and openssl-fips-provider is now available for Red Hat Enterprise Linux 9. Issues addre...
- + Red Hat Security Advisory 2024-2438-03—Red Hat Security Advisory 2024-2438-03 - An update for pam is now available for Red Hat Enterprise Linux 9.
- + Red Hat Security Advisory 2024-2437-03—Red Hat Security Advisory 2024-2437-03 - An update for exfatprogs is now available for Red Hat Enterprise Linux 9.
- + Red Hat Security Advisory 2024-2433-03—Red Hat Security Advisory 2024-2433-03 - An update for avahi is now available for Red Hat Enterprise Linux 9.
- + Red Hat Security Advisory 2024-2410-03—Red Hat Security Advisory 2024-2410-03 - An update for harfbuzz is now available for Red Hat Enterprise Linux 9.
- + Red Hat Security Advisory 2024-2396-03—Red Hat Security Advisory 2024-2396-03 - An update for squashfs-tools is now available for Red Hat Enterprise Linux 9. Issues addressed include a trav...
- + Red Hat Security Advisory 2024-2394-03—Red Hat Security Advisory 2024-2394-03 - An update for kernel is now available for Red Hat Enterprise Linux 9. Issues addressed include code execution...
- + Red Hat Security Advisory 2024-2387-03—Red Hat Security Advisory 2024-2387-03 - An update for mod_jk and mod_proxy_cluster is now available for Red Hat Enterprise Linux 9. Issues addressed ...
- + Red Hat Security Advisory 2024-2377-03—Red Hat Security Advisory 2024-2377-03 - An update for zziplib is now available for Red Hat Enterprise Linux 9.
- + Defending Infrastructure, Securing Systems Key To CISA's New AI Guidelines— [Category: headline,government,usa]
- + Apple's Incredibly Private Safari Is Not So Private In Europe— [Category: headline,privacy,flaw,apple]
- + Hacker Jailed For Blackmailing Therapy Patients— [Category: headline,hacker,privacy,cybercrime,data loss,fraud,finland]
- + UK Outlaws Awful Default Passwords On Connected Devices— [Category: headline,government,britain,password]
- + Vulnerability In R Programming Language Could Fuel Supply Chain Attacks— [Category: headline,flaw]
- + FCC Fines Wireless Carriers For Sharing User Locations Without Consent— [Category: headline,government,privacy,usa,phone]
- + Kemp LoadMaster Unauthenticated Command Injection—This Metasploit module exploits an unauthenticated command injection vulnerability in Progress Kemp LoadMaster in the authorization header after versi...
- + Debian Security Advisory 5675-1—Debian Linux Security Advisory 5675-1 - Security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of ...
- + Doctor Appointment Management System 1.0 Cross Site Scripting—Doctor Appointment Management System version 1.0 suffers from a cross site scripting vulnerability.
- + Ubuntu Security Notice USN-6744-3—Ubuntu Security Notice 6744-3 - USN-6744-1 fixed a vulnerability in Pillow. This update provides the corresponding updates for Ubuntu 24.04 LTS. Hugo ...
- + Ubuntu Security Notice USN-6734-2—Ubuntu Security Notice 6734-2 - USN-6734-1 fixed vulnerabilities in libvirt. This update provides the corresponding updates for Ubuntu 24.04 LTS. Alex...
- + Ubuntu Security Notice USN-6733-2—Ubuntu Security Notice 6733-2 - USN-6733-1 fixed vulnerabilities in GnuTLS. This update provides the corresponding updates for Ubuntu 24.04 LTS. It wa...
- + Ubuntu Security Notice USN-6718-3—Ubuntu Security Notice 6718-3 - USN-6718-1 fixed vulnerabilities in curl. This update provides the corresponding updates for Ubuntu 24.04 LTS. Dan Fan...
- + Ubuntu Security Notice USN-6729-3—Ubuntu Security Notice 6729-3 - USN-6729-1 fixed vulnerabilities in Apache HTTP Server. This update provides the corresponding updates for Ubuntu 24.0...
- + Ubuntu Security Notice USN-6737-2—Ubuntu Security Notice 6737-2 - USN-6737-1 fixed a vulnerability in the GNU C Library. This update provides the corresponding update for Ubuntu 24.04 ...
- + Ubuntu Security Notice USN-6756-1—Ubuntu Security Notice 6756-1 - It was discovered that less mishandled newline characters in file names. If a user or automated system were tricked in...
- + Ubuntu Security Notice USN-6755-1—Ubuntu Security Notice 6755-1 - Ingo Brückl discovered that cpio contained a path traversal vulnerability. If a user or automated system were tricked ...
- + ESET NOD32 Antivirus 17.1.11.0 Unquoted Service Path—ESET NOD32 Antivirus version 17.1.11.0 suffers from an unquoted service path vulnerability.
- + Red Hat Security Advisory 2024-2098-03—Red Hat Security Advisory 2024-2098-03 - An update for the container-tools:rhel8 module is now available for Red Hat Enterprise Linux 8.
- + Red Hat Security Advisory 2024-2097-03—Red Hat Security Advisory 2024-2097-03 - An update for the container-tools:4.0 module is now available for Red Hat Enterprise Linux 8.6 Extended Updat...
- + Red Hat Security Advisory 2024-2088-03—Red Hat Security Advisory 2024-2088-03 - An update is now available for the Red Hat build of Cryostat 2 on RHEL 8. Issues addressed include denial of ...
- + Red Hat Security Advisory 2024-2086-03—Red Hat Security Advisory 2024-2086-03 - An update for shim is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Issues addresse...
- + Red Hat Security Advisory 2024-2079-03—Red Hat Security Advisory 2024-2079-03 - An update for git-lfs is now available for Red Hat Enterprise Linux 9. Issues addressed include a denial of s...
- + Red Hat Security Advisory 2024-2077-03—Red Hat Security Advisory 2024-2077-03 - An update for the container-tools:rhel8 module is now available for Red Hat Enterprise Linux 8.8 Extended Upd...
- + Red Hat Security Advisory 2024-1897-03—Red Hat Security Advisory 2024-1897-03 - Red Hat OpenShift Container Platform release 4.14.22 is now available with updates to packages and images tha...
- + Red Hat Security Advisory 2024-1891-03—Red Hat Security Advisory 2024-1891-03 - Red Hat OpenShift Container Platform release 4.14.22 is now available with updates to packages and images tha...
- + OpenAI's ChatGPT Targeted In Austrian Privacy Complaint— [Category: headline,government,privacy]
- + Okta Warns Of Credential Stuffing Attacks Using Tor, Residential Proxies— [Category: headline,hacker,password,identity theft,phish]
- + Watchdog Reveals Google Privacy Sandbox Worries— [Category: headline,privacy,flaw,google]
- + Meta To Face EU Probe For Not Doing Enough To Stop Russian Disinformation— [Category: headline,government,russia,fraud,facebook,social]
- + Ten Years Of Heartbleed: Lessons Learned— [Category: headline,hacker,privacy,data loss,flaw,backdoor]
- + Kaiser Permanente Notifies 13.4M Patients Of Data Exposure— [Category: headline,hacker,privacy,data loss]
- + The Not-So-Silent Type—Whitepaper called The not-so-silent type - Vulnerabilities across keyboard apps reveal keystrokes to network eavesdroppers.
- + Ubuntu Security Notice USN-6754-1—Ubuntu Security Notice 6754-1 - It was discovered that nghttp2 incorrectly handled the HTTP/2 implementation. A remote attacker could possibly use thi...
- + Ubuntu Security Notice USN-6753-1—Ubuntu Security Notice 6753-1 - Thomas Neil James Shadwell discovered that CryptoJS was using an insecure cryptographic default configuration. A remot...
- + Debian Security Advisory 5674-1—Debian Linux Security Advisory 5674-1 - It was discovered that PDNS Recursor, a resolving name server, was susceptible to denial of service if recursi...
- + Ubuntu Security Notice USN-6751-1—Ubuntu Security Notice 6751-1 - It was discovered that Zabbix incorrectly handled input data in the discovery and graphs pages. A remote authenticated...
- + Ubuntu Security Notice USN-6752-1—Ubuntu Security Notice 6752-1 - It was discovered that FreeRDP incorrectly handled certain memory operations. If a user were tricked into connecting t...
- + Red Hat Security Advisory 2024-2066-03—Red Hat Security Advisory 2024-2066-03 - An update for buildah is now available for Red Hat Enterprise Linux 9.0 Extended Update Support.
- + Red Hat Security Advisory 2024-2064-03—Red Hat Security Advisory 2024-2064-03 - An update for buildah is now available for Red Hat Enterprise Linux 9.2 Extended Update Support.
- + Red Hat Security Advisory 2024-2063-03—Red Hat Security Advisory 2024-2063-03 - An update for yajl is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Issues addresse...
- + Red Hat Security Advisory 2024-2062-03—Red Hat Security Advisory 2024-2062-03 - An update is now available for Service Telemetry Framework 1.5.4 for RHEL 9. Issues addressed include a denia...
- + Red Hat Security Advisory 2024-1899-03—Red Hat Security Advisory 2024-1899-03 - Red Hat OpenShift Container Platform release 4.12.56 is now available with updates to packages and images tha...
- + Red Hat Security Advisory 2024-1896-03—Red Hat Security Advisory 2024-1896-03 - Red Hat OpenShift Container Platform release 4.12.56 is now available with updates to packages and images tha...
- + Red Hat Security Advisory 2024-1892-03—Red Hat Security Advisory 2024-1892-03 - Red Hat OpenShift Container Platform release 4.15.10 is now available with updates to packages and images tha...
- + Red Hat Security Advisory 2024-1887-03—Red Hat Security Advisory 2024-1887-03 - Red Hat OpenShift Container Platform release 4.15.10 is now available with updates to packages and images tha...
- + Powerful Brokewell Android Trojan Allows Device Takeover— [Category: headline,privacy,malware,phone,trojan,data loss,flaw,google,backdoor]
- + Over 1,400 CrushFTP Instances Vulnerable To Exploited 0-Day— [Category: headline,hacker,data loss,flaw]
- + Millions Of IPs Remain Infected By USB Worm Years After Its Creators Left It For Dead— [Category: headline,malware,backdoor]
- + 750 Million Vulnerable To Snooping From Chinese Keyboard Apps— [Category: headline,privacy,china,data loss,flaw]
- + Ubuntu Security Notice USN-6750-1—Ubuntu Security Notice 6750-1 - Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted websi...
- + Ubuntu Security Notice USN-6743-3—Ubuntu Security Notice 6743-3 - Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the sy...
- + Ubuntu Security Notice USN-6657-2—Ubuntu Security Notice 6657-2 - USN-6657-1 fixed several vulnerabilities in Dnsmasq. This update provides the corresponding update for Ubuntu 16.04 LT...
- + Ubuntu Security Notice USN-6749-1—Ubuntu Security Notice 6749-1 - It was discovered that FreeRDP incorrectly handled certain context resets. If a user were tricked into connecting to a...
- + Red Hat Security Advisory 2024-2060-03—Red Hat Security Advisory 2024-2060-03 - Red Hat OpenShift Virtualization release 4.14.5 is now available with updates to packages and images that fix...
- + Red Hat Security Advisory 2024-2055-03—Red Hat Security Advisory 2024-2055-03 - An update for buildah is now available for Red Hat Enterprise Linux 9.
- + Red Hat Security Advisory 2024-2045-03—Red Hat Security Advisory 2024-2045-03 - An update for unbound is now available for Red Hat Enterprise Linux 8.6 Extended Update Support.
- + Red Hat Security Advisory 2024-2044-03—Red Hat Security Advisory 2024-2044-03 - An update for gnutls is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Issues addres...
- + Red Hat Security Advisory 2024-2042-03—Red Hat Security Advisory 2024-2042-03 - An update for tigervnc is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Sup...
- + Red Hat Security Advisory 2024-2041-03—Red Hat Security Advisory 2024-2041-03 - An update for tigervnc is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support, Red Hat Ent...
- + Red Hat Security Advisory 2024-2040-03—Red Hat Security Advisory 2024-2040-03 - An update for tigervnc is now available for Red Hat Enterprise Linux 9.2 Extended Update Support.
- + Red Hat Security Advisory 2024-2039-03—Red Hat Security Advisory 2024-2039-03 - An update for tigervnc is now available for Red Hat Enterprise Linux 8.6 Extended Update Support.
- + Red Hat Security Advisory 2024-2038-03—Red Hat Security Advisory 2024-2038-03 - An update for tigervnc is now available for Red Hat Enterprise Linux 8.8 Extended Update Support.
- + Red Hat Security Advisory 2024-2037-03—Red Hat Security Advisory 2024-2037-03 - An update for tigervnc is now available for Red Hat Enterprise Linux 8.
- + Red Hat Security Advisory 2024-2036-03—Red Hat Security Advisory 2024-2036-03 - An update for tigervnc is now available for Red Hat Enterprise Linux 9.0 Extended Update Support.
- + PowerVR PMRMMapPMR() Writability Check—PowerVR has a security issue where a writability check in PMRMMapPMR() does not clear VM_MAYWRITE.
- + Nation-State Hackers Exploit Cisco Firewall Zero Days To Backdoor Government Networks— [Category: headline,hacker,government,cyberwar,cisco,backdoor]
- + FTC Sending $5.6 Million To Ring Customers Over Security Failures— [Category: headline,government,privacy,usa,amazon,flaw]
- + Palo Alto Networks Shares Remediation Advice— [Category: headline,flaw]
- + Russia, Iran Pose Most Aggressive Threat To 2024 Election— [Category: headline,government,usa,russia,fraud,cyberwar,iran]
- + Apache Solr Backup/Restore API Remote Code Execution—Apache Solr versions 6.0.0 through 8.11.2 and versions 9.0.0 up to 9.4.1 are affected by an unrestricted file upload vulnerability which can result in...
- + Ubuntu Security Notice USN-6748-1—Ubuntu Security Notice 6748-1 - It was discovered that Sanitize incorrectly handled noscript elements under certain circumstances. An attacker could p...
- + Ubuntu Security Notice USN-6747-1—Ubuntu Security Notice 6747-1 - Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, ...
- + Ubuntu Security Notice USN-6742-2—Ubuntu Security Notice 6742-2 - Daniele Antonioli discovered that the Secure Simple Pairing and Secure Connections pairing in the Bluetooth protocol c...
- + Relate Learning And Teaching System SSTI / Remote Code Execution—Relate Learning and Teaching System versions prior to 2024.1 suffers from a server-side template injection vulnerability that leads to remote code exe...
- + Nginx 1.25.5 Host Header Validation—Nginx versions 1.25.5 and below appear to have a host header filtering validation bug that could possibly be used for malice.
- + Red Hat Security Advisory 2024-2033-03—Red Hat Security Advisory 2024-2033-03 - An update for libreswan is now available for Red Hat Enterprise Linux 9.
- + Red Hat Security Advisory 2024-2011-03—Red Hat Security Advisory 2024-2011-03 - Updated Satellite Client packages that fixes Important security bugs and regular bugs are now available for R...
- + Red Hat Security Advisory 2024-2010-03—Red Hat Security Advisory 2024-2010-03 - An update is now available for Red Hat Satellite 6.15. The release contains a new version of Satellite and im...
- + Red Hat Security Advisory 2024-2008-03—Red Hat Security Advisory 2024-2008-03 - An update for kernel-rt is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support, Red Hat En...
- + Red Hat Security Advisory 2024-2007-03—Red Hat Security Advisory 2024-2007-03 - An update for pcs is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support, Red Hat Enterpri...
- + Red Hat Security Advisory 2024-2006-03—Red Hat Security Advisory 2024-2006-03 - An update for kernel is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support, Red Hat Enter...
- + Red Hat Security Advisory 2024-2005-03—Red Hat Security Advisory 2024-2005-03 - An update for linux-firmware is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support, Red H...
- + Red Hat Security Advisory 2024-2004-03—Red Hat Security Advisory 2024-2004-03 - An update for kernel is now available for Red Hat Enterprise Linux 7. Issues addressed include null pointer a...
- + Red Hat Security Advisory 2024-2003-03—Red Hat Security Advisory 2024-2003-03 - An update for kernel-rt is now available for Red Hat Enterprise Linux 7. Issues addressed include null pointe...
- + Red Hat Security Advisory 2024-2002-03—Red Hat Security Advisory 2024-2002-03 - An update for grub2 is now available for Red Hat Enterprise Linux 7. Issues addressed include buffer overflow...
- + Red Hat Security Advisory 2024-1999-03—Red Hat Security Advisory 2024-1999-03 - An update for postgresql-jdbc is now available for Red Hat Enterprise Linux 9.0 Extended Update Support.
- + Red Hat Security Advisory 2024-1998-03—Red Hat Security Advisory 2024-1998-03 - An update for libreswan is available for Red Hat Enterprise Linux 8.
- + Red Hat Security Advisory 2024-1997-03—Red Hat Security Advisory 2024-1997-03 - An update for gnutls is now available for Red Hat Enterprise Linux 8.8 Extended Update Support. Issues addres...
- + Red Hat Security Advisory 2024-1994-03—Red Hat Security Advisory 2024-1994-03 - An update for the container-tools:rhel8 module is now available for Red Hat Enterprise Linux 8.6 Extended Upd...
- + Red Hat Security Advisory 2024-1992-03—Red Hat Security Advisory 2024-1992-03 - An update for opencryptoki is now available for Red Hat Enterprise Linux 8.6 Extended Update Support.
- + Red Hat Security Advisory 2024-1989-03—Red Hat Security Advisory 2024-1989-03 - An update for less is now available for Red Hat Enterprise Linux 8.6 Extended Update Support.
- + Red Hat Security Advisory 2024-1982-03—Red Hat Security Advisory 2024-1982-03 - An update for thunderbird is now available for Red Hat Enterprise Linux 8.4 Advanced Mission critical Update ...
- + Google Patches Critical Chrome Vulnerability— [Category: headline,flaw,google,patch,chrome]
- + Hackers Are Using Developing Countries For Ransomware Practice— [Category: headline,hacker,malware,cybercrime,fraud,cryptography]
- + North Korean Hackers Hijack Antivirus Updates For Malware Delivery— [Category: headline,hacker,government,malware,flaw,cyberwar,military,north korea]
- + CISA Warns Of Windows Print Spooler Flaw After Microsoft Sees Russian Exploitation— [Category: headline,government,microsoft,usa,russia,flaw,cyberwar]
- + US Charges Iranians With Cyber Snooping On Government, Companies— [Category: headline,hacker,government,privacy,usa,cyberwar,spyware,iran]
- + TensorFlow AI Models At Risk Due To Keras API Flaw— [Category: headline,flaw]
- + Nmap Port Scanner 7.95—Nmap is a utility for port scanning large networks, although it works fine for single hosts. Sometimes you need speed, other times you may need stealt...
- + Debian Security Advisory 5673-1—Debian Linux Security Advisory 5673-1 - Charles Fol discovered that the iconv() function in the GNU C library is prone to a buffer overflow vulnerabil...
- + Ubuntu Security Notice USN-6746-1—Ubuntu Security Notice 6746-1 - It was discovered that Google Guest Agent and Google OS Config Agent incorrectly handled certain JSON files. An attack...
- + FortiNet FortiClient EMS 7.2.2 / 7.0.10 SQL Injection / Remote Code Execution—A remote SQL injection vulnerability exists in FortiNet FortiClient EMS (Endpoint Management Server) versions 7.2.0 through 7.2.2 and 7.0.1 through 7....
- + Suricata IDPE 7.0.5—Suricata is a network intrusion detection and prevention engine developed by the Open Information Security Foundation and its supporting vendors. The ...
- + Debian Security Advisory 5672-1—Debian Linux Security Advisory 5672-1 - Several vulnerabilities have been discovered in the OpenJDK Java runtime, which may result in denial of servic...
- + GitLens Git Local Configuration Execution—GitKraken GitLens versions prior to 14.0.0 allow an untrusted workspace to execute git commands. A repo may include its own .git folder including a ma...
- + Ubuntu Security Notice USN-6728-3—Ubuntu Security Notice 6728-3 - USN-6728-1 fixed vulnerabilities in Squid. The fix for CVE-2023-5824 caused Squid to crash in certain environments on ...
- + Ubuntu Security Notice USN-6743-2—Ubuntu Security Notice 6743-2 - Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the sy...
- + Visual Studio Code Execution—This Metasploit module creates a vsix file which can be installed in Visual Studio Code as an extension. At activation/install, the extension will exe...
- + Debian Security Advisory 5671-1—Debian Linux Security Advisory 5671-1 - Several vulnerabilities have been discovered in the OpenJDK Java runtime, which may result in denial of servic...
- + Gambio Online Webshop 4.9.2.0 Remote Code Execution—A remote code execution vulnerability in Gambio online webshop versions 4.9.2.0 and below allows remote attackers to run arbitrary commands via an una...
- + Palo Alto Networks PAN-OS Unauthenticated Remote Code Execution—This Metasploit module exploits two vulnerabilities in Palo Alto Networks PAN-OS that allow an unauthenticated attacker to create arbitrarily named fi...
- + Debian Security Advisory 5670-1—Debian Linux Security Advisory 5670-1 - Multiple security issues were discovered in Thunderbird, which could result in denial of service or the execut...
- + Ubuntu Security Notice USN-6744-2—Ubuntu Security Notice 6744-2 - USN-6744-1 fixed a vulnerability in Pillow. This update provides the corresponding updates for Pillow in Ubuntu 20.04 ...
- + Palo Alto PAN-OS Command Execution / Arbitrary File Creation—Palo Alto PAN-OS versions prior to 11.1.2-h3 command injection and arbitrary file creation exploit.
- + Ubuntu Security Notice USN-6744-1—Ubuntu Security Notice 6744-1 - Hugo van Kemenade discovered that Pillow was not properly performing bounds checks when processing an ICC file, which ...
- + Ubuntu Security Notice USN-6745-1—Ubuntu Security Notice 6745-1 - It was discovered that in Percona XtraBackup, a local crafted filename could trigger arbitrary code execution.
- + Ubuntu Security Notice USN-6738-1—Ubuntu Security Notice 6738-1 - Fabian Bäumer, Marcus Brinkmann, and Joerg Schwenk discovered that LXD incorrectly handled the handshake phase and the...
- + Red Hat Security Advisory 2024-1963-03—Red Hat Security Advisory 2024-1963-03 - An update for golang is now available for Red Hat Enterprise Linux 9. Issues addressed include a denial of se...
- + Red Hat Security Advisory 2024-1962-03—Red Hat Security Advisory 2024-1962-03 - An update for the go-toolset:rhel8 module is now available for Red Hat Enterprise Linux 8. Issues addressed i...
- + Red Hat Security Advisory 2024-1961-03—Red Hat Security Advisory 2024-1961-03 - An update for kpatch-patch is now available for Red Hat Enterprise Linux 8.2 Update Services for SAP Solution...
- + Red Hat Security Advisory 2024-1960-03—Red Hat Security Advisory 2024-1960-03 - An update for kpatch-patch is now available for Red Hat Enterprise Linux 7. Issues addressed include a use-af...
- + Red Hat Security Advisory 2024-1959-03—Red Hat Security Advisory 2024-1959-03 - An update for shim is now available for Red Hat Enterprise Linux 7. Issues addressed include buffer overflow,...
- + Red Hat Security Advisory 2024-1948-03—Red Hat Security Advisory 2024-1948-03 - An update for Red Hat Build of Apache Camel 3.18 for Quarkus 2.13 is now available. The purpose of this text-...
- + Authorities Investigate LabHost Users After Phishing Service Shutdown— [Category: headline,cybercrime,fraud,phish]
- + Windows Vulnerability Reported By The NSA Exploited To Install Russian Malware— [Category: headline,government,microsoft,usa,russia,flaw,cyberwar,spyware,nsa]
- + UnitedHealth Admits Breach Could Cover Substantial Proportion Of People In America— [Category: headline,hacker,privacy,data loss]
- + Microsoft DRM Hack Could Allow Movie Downloads From Streaming— [Category: headline,microsoft,flaw,pirate]
- + Over A Million Neighbourhood Watch Members Exposed— [Category: headline,privacy,britain,data loss]
- + MITRE Hacked By State Sponsored Group Via Ivanti Zero Days— [Category: headline,hacker,government]
- + Debian Security Advisory 5665-1—Debian Linux Security Advisory 5665-1 - Several security vulnerabilities have been discovered in the Tomcat servlet and JSP engine.
- + Debian Security Advisory 5664-1—Debian Linux Security Advisory 5664-1 - Jetty 9 is a Java based web server and servlet engine. It was discovered that remote attackers may leave many ...
- + Elber Wayber Analog/Digital Audio STL 4.00 Insecure Direct Object Reference—Elber Wayber Analog/Digital Audio STL version 4.00 suffers from an unauthenticated device configuration and client-side hidden functionality disclosur...
- + Elber Wayber Analog/Digital Audio STL 4.00 Authentication Bypass—Elber Wayber Analog/Digital Audio STL version 4.00 suffers from an authentication bypass vulnerability through a direct and unauthorized access to the...
- + Elber ESE DVB-S/S2 Satellite Receiver 1.5.x Insecure Direct Object Reference—Elber ESE DVB-S/S2 Satellite Receiver version 1.5.x suffers from an unauthenticated device configuration and client-side hidden functionality disclosu...
- + Elber ESE DVB-S/S2 Satellite Receiver 1.5.x Authentication Bypass—Elber ESE DVB-S/S2 Satellite Receiver version 1.5.x suffers from an authentication bypass vulnerability through a direct and unauthorized access to th...
- + Elber Reble610 M/ODU XPIC IP-ASI-SDH Microwave Link Insecure Direct Object Reference—Elber Reble610 M/ODU XPIC IP-ASI-SDH Microwave Link suffers from an unauthenticated device configuration and client-side hidden functionality disclosu...
- + Elber Reble610 M/ODU XPIC IP-ASI-SDH Microwave Link Authentication Bypass—Elber Reble610 M/ODU XPIC IP-ASI-SDH Microwave Link suffers from an authentication bypass vulnerability through a direct and unauthorized access to th...
- + Elber Cleber/3 Broadcast Multi-Purpose Platform 1.0.0 Insecure Direct Object Reference—Elber Cleber/3 Broadcast Multi-Purpose Platform version 1.0.0 suffers from an unauthenticated device configuration and client-side hidden functionalit...
- + Elber Cleber/3 Broadcast Multi-Purpose Platform 1.0.0 Authentication Bypass—Elber Cleber/3 Broadcast Multi-Purpose Platform version 1.0.0 suffers from an authentication bypass vulnerability through a direct and unauthorized ac...
- + Elber Signum DVB-S/S2 IRD For Radio Networks 1.999 Insecure Direct Object Reference—Elber Signum DVB-S/S2 IRD for Radio Networks version 1.999 suffers from an unauthenticated device configuration and client-side hidden functionality d...
- + Elber Signum DVB-S/S2 IRD For Radio Networks 1.999 Authentication Bypass—Elber Signum DVB-S/S2 IRD for Radio Networks version 1.999 suffers from an authentication bypass vulnerability through a direct and unauthorized acces...
- + Ubuntu Security Notice USN-6737-1—Ubuntu Security Notice 6737-1 - Charles Fol discovered that the GNU C Library iconv feature incorrectly handled certain input sequences. An attacker c...
- + Clam AntiVirus Toolkit 1.3.1—Clam AntiVirus is an anti-virus toolkit for Unix. The main purpose of this software is the integration with mail servers (attachment scanning). The pa...
- + Ubuntu Security Notice USN-6729-2—Ubuntu Security Notice 6729-2 - USN-6729-1 fixed several vulnerabilities in Apache. This update provides the corresponding update for Ubuntu 16.04 LTS...
- + Red Hat Security Advisory 2024-1904-03—Red Hat Security Advisory 2024-1904-03 - An update for firefox is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support, Red Hat Ente...
- + Red Hat Security Advisory 2024-1901-03—Red Hat Security Advisory 2024-1901-03 - OpenShift container images for the Red Hat Service Interconnect 1.5 release.
- + Red Hat Security Advisory 2024-1883-03—Red Hat Security Advisory 2024-1883-03 - An update for shim is now available for Red Hat Enterprise Linux 8.8 Extended Update Support. Issues addresse...
- + Red Hat Security Advisory 2024-1882-03—Red Hat Security Advisory 2024-1882-03 - An update for kernel-rt is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Issues add...
- + Red Hat Security Advisory 2024-1881-03—Red Hat Security Advisory 2024-1881-03 - An update for kernel is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Issues addres...
- + Red Hat Security Advisory 2024-1880-03—Red Hat Security Advisory 2024-1880-03 - An update for the nodejs:18 module is now available for Red Hat Enterprise Linux 8.8 Extended Update Support....
- + Red Hat Security Advisory 2024-1879-03—Red Hat Security Advisory 2024-1879-03 - An update for gnutls is now available for Red Hat Enterprise Linux 9. Issues addressed include an information...
- + Red Hat Security Advisory 2024-1878-03—Red Hat Security Advisory 2024-1878-03 - An updated version of Red Hat Update Infrastructure is now available. RHUI 4.8 fixes several security an oper...
- + Red Hat Security Advisory 2024-1877-03—Red Hat Security Advisory 2024-1877-03 - An update for kernel is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Issues addres...
- + Red Hat Security Advisory 2024-1876-03—Red Hat Security Advisory 2024-1876-03 - An update for shim is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Issues addresse...
- + Russia's Sandworm APT Linked To Attack On Texas Water Plant— [Category: headline,malware,usa,russia,cyberwar,scada]
- + EU Tells Meta It Can't Paywall Privacy— [Category: headline,government,privacy,facebook,social]
- + Kremlin-Backed Actors Spread Disinformation Ahead Of US Elections— [Category: headline,government,usa,russia,fraud,cyberwar]
- + Lawmakers Are Kicking Warrantless Wiretapping Into Overdrive— [Category: headline,government,privacy,usa,phone,spyware]
- + Five Eyes Agencies Release New AI Security Guidance— [Category: headline,government]
- + Phishing Platform LabHost Shut Down By Law Enforcement— [Category: headline,government,fraud,phish]
- + Palo Alto OS Command Injection—Palo Alto OS was recently hit by a command injection zero day attack. These are exploitation details related to the zero day.
- + Palo Alto OS Command Injection Proof Of Concept—This is a scanning script to validate vulnerable Palo Alto OS systems for the recent zero day command injection vulnerability.
- + pgAdmin 8.3 Remote Code Execution—pgAdmin versions 8.3 and below have a path traversal vulnerability within their session management logic that can allow a pickled file to be loaded fr...
- + Debian Security Advisory 5655-2—Debian Linux Security Advisory 5655-2 - The update of cockpit released in DSA 5655-1 did not correctly build binary packages due to unit test failures...
- + Debian Security Advisory 5662-1—Debian Linux Security Advisory 5662-1 - Multiple vulnerabilities have been discovered in the Apache HTTP server, which may result in HTTP response spl...
- + Ubuntu Security Notice USN-6726-3—Ubuntu Security Notice 6726-3 - Pratyush Yadav discovered that the Xen network backend implementation in the Linux kernel did not properly handle zero...
- + Ubuntu Security Notice USN-6726-2—Ubuntu Security Notice 6726-2 - Pratyush Yadav discovered that the Xen network backend implementation in the Linux kernel did not properly handle zero...
- + Ubuntu Security Notice USN-6725-2—Ubuntu Security Notice 6725-2 - Chih-Yen Chang discovered that the KSMBD implementation in the Linux kernel did not properly validate certain data str...
- + Ubuntu Security Notice USN-6724-2—Ubuntu Security Notice 6724-2 - Pratyush Yadav discovered that the Xen network backend implementation in the Linux kernel did not properly handle zero...
- + Red Hat Security Advisory 2024-1868-03—Red Hat Security Advisory 2024-1868-03 - An update is now available for Red Hat build of Keycloak. Issues addressed include bypass, cross site scripti...
- + Red Hat Security Advisory 2024-1865-03—Red Hat Security Advisory 2024-1865-03 - Red Hat Single Sign-On 7.6.8 Operator enhancement and security update.
- + Red Hat Security Advisory 2024-1859-03—Red Hat Security Advisory 2024-1859-03 - OpenShift API for Data Protection 1.3.1 is now available. Issues addressed include a denial of service vulner...
- + Red Hat Security Advisory 2024-1856-03—Red Hat Security Advisory 2024-1856-03 - An update for opencryptoki is now available for Red Hat Enterprise Linux 9.2 Extended Update Support.
- + Red Hat Security Advisory 2024-1846-03—Red Hat Security Advisory 2024-1846-03 - An update for pcs is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Issues addressed...
- + Red Hat Security Advisory 2024-1841-03—Red Hat Security Advisory 2024-1841-03 - An update for pcs is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Issues addressed...
- + Red Hat Security Advisory 2024-1840-03—Red Hat Security Advisory 2024-1840-03 - An update for kernel-rt is now available for Red Hat Enterprise Linux 9.0 Extended Update Support.
- + Red Hat Security Advisory 2024-1836-03—Red Hat Security Advisory 2024-1836-03 - An update for kernel is now available for Red Hat Enterprise Linux 9.0 Extended Update Support.
- + Red Hat Security Advisory 2024-1835-03—Red Hat Security Advisory 2024-1835-03 - An update for shim is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Issues addresse...
- + Red Hat Security Advisory 2024-1834-03—Red Hat Security Advisory 2024-1834-03 - An update for shim is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support, Red Hat Enterpr...
- + Red Hat Security Advisory 2024-1833-03—Red Hat Security Advisory 2024-1833-03 - An update for squid is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Issues address...
- + Red Hat Security Advisory 2024-1832-03—Red Hat Security Advisory 2024-1832-03 - An update for the squid:4 module is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical ...
- + Red Hat Security Advisory 2024-1770-03—Red Hat Security Advisory 2024-1770-03 - Red Hat OpenShift Container Platform release 4.15.9 is now available with updates to packages and images that...
- + Scammers Offer Cash To Phone Carrier Staff To Swap SIM Cards— [Category: headline,phone,cybercrime,fraud,password]
- + Ivanti Patches 27 Vulns In Avalanche MDM Product— [Category: headline,flaw,patch]
- + Attackers Are Pummeling Networks Around The World With Millions Of Login Attempts— [Category: headline,hacker,password]
- + Recent OT And Espionage Attacks Linked To Russia's Sandworm, Now Named APT44— [Category: headline,hacker,government,malware,cyberwar,spyware]
- + OpenAI's ChatGPT Can Exploit Real Vulnerabilities By Reading Advisories— [Category: headline,flaw,science]
- + Debian Security Advisory 5661-1—Debian Linux Security Advisory 5661-1 - Multiple security issues were found in PHP, a widely-used open source general purpose scripting language which...
- + Debian Security Advisory 5660-1—Debian Linux Security Advisory 5660-1 - Multiple security issues were found in PHP, a widely-used open source general purpose scripting language which...
- + Centreon 23.10-1.el8 SQL Injection—Centreon version 23.10-1.el8 suffers from a remote authenticated SQL injection vulnerability.
- + Backdoor.Win32.Dumador.c MVID-2024-0679 Buffer Overflow—Backdoor.Win32.Dumador.c malware suffers from a buffer overflow vulnerability.
- + Ubuntu Security Notice USN-6736-1—Ubuntu Security Notice 6736-1 - It was discovered that zlib, vendored in klibc, incorrectly handled pointer arithmetic. An attacker could use this iss...
- + Ubuntu Security Notice USN-6735-1—Ubuntu Security Notice 6735-1 - It was discovered that Node.js incorrectly handled the use of invalid public keys while creating an x509 certificate. ...
- + Ubuntu Security Notice USN-6734-1—Ubuntu Security Notice 6734-1 - Alexander Kuznetsov discovered that libvirt incorrectly handled certain API calls. An attacker could possibly use this...
- + Ubuntu Security Notice USN-6733-1—Ubuntu Security Notice 6733-1 - It was discovered that GnuTLS had a timing side-channel when performing certain ECDSA operations. A remote attacker co...
- + Ubuntu Security Notice USN-6732-1—Ubuntu Security Notice 6732-1 - Several security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewi...
- + Red Hat Security Advisory 2024-1831-03—Red Hat Security Advisory 2024-1831-03 - An update for kernel is now available for Red Hat Enterprise Linux 6 Extended Lifecycle Support. Issues addre...
- + Google Location Tracking Deal Could Be Derailed By Politics— [Category: headline,government,privacy,google,spyware]
- + Cryptojacker Arrested For Defrauding Cloud Providers Of $3.5 Million— [Category: headline,hacker,cybercrime,fraud,cryptography]
- + Delinea Scrambles To Patch Critical Flaw After Ignoring Researcher— [Category: headline,hacker,flaw,patch]
- + AI Watchdog Defends Against New LLM Jailbreak Method— [Category: headline,hacker,microsoft,flaw]
- + Amazon AWS Glue Database Password Disclosure—The password of database connections in AWS Glue is loaded into the website when a connection's edit page is requested. Principals with appropriate pe...
- + CrushFTP Remote Code Execution—This Metasploit exploit module leverages an improperly controlled modification of dynamically-determined object attributes vulnerability (CVE-2023-431...
- + American Fuzzy Lop plus plus 4.20c—Google's American Fuzzy Lop is a brute-force fuzzer coupled with an exceedingly simple but rock-solid instrumentation-guided genetic algorithm. afl++ ...
- + Debian Security Advisory 5659-1—Debian Linux Security Advisory 5659-1 - Bartek Nowotarski discovered that Apache Traffic Server, a reverse and forward proxy server, was susceptible t...
- + OpenSSH 8 Password Backdoor—This is a backdoored version of openssh-8.0p1 where the ssh client will log the ssh username and ssh password into /opt/.../log.txt.
- + Ubuntu Security Notice USN-6731-1—Ubuntu Security Notice 6731-1 - It was discovered that YARD before 0.9.11 does not block relative paths with an initial ../ sequence, which allows att...
- + GLPI 10.x.x Remote Command Execution—GLPI versions 10.x.x suffers from a remote command execution vulnerability via the shell commands plugin.
- + WordPress WP Video Playlist 1.1.1 Cross Site Scripting—WordPress WP Video Playlist plugin version 1.1.1 suffers from a persistent cross site scripting vulnerability.
- + Debian Security Advisory 5658-1txt—Debian Linux Security Advisory 5658-1 - Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, deni...
- + BMC Compuware iStrobe Web 20.13 Shell Upload—BMC Compuware iStrobe Web version 20.13 suffers from a remote shell upload vulnerability.
- + Kruxton 1.0 SQL Injection—Kruxton version 1.0 suffers from a remote SQL injection vulnerability.
- + Kruxton 1.0 Shell Upload—Kruxton version 1.0 suffers from a remote shell upload vulnerability.
- + WBCE 1.6.0 SQL Injection—WBCE version 1.6.0 suffers from a remote SQL injection vulnerability.
- + AMPLE BILLS 0.1 SQL injection—AMPLE BILLS version 0.1 suffers from a remote SQL injection vulnerability.
- + Debian Security Advisory 5657-1—Debian Linux Security Advisory 5657-1 - Several vulnerabilities were discovered in the Xorg X server, which may result in privilege escalation if the ...
- + PrusaSlicer 2.6.1 Arbitrary Code Execution—PrusaSlicer versions 2.6.1 and below suffer from an arbitrary code execution vulnerability.
- + Red Hat Security Advisory 2024-1812-03—Red Hat Security Advisory 2024-1812-03 - Custom Metrics Autoscaler Operator for Red Hat OpenShift including security updates. Issues addressed include...
- + Moodle 3.10.1 SQL Injection—Moodle version 3.10.1 suffers from a remote time-based SQL injection vulnerability.
- + Django REST Framework SimpleJWT 5.3.1 Information Disclosure—Django REST Framework SimpleJWT versions 5.3.1 and below suffer from an information disclosure vulnerability.
- + Red Hat Security Advisory 2024-1804-03—Red Hat Security Advisory 2024-1804-03 - An update for unbound is now available for Red Hat Enterprise Linux 8.6 Extended Update Support.
- + Red Hat Security Advisory 2024-1803-03—Red Hat Security Advisory 2024-1803-03 - Updates for bind and bind-dyndb-ldap are now available for Red Hat Enterprise Linux 9.2 Extended Update Suppo...
- + Jenkins 2.441 Local File Inclusion—Jenkins version 2.441 suffers from a local file inclusion vulnerability.
- + Red Hat Security Advisory 2024-1802-03—Red Hat Security Advisory 2024-1802-03 - An update for unbound is now available for Red Hat Enterprise Linux 8.8 Extended Update Support.
- + Red Hat Security Advisory 2024-1801-03—Red Hat Security Advisory 2024-1801-03 - An update for unbound is now available for Red Hat Enterprise Linux 9.0 Extended Update Support.
- + Red Hat Security Advisory 2024-1800-03—Red Hat Security Advisory 2024-1800-03 - Updates for bind and bind-dyndb-ldap are now available for Red Hat Enterprise Linux 9.0 Extended Update Suppo...
- + Juniper Networks Publishes Dozens Of New Security Advisories— [Category: headline,flaw,juniper]
- + Ransomware Group Claims Theft Of Data From Chipmaker Nexperia— [Category: headline,hacker,malware,data loss,cryptography]
- + Palo Alto Networks Releases Fixes For Firewall Zero-Day As Attribution Attempts Emerge— [Category: headline,flaw,patch,zero day]
- + Roku Makes 2FA Mandatory For All After Nearly 600k Accounts Pwned— [Category: headline,hacker,data loss,flaw,password]
- + Delinea Secret Server Customers Should Apply Latest Patches— [Category: headline,flaw,patch]
As of 5/4/24 9:23am. Last new 5/3/24 11:09am. Score: 178
- Next feed in category: Microsoft Support Content - Windows 10/11