CCnews CampusCoin Student Feed Aggregator: Packet Storm Security

Error fetching feed: MagpieRSS: Failed to fetch https://rss.packetstormsecurity.com/ (HTTP Error: Error: cURL could not retrieve the document, error 3)

+ Corrupted Microsoft Office Documents Used In Phishing Campaign— [Category: headline,microsoft,cybercrime,password,phish]
+ Meta Says It Has Taken Down 20 Covert Influence Ops In 2024— [Category: headline,russia,fraud,cyberwar,facebook]
+ Russia Gives Life Sentence To Hydra Dark Web Kingpin After Seizing A Ton Of Drugs— [Category: headline,russia,cybercrime]
+ Apple Illegally Surveilled and Censored Workers, Employee Lawsuit Says— [Category: headline,privacy,phone,data loss,fraud,spyware,apple]
+ Severity Of Risk Facing The UK Is Widely Underestimated — [Category: headline,government,britain,cybercrime,cyberwar]
+ Hackers Stole $1.49 Billion In Cryptocurrency To Date In 2024— [Category: headline,hacker,cybercrime,data loss,cryptography]
+ 760k Employee Records From Major Firms Leaked Online— [Category: headline,privacy,data loss]
+ Acronis Cyber Protect/Backup Remote Code Execution—The Acronis Cyber Protect appliance, in its default configuration, allows the anonymous registration of new protect/backup agents on new endpoints. Th...
+ Fortinet FortiManager Unauthenticated Remote Code Execution—This Metasploit module exploits a missing authentication vulnerability affecting FortiManager and FortiManager Cloud devices to achieve unauthenticate...
+ Asterisk AMI Originate Authenticated Remote Code Execution—On Asterisk, prior to versions 18.24.2, 20.9.2, and 21.4.2 and certified-asterisk versions 18.9-cert11 and 20.7-cert2, an AMI user with write=originat...
+ Debian Security Advisory 5823-1—Debian Linux Security Advisory 5823-1 - The following vulnerabilities have been discovered in the WebKitGTK web engine. Clement Lecigne and Benoit Sev...
+ Debian Security Advisory 5815-2—Debian Linux Security Advisory 5815-2 - The update for needrestart announced as DSA 5815-1 introduced a regression reporting false positives for proce...
+ Paxton Net2 Information Disclosure / Incorrect Access Control—Paxton Net2 suffers from an insecure backend database issue that can lead to leaking sensitive information.
+ Microsoft Warbird and PMP Security Research—This paper provides an in-depth technical explanation, illustration, and verification of discovered attacks affecting PlayReady on Windows 10 / 11 x64...
+ Ubuntu Security Notice USN-7135-1—Ubuntu Security Notice 7135-1 - Bahruz Jabiyev, Anthony Gavazzi, Engin Kirda, Kaan Onarlioglu, Adi Peleg, and Harvey Tuch discovered that HAProxy inco...
+ Ubuntu Security Notice USN-7134-1—Ubuntu Security Notice 7134-1 - Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, ...
+ Ubuntu Security Notice USN-7133-1—Ubuntu Security Notice 7133-1 - Yuki Mogi discovered that HAProxy incorrectly handled the interpretation of certain HTTP requests. A remote attacker c...
+ Red Hat Security Advisory 2024-10750-03—Red Hat Security Advisory 2024-10750-03 - An update for the postgresql:12 module is now available for Red Hat Enterprise Linux 8.8 Extended Update Sup...
+ Red Hat Security Advisory 2024-10748-03—Red Hat Security Advisory 2024-10748-03 - An update for thunderbird is now available for Red Hat Enterprise Linux 9.4 Extended Update Support. Issues ...
+ Red Hat Security Advisory 2024-10745-03—Red Hat Security Advisory 2024-10745-03 - An update for firefox is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Issues addr...
+ Red Hat Security Advisory 2024-10743-03—Red Hat Security Advisory 2024-10743-03 - An update for firefox is now available for Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions. I...
+ Red Hat Security Advisory 2024-10742-03—Red Hat Security Advisory 2024-10742-03 - An update for firefox is now available for Red Hat Enterprise Linux 9.4 Extended Update Support. Issues addr...
+ Red Hat Security Advisory 2024-10739-03—Red Hat Security Advisory 2024-10739-03 - An update for the postgresql:12 module is now available for Red Hat Enterprise Linux 8.2 Advanced Update Sup...
+ Red Hat Security Advisory 2024-10736-03—Red Hat Security Advisory 2024-10736-03 - An update for the postgresql:15 module is now available for Red Hat Enterprise Linux 9.4 Extended Update Sup...
+ Red Hat Security Advisory 2024-10734-03—Red Hat Security Advisory 2024-10734-03 - An update for thunderbird is now available for Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update...
+ Red Hat Security Advisory 2024-10733-03—Red Hat Security Advisory 2024-10733-03 - An update for thunderbird is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update...
+ Red Hat Security Advisory 2024-10710-03—Red Hat Security Advisory 2024-10710-03 - An update for thunderbird is now available for Red Hat Enterprise Linux 8.8 Extended Update Support. Issues ...
+ Red Hat Security Advisory 2024-10705-03—Red Hat Security Advisory 2024-10705-03 - An update for the postgresql:12 module is now available for Red Hat Enterprise Linux 8.6 Advanced Mission Cr...
+ Red Hat Security Advisory 2024-10703-03—Red Hat Security Advisory 2024-10703-03 - An update for thunderbird is now available for Red Hat Enterprise Linux 9.0 Update Services for SAP Solution...
+ Red Hat Security Advisory 2024-10700-03—Red Hat Security Advisory 2024-10700-03 - Red Hat build of Apache Camel 4.8 for Spring Boot release and security update is now available. Issues addre...
+ Red Hat Security Advisory 2024-10696-03—Red Hat Security Advisory 2024-10696-03 - An update for python-werkzeug is now available for Red Hat OpenStack Platform 16.2. Issues addressed include...
+ Red Hat Security Advisory 2024-10517-03—Red Hat Security Advisory 2024-10517-03 - Red Hat OpenShift Container Platform release 4.17.7 is now available with updates to packages and images tha...
+ Omada Identity Cross Site Scripting—Omada Identity versions prior to 15U1 and 14.14 hotfix #309 suffer from a persistent cross site scripting vulnerability.
+ Siemens Unlocked JTAG Interface / Buffer Overflow—Various Siemens products suffer from vulnerabilities. There is an unlocked JTAG Interface for Zynq-7000 on SM-2558 and a buffer overflow on the webser...
+ ABB Cylon Aspect 3.08.00 fileSystemUpdate.php File Upload / Denial Of Service—ABB Cylon Aspect version 3.08.00 suffers from a vulnerability in the fileSystemUpdate.php endpoint of the ABB BEMS controller due to improper handling...
+ ABB Cylon Aspect 3.08.01 mstpstatus.php Information Disclosure—ABB Cylon Aspect version 3.08.01 suffers from an unauthenticated information disclosure vulnerability. An unauthorized attacker can reference the affe...
+ ABB Cylon Aspect 3.08.01 diagLateThread.php Information Disclosure—ABB Cylon Aspect version 3.08.01 suffers from an unauthenticated information disclosure vulnerability. An unauthorized attacker can reference the affe...
+ AppleAVD AV1_Syntax::Parse_Header Out-Of-Bounds Reads—AppleAVD has an issue where a large OBU size in AV1_Syntax::Parse_Header reading can lead to out-of-bounds reads.
+ AppleAVD AV1_Syntax::f Out-Of-Bounds Reads—AppleAVD has an issue in AV1_Syntax::f leading to out-of-bounds reads.
+ AppleAVD AV1_Syntax::Parse_Header Integer Underflow / Out-Of-Bounds Reads—AppleAVD has an integer underflow in AV1_Syntax::Parse_Header that can lead to out-of-bounds reads.
+ Debian Security Advisory 5822-1—Debian Linux Security Advisory 5822-1 - It was discovered that in SimpleSAMLphp, an implementation of the SAML 2.0 protocol, is prone to a XXE vulnera...
+ Debian Security Advisory 5821-1—Debian Linux Security Advisory 5821-1 - Multiple security issues were discovered in Thunderbird, which could result in denial of service or the execut...
+ Debian Security Advisory 5820-1—Debian Linux Security Advisory 5820-1 - Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in...
+ Simple Chat System 1.0 Cross Site Scripting—Simple Chat System version 1.0 suffers from a cross site scripting vulnerability.
+ Ubuntu Security Notice USN-7132-1—Ubuntu Security Notice 7132-1 - It was discovered that PostgreSQL incorrectly tracked tables with row security. A remote attacker could possibly use t...
+ Ubuntu Security Notice USN-6846-2—Ubuntu Security Notice 6846-2 - USN-6846-1 fixed vulnerabilities in ansible. The update introduced a regression in ansible. This update fixes the prob...
+ Ubuntu Security Notice USN-7131-1—Ubuntu Security Notice 7131-1 - It was discovered that Vim incorrectly handled memory when closing a buffer, leading to use-after-free. If a user was ...
+ Russian FSB Cross Site Scripting—The Russian FSB appears to suffer from a cross site scripting vulnerability. The researchers who discovered it have reported it multiple times to them...
+ Laravel 11.0 Cross Site Scripting—Laravel version 11.0 suffers from a cross site scripting vulnerability.
+ Ubuntu Security Notice USN-7092-2—Ubuntu Security Notice 7092-2 - USN-7092-1 fixed a vulnerability in mpg123. Bastien Roucariès discovered that the fix was incomplete on Ubuntu 20.04 L...
+ Red Hat Security Advisory 2024-8704-03—Red Hat Security Advisory 2024-8704-03 - Kube Descheduler Operator for Red Hat OpenShift 5.0.2 for RHEL 9.
+ Red Hat Security Advisory 2024-10704-03—Red Hat Security Advisory 2024-10704-03 - An update for thunderbird is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support. Issues ...
+ Red Hat Security Advisory 2024-10702-03—Red Hat Security Advisory 2024-10702-03 - An update for firefox is now available for Red Hat Enterprise Linux 9. Issues addressed include bypass, cros...
+ Red Hat Security Advisory 2024-10677-03—Red Hat Security Advisory 2024-10677-03 - An update for the postgresql:13 module is now available for Red Hat Enterprise Linux 8.6 Advanced Mission Cr...
+ Red Hat Security Advisory 2024-10667-03—Red Hat Security Advisory 2024-10667-03 - An update for thunderbird is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Issues ...
+ Red Hat Security Advisory 2024-10666-03—Red Hat Security Advisory 2024-10666-03 - An update for the gimp:2.8.22 module is now available for Red Hat Enterprise Linux 7 Extended Lifecycle Supp...
+ Nvidia GeForce 11.0.1.163 Unquoted Service Path—Nvidia GeForce version 11.0.1.163 suffers from an unquoted service path vulnerability.
+ Zabbix Urges Upgrades After Critical SQL Injection Bug Disclosure— [Category: headline,flaw,patch]
+ Code Found Online Exploits LogoFAIL To Install Bootkitty Linux Backdoor— [Category: headline,malware,linux,flaw,backdoor]
+ Telco Security Is A Dumpster Fire And Everyone's Getting Burned— [Category: headline,phone,flaw]
+ Starbucks, Grocery Stores Hit By Blue Yonder Ransomware Attack— [Category: headline,malware,cryptography]
+ Chinese Lidar Sensors Pose Hacking Risk To US Defense Equipment— [Category: headline,government,usa,china,cyberwar,spyware,backdoor,military]
+ Russian Hacker With $10 Million Bounty On His Head Reportedly Arrested— [Category: headline,hacker,russia]
+ US Senators Propose Law To Require Bare Minimum Security Standards— [Category: headline,government,usa,password]
+ Telco Engineer Who Spied On Employer For Beijing Gets 4 Years— [Category: headline,government,privacy,usa,phone,china,cyberwar,spyware,voip]
+ New York Fines GEICO And Travelers $11.3 Million In Data Breach Cases— [Category: headline,hacker,government,privacy,usa,data loss]
+ Russian APT Chained Firefox and Windows Zero-Days Against US and European Targets— [Category: headline,malware,microsoft,russia,flaw,mozilla,firefox,zero day]
+ Feds Seek To Grill Kansas City Man With Hacking Charges— [Category: headline,hacker,government,usa]
+ ProjectSend Vulnerability Exploited In The Wild— [Category: headline,hacker,flaw]
+ Source Code Of macOS Banshee Stealer Leaked— [Category: headline,malware,russia,data loss,apple]
+ CyberVolk Analysis Explores Ransomware, Hacktivism Connections— [Category: headline,hacker,malware,russia,cybercrime,cryptography]
+ The Workplace Has Become A Surveillance State— [Category: headline,privacy,spyware]
+ ABB Cylon Aspect 3.08.01 vstatConfigurationDownload.php Configuration Download—ABB Cylon Aspect version 3.08.01 suffers from an unauthenticated configuration download vulnerability. This can be exploited to download the CSV DB th...
+ Akuvox Smart Intercom/Doorphone ServicesHTTPAPI Improper Access Control—The Akuvox Smart Intercom/Doorphone suffers from an insecure service API access control. The vulnerability in ServicesHTTPAPI endpoint allows users wi...
+ Debian Security Advisory 5819-1—Debian Linux Security Advisory 5819-1 - Multiple security issues were found in PHP, a widely-used open source general purpose scripting language which...
+ Ubuntu Security Notice USN-7126-1—Ubuntu Security Notice 7126-1 - It was discovered that libsoup ignored certain characters at the end of header names. A remote attacker could possibly...
+ Ubuntu Security Notice USN-7127-1—Ubuntu Security Notice 7127-1 - It was discovered that libsoup ignored certain characters at the end of header names. A remote attacker could possibly...
+ Ubuntu Security Notice USN-7130-1—Ubuntu Security Notice 7130-1 - It was discovered that GitHub CLI incorrectly handled username validation. An attacker could possibly use this issue t...
+ Ubuntu Security Notice USN-7125-1—Ubuntu Security Notice 7125-1 - It was discovered that RapidJSON incorrectly parsed numbers written in scientific notation, leading to an integer unde...
+ Ubuntu Security Notice USN-6988-2—Ubuntu Security Notice 6988-2 - USN-6988-1 fixedCVE-2024-41671 in Twisted. The USN incorrectly stated that previous releases were unaffected. This upd...
+ Ubuntu Security Notice USN-7129-1—Ubuntu Security Notice 7129-1 - It was discovered that TinyGLTF performed file path expansion in an insecure way on certain inputs. An attacker could ...
+ Ubuntu Security Notice USN-7128-1—Ubuntu Security Notice 7128-1 - Sebastian Chnelik discovered that Pygments had an inefficient regex query for analyzing certain inputs. An attacker co...
+ Ubuntu Security Notice USN-7117-2—Ubuntu Security Notice 7117-2 - USN-7117-1 fixed vulnerabilities in needrestart. The update introduced a regression in needrestart. This update fixes ...
+ Red Hat Security Advisory 2024-9885-03—Red Hat Security Advisory 2024-9885-03 - Red Hat Trusted Profile Analyzer 1.2.0 release Red Hat Product Security has rated this update as having a sec...
+ Red Hat Security Advisory 2024-10492-03—Red Hat Security Advisory 2024-10492-03 - An update for webkit2gtk3 is now available for Red Hat Enterprise Linux 8.8 Extended Update Support. Issues ...
+ Red Hat Security Advisory 2024-10483-03—Red Hat Security Advisory 2024-10483-03 - An update for webkit2gtk3 is now available for Red Hat Enterprise Linux 9.4 Extended Update Support. Issues ...
+ Red Hat Security Advisory 2024-10472-03—Red Hat Security Advisory 2024-10472-03 - An update for webkit2gtk3 is now available for Red Hat Enterprise Linux 9. Issues addressed include a bypass...
+ Red Hat Security Advisory 2024-10389-03—Red Hat Security Advisory 2024-10389-03 - Red Hat OpenShift Virtualization release 4.13.11 is now available with updates to packages and images that f...
+ Red Hat Security Advisory 2024-10386-03—Red Hat Security Advisory 2024-10386-03 - A security update is now available for Red Hat JBoss Enterprise Application Platform 8.0. Red Hat Product Se...
+ Red Hat Security Advisory 2024-10385-03—Red Hat Security Advisory 2024-10385-03 - A security update is now available for Red Hat JBoss Enterprise Application Platform 8.0. Red Hat Product Se...
+ Red Hat Security Advisory 2024-10384-03—Red Hat Security Advisory 2024-10384-03 - An update for tuned is now available for Red Hat Enterprise Linux 9.
+ Red Hat Security Advisory 2024-10381-03—Red Hat Security Advisory 2024-10381-03 - An update for tuned is now available for Red Hat Enterprise Linux 7 Extended Lifecycle Support.
+ Red Hat Security Advisory 2024-10379-03—Red Hat Security Advisory 2024-10379-03 - An update for pam is now available for Red Hat Enterprise Linux 8. Issues addressed include a bypass vulnera...
+ Red Hat Security Advisory 2024-10289-03—Red Hat Security Advisory 2024-10289-03 - An update for the container-tools:rhel8 module is now available for Red Hat Enterprise Linux 8. Issues addre...
+ Red Hat Security Advisory 2024-10282-03—Red Hat Security Advisory 2024-10282-03 - An update for the kernel-rt:4.18.0 module is now available for Red Hat Enterprise Linux 8. Issues addressed ...
+ Red Hat Security Advisory 2024-10281-03—Red Hat Security Advisory 2024-10281-03 - An update for the kernel:4.18.0 module is now available for Red Hat Enterprise Linux 8. Issues addressed inc...
+ Red Hat Security Advisory 2024-10275-03—Red Hat Security Advisory 2024-10275-03 - An update for kernel-rt is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update S...
+ Ubuntu Security Notice USN-7121-3—Ubuntu Security Notice 7121-3 - Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the sy...
+ Debian Security Advisory 5818-1—Debian Linux Security Advisory 5818-1 - Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, deni...
+ Ubuntu Security Notice USN-7124-1—Ubuntu Security Notice 7124-1 - Andy Boothe discovered that the Networking component of OpenJDK 23 did not properly handle access under certain circum...
+ Debian Security Advisory 5817-1—Debian Linux Security Advisory 5817-1 - Security issues were discovered in Chromium which could result in the execution of arbitrary code, denial of s...
+ Mandos Encrypted File System Unattended Reboot Utility 1.8.18—The Mandos system allows computers to have encrypted root file systems and at the same time be capable of remote or unattended reboots. The computers ...
+ GNU Privacy Guard 2.4.7—GnuPG (the GNU Privacy Guard or GPG) is GNU's tool for secure communication and data storage. It can be used to encrypt data and to create digital sig...
+ Red Hat Security Advisory 2024-9991-03—Red Hat Security Advisory 2024-9991-03 - An update for openstack-tripleo-common and python-tripleoclient is now available for Red Hat OpenStack Platfo...
+ Red Hat Security Advisory 2024-9990-03—Red Hat Security Advisory 2024-9990-03 - An update for openstack-tripleo-common and python-tripleoclient is now available for Red Hat OpenStack Platfo...
+ Red Hat Security Advisory 2024-9989-03—Red Hat Security Advisory 2024-9989-03 - An update for python-webob is now available for Red Hat OpenStack Platform 17.1.
+ Red Hat Security Advisory 2024-9988-03—Red Hat Security Advisory 2024-9988-03 - An update for python-requests is now available for Red Hat OpenStack Platform 17.1.
+ Red Hat Security Advisory 2024-9986-03—Red Hat Security Advisory 2024-9986-03 - An update for python-sqlparse is now available for Red Hat OpenStack Platform 17.1. Issues addressed include ...
+ Red Hat Security Advisory 2024-9985-03—Red Hat Security Advisory 2024-9985-03 - An update for python-urllib3 is now available for Red Hat OpenStack Platform 17.1.
+ Red Hat Security Advisory 2024-9984-03—Red Hat Security Advisory 2024-9984-03 - An update for python-sqlparse is now available for Red Hat OpenStack Platform 17.1. Issues addressed include ...
+ Red Hat Security Advisory 2024-9983-03—Red Hat Security Advisory 2024-9983-03 - An update for python-webob is now available for Red Hat OpenStack Platform 17.1.
+ Red Hat Security Advisory 2024-9982-03—Red Hat Security Advisory 2024-9982-03 - An update for openstack-ironic is now available for Red Hat OpenStack Platform 17.1.
+ Red Hat Security Advisory 2024-9978-03—Red Hat Security Advisory 2024-9978-03 - An update for openstack-tripleo-heat-templates is now available for Red Hat OpenStack Platform 17.1.
+ Red Hat Security Advisory 2024-9977-03—Red Hat Security Advisory 2024-9977-03 - An update for python-zipp is now available for Red Hat OpenStack Platform 17.1. Issues addressed include a de...
+ Red Hat Security Advisory 2024-9976-03—Red Hat Security Advisory 2024-9976-03 - An update for python-werkzeug is now available for Red Hat OpenStack Platform 17.1. Issues addressed include ...
+ Red Hat Security Advisory 2024-9975-03—Red Hat Security Advisory 2024-9975-03 - An update for python-werkzeug is now available for Red Hat OpenStack Platform 17.1. Issues addressed include ...
+ Red Hat Security Advisory 2024-9960-03—Red Hat Security Advisory 2024-9960-03 - OpenShift API for Data Protection 1.3.4 is now available. Issues addressed include a denial of service vulner...
+ Red Hat Security Advisory 2024-9956-03—Red Hat Security Advisory 2024-9956-03 - An update for edk2 is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Issues addresse...
+ Red Hat Security Advisory 2024-9946-03—Red Hat Security Advisory 2024-9946-03 - An update for edk2 is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support. Issues addresse...
+ Red Hat Security Advisory 2024-9945-03—Red Hat Security Advisory 2024-9945-03 - An update for haproxy is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support.
+ Red Hat Security Advisory 2024-9943-03—Red Hat Security Advisory 2024-9943-03 - An update for kernel-rt is now available for Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions. ...
+ Red Hat Security Advisory 2024-9942-03—Red Hat Security Advisory 2024-9942-03 - An update for kernel is now available for Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions. Iss...
+ Russian Cyberspies Hacked Building Across Street From Target For W-Fi Attack— [Category: headline,hacker,government,russia,wireless,spyware]
+ Cyberattacks Cost British Businesses $55 Billion In Past 5 Years— [Category: headline,malware,britain,cybercrime,fraud,cryptography]
+ How The ZX Spectrum Became A 1980s Icon— [Category: headline,science]
+ China Has Pwned Thousands And Thousands Of Telco Devices— [Category: headline,government,privacy,usa,china,cyberwar,spyware]
+ CUPS IPP Attributes LAN Remote Code Execution—This Metasploit module exploits vulnerabilities in OpenPrinting CUPS, which is running by default on most Linux distributions. The vulnerabilities all...
+ ProjectSend R1605 Unauthenticated Remote Code Execution—This Metasploit module exploits an improper authorization vulnerability in ProjectSend versions r1295 through r1605. The vulnerability allows an unaut...
+ needrestart Local Privilege Escalation—Qualys discovered that needrestart suffers from multiple local privilege escalation vulnerabilities that allow for root access from an unprivileged us...
+ fronsetia 1.1 Cross Site Scripting—fronsetia version 1.1 suffers from a cross site scripting vulnerability.
+ fronsetia 1.1 XML Injection—fronsetia version 1.1 suffers from an XML external entity injection vulnerability.
+ PowerVR psProcessHandleBase Reuse—PowerVR has an issue where PVRSRVAcquireProcessHandleBase() can cause psProcessHandleBase reuse when PIDs are reused.
+ Linux 6.6 Race Condition—A security-relevant race between mremap() and THP code has been discovered. Reaching the buggy code typically requires the ability to create unprivile...
+ Korenix JetPort 5601 1.2 Path Traversal—Korenix JetPort 5601 version 1.2 suffers from a path traversal vulnerability.
+ SEH utnserver Pro 20.1.22 Cross Site Scripting—SEH utnservyer Pro version 20.1.22 suffers from multiple persistent cross site scripting vulnerabilities.
+ Faraday 5.9.0—Faraday is a tool that introduces a new concept called IPE, or Integrated Penetration-Test Environment. It is a multiuser penetration test IDE designe...
+ Ubuntu Security Notice USN-7015-6—Ubuntu Security Notice 7015-6 - USN-7015-5 fixed vulnerabilities in python2.7. The update introduced several minor regressions. This update fixes the ...
+ Ubuntu Security Notice USN-7120-3—Ubuntu Security Notice 7120-3 - Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the sy...
+ Debian Security Advisory 5812-2—Debian Linux Security Advisory 5812-2 - The postgresql minor release shipped in DSA 5812 introduced an ABI break, which has been reverted so that exte...
+ Proxmark3 4.19552 Custom Firmware—This is a custom firmware written for the Proxmark3 device. It extends the currently available firmware. This release is nicknamed "Orca".
+ Apple Web Content Filter Bypass—Nosebeard Labs has identified a critical vulnerability in the Apple system wide web content filter that allows a full bypass of content restrictions. ...
+ Red Hat Security Advisory 2024-9806-03—Red Hat Security Advisory 2024-9806-03 - Red Hat build of Apache Camel 4.4.4 for Spring Boot release and security update is now available. Issues addr...
+ Apple Security Advisory 11-19-2024-5—Apple Security Advisory 11-19-2024-5 - macOS Sequoia 15.1.1 addresses code execution vulnerabilities.
+ Red Hat Security Advisory 2024-9738-03—Red Hat Security Advisory 2024-9738-03 - An update for squid is now available for Red Hat Enterprise Linux 7 Extended Lifecycle Support. Issues addres...
+ Red Hat Security Advisory 2024-9729-03—Red Hat Security Advisory 2024-9729-03 - An update for squid is now available for Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions. Issu...
+ Red Hat Security Advisory 2024-9690-03—Red Hat Security Advisory 2024-9690-03 - An update for tigervnc is now available for Red Hat Enterprise Linux 8.8 Extended Update Support. Issues addr...
+ Apple Security Advisory 11-19-2024-4—Apple Security Advisory 11-19-2024-4 - iOS 17.7.2 and iPadOS 17.7.2 addresses code execution vulnerabilities.
+ Red Hat Security Advisory 2024-9689-03—Red Hat Security Advisory 2024-9689-03 - An update for binutils is now available for Red Hat Enterprise Linux 8. Issues addressed include a buffer ove...
+ Red Hat Security Advisory 2024-9679-03—Red Hat Security Advisory 2024-9679-03 - An update for webkit2gtk3 is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update ...
+ Red Hat Security Advisory 2024-9678-03—Red Hat Security Advisory 2024-9678-03 - An update for squid is now available for Red Hat Enterprise Linux 9.4 Extended Update Support. Issues address...
+ Apple Security Advisory 11-19-2024-3—Apple Security Advisory 11-19-2024-3 - iOS 18.1.1 and iPadOS 18.1.1 addresses code execution vulnerabilities.
+ Here's What Happens If You Don't Layer Network Security Or Remove Unused Web Shells— [Category: headline,government,privacy,cybercrime,data loss,japan]
+ Helpline For Yakuza Victims Fears It Leaked Their Personal Info
+ US Takes Down Stolen Credit Card Marketplace PopeyeTools
+ Microsoft Disrupts ONNX Phishing Service, Names Its Operator
+ Google's AI Powered Fuzzing Tool Discovers 26 New Vulns
+ Ivanti EPM Agent Portal Command Execution—This Metasploit module leverages an unauthenticated remote command execution vulnerability in Ivanti's EPM Agent Portal where an RPC client can invoke...
+ Judge0 Sandbox Escape—Judge0 does not account for symlinks placed inside the sandbox directory, which can be leveraged by an attacker to write to arbitrary files and gain c...
+ Wireshark Analyzer 4.4.2—Wireshark is a GTK+-based network protocol analyzer that lets you capture and interactively browse the contents of network frames. The goal of the pro...
+ Falco 0.39.2—Sysdig Falco is a behavioral activity monitoring agent that is open source and comes with native support for containers. Falco lets you define highly ...
+ Russian Women Stepping Up For Cybercrime Outfits— [Category: headline,russia,cybercrime,cyberwar]
+ Five Scattered Spider Suspects Indicted For Phishing And Heists— [Category: headline,hacker,cybercrime,phish,cryptography]
+ Put Your Username And Passwords In Your Will, Advises Japan's Government— [Category: headline,government,password,japan]
+ Ubuntu Affected By 10-Year-Old Flaws In needrestart Package— [Category: headline,linux,flaw]
+ FBI And CISA Warn Of Continued Cyberattacks On US Telecoms— [Category: headline,government,usa,phone,china,cyberwar,backdoor]
+ MITRE Updates List Of 25 Most Dangerous Software Vulnerabilities— [Category: headline,government,usa,flaw]
+ North Korean Hackers Behind 2019 $42 Million Ethereum Heist— [Category: headline,hacker,data loss,south korea,cryptography,north korea]
+ Ubuntu Security Notice USN-7118-1—Ubuntu Security Notice 7118-1 - It was discovered that ZBar did not properly handle certain QR codes. If a user or automated system using ZBar were tr...
+ Ubuntu Security Notice USN-7091-2—Ubuntu Security Notice 7091-2 - USN-7091-1 fixed several vulnerabilities in Ruby. This update provides the corresponding update for ruby2.7 in Ubuntu ...
+ Zeek 6.0.9—Zeek is a powerful network analysis framework that is much different from the typical IDS you may know. While focusing on network security monitoring,...
+ Debian Security Advisory 5816-1—Debian Linux Security Advisory 5816-1 - The Qualys Threat Research Unit discovered that libmodule-scandeps-perl, a Perl module to recursively scan Per...
+ Debian Security Advisory 5815-1—Debian Linux Security Advisory 5815-1 - The Qualys Threat Research Unit discovered several local privilege escalation vulnerabilities in needrestart, ...
+ Ubuntu Security Notice USN-7123-1—Ubuntu Security Notice 7123-1 - It was discovered that the CIFS network file system implementation in the Linux kernel did not properly validate certa...
+ Ubuntu Security Notice USN-7121-2—Ubuntu Security Notice 7121-2 - Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the sy...
+ Ubuntu Security Notice USN-7120-2—Ubuntu Security Notice 7120-2 - Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the sy...
+ Ubuntu Security Notice USN-7122-1—Ubuntu Security Notice 7122-1 - A security issue was discovered in the Linux kernel. An attacker could possibly use this to compromise the system.
+ Ubuntu Security Notice USN-7121-1—Ubuntu Security Notice 7121-1 - Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the sy...
+ Ubuntu Security Notice USN-7120-1—Ubuntu Security Notice 7120-1 - Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the sy...
+ Ubuntu Security Notice USN-7119-1—Ubuntu Security Notice 7119-1 - Ziming Zhang discovered that the VMware Virtual GPU DRM driver in the Linux kernel contained an integer overflow vulne...
+ Ubuntu Security Notice USN-7089-7—Ubuntu Security Notice 7089-7 - Chenyuan Yang discovered that the USB Gadget subsystem in the Linux kernel did not properly check for the device to be...
+ Ubuntu Security Notice USN-7117-1—Ubuntu Security Notice 7117-1 - Qualys discovered that needrestart passed unsanitized data to a library which expects safe input. A local attacker cou...
+ Ubuntu Security Notice USN-7115-1—Ubuntu Security Notice 7115-1 - It was discovered that Waitress could process follow up requests when receiving a specially crafted message. An attack...
+ CISA Director Jen Easterly To Step Down Jan. 20— [Category: headline,government,usa]
+ Equinox Notifies 21,000 Patients And Staff Of Data Theft— [Category: headline,hacker,privacy,data loss]
+ D-Link Tells Users To Trash Old VPN Routers Due To Bug— [Category: headline,flaw,cisco]
+ Helldown Ransomware Evolves To Target VMware Systems Via Linux— [Category: headline,malware,linux,flaw]
+ Apple Confirms Zero Day Attacks Hitting macOS Systems— [Category: headline,flaw,apple,zero day]
+ Oracle Patches Exploited Agile PLM Zero-Day— [Category: headline,flaw,patch,oracle,zero day]
+ Bitcoin Bursts Past $94,000 For The First Time— [Category: headline,cryptography]
+ WordPress Really Simple Security Authentication Bypass—WordPress Really Simple Security plugin versions prior to 9.1.2 proof of concept authentication bypass exploit.
+ Palo Alto PAN-OS Authentication Bypass / Remote Command Execution—Proof of concept code to exploit an authentication bypass in Palo Alto's PAN-OS that is coupled with remote command execution.
+ Ubuntu Security Notice USN-7116-1—Ubuntu Security Notice 7116-1 - It was discovered that Python incorrectly handled quoting path names when using the venv module. A local attacker able...
+ Ubuntu Security Notice USN-7015-5—Ubuntu Security Notice 7015-5 - USN-7015-1 fixed several vulnerabilities in Python. This update provides the corresponding update for CVE-2024-6232 an...
+ Ubuntu Security Notice USN-7114-1—Ubuntu Security Notice 7114-1 - It was discovered that Glib incorrectly handled certain trailing characters. An attacker could possibly use this issue...
+ Ubuntu Security Notice USN-7104-1—Ubuntu Security Notice 7104-1 - It was discovered that curl could overwrite the HSTS expiry of the parent domain with the subdomain's HSTS entry. This...
+ Ubuntu Security Notice USN-7113-1—Ubuntu Security Notice 7113-1 - Several security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewi...
+ Palo Alto Sounds Alarm Over PAN-OS Zero Day Attacks— [Category: headline,hacker,flaw,patch,zero day]
+ Crooks Snag $250k Wire Payment From AI Biz — [Category: headline,bank,cybercrime]
+ US Senate To Hold Panel Hearing On Suspected Chinese Hacking Incidents— [Category: headline,government,usa,china,cyberwar]
+ Thousands Of IoT Devices Turned Into Residential Proxies— [Category: headline,hacker,botnet]
+ Cable .NET Post Exploitation Tool—Cable is a simple post-exploitation tool used for enumeration and further exploitation of Active Directory environments. This tool was primarily creat...
+ Pyload Remote Code Execution—CVE-2024-28397 is a sandbox escape in js2py versions 0.74 and below. js2py is a popular python package that can evaluate javascript code inside a pyth...
+ Gentoo Linux Security Advisory 202411-09—Gentoo Linux Security Advisory 202411-9 - Multiple vulnerabilities have been discovered in Perl, the worst of which can lead to arbitrary code executi...
+ Gentoo Linux Security Advisory 202411-08—Gentoo Linux Security Advisory 202411-8 - A vulnerability has been discovered in the Xorg Server and XWayland, the worst of which can result in privil...
+ Gentoo Linux Security Advisory 202411-07—Gentoo Linux Security Advisory 202411-7 - A vulnerability has been discovered in Pillow, which may lead to arbitrary code execution. Versions greater ...
+ Debian Security Advisory 5814-1—Debian Linux Security Advisory 5814-1 - A security issue was discovered in Thunderbird, which could result in the disclosure of OpenPGP encrypted mess...
+ Debian Security Advisory 5813-1—Debian Linux Security Advisory 5813-1 - Moritz Rauch discovered that the Symfony PHP framework implemented persisted remember-me cookies incorrectly, ...
+ SOPlanning 1.52.01 Remote Code Execution—SOPlanning version 1.52.01 authenticated remote code execution exploit.
+ Debian Security Advisory 5812-1—Debian Linux Security Advisory 5812-1 - Multiple security issues were discovered in PostgreSQL, which may result in the execution of arbitrary code, p...
+ Ubuntu Security Notice USN-7108-1—Ubuntu Security Notice 7108-1 - Fabian Bäumer, Marcus Brinkmann, and Joerg Schwenk discovered that AsyncSSH did not properly handle the extension info...
+ Ubuntu Security Notice USN-7106-1—Ubuntu Security Notice 7106-1 - It was discovered that Tomcat did not include the secure attribute for session cookies when using the RemoteIpFilter w...
+ Red Hat Security Advisory 2024-9680-03—Red Hat Security Advisory 2024-9680-03 - An update for webkit2gtk3 is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support. Issues a...
+ Red Hat Security Advisory 2024-9654-03—Red Hat Security Advisory 2024-9654-03 - An update for libsoup is now available for Red Hat Enterprise Linux 7 Extended Lifecycle Support. Issues addr...
+ Red Hat Security Advisory 2024-9653-03—Red Hat Security Advisory 2024-9653-03 - An update for webkit2gtk3 is now available for Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update ...
+ Red Hat Security Advisory 2024-9644-03—Red Hat Security Advisory 2024-9644-03 - An update for the squid:4 module is now available for Red Hat Enterprise Linux 8. Issues addressed include a ...
+ Red Hat Security Advisory 2024-9637-03—Red Hat Security Advisory 2024-9637-03 - An update for webkit2gtk3 is now available for Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions...
+ Red Hat Security Advisory 2024-9627-03—Red Hat Security Advisory 2024-9627-03 - Red Hat OpenShift Service Mesh Containers for 2.6.3. Issues addressed include a denial of service vulnerabili...
+ Red Hat Security Advisory 2024-9624-03—Red Hat Security Advisory 2024-9624-03 - An update for the squid:4 module is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support. I...
+ Discontinued GeoVision Products Targeted In Botnet Attacks— [Category: headline,hacker,botnet,flaw,zero day]
+ Ransomware Attack On Oklahoma Medical Center Impacts 133,000— [Category: headline,hacker,malware,cybercrime,cryptography]
+ NSO Operates Its Spyware, Legal Documents Reveal— [Category: headline,malware,phone,israel,spyware,facebook]
+ 300 Drinking Systems In US Exposed To Disruptive, Damaging Hacker Attacks— [Category: headline,hacker,government,usa,cyberwar,scada]
+ Swiss Cheesed Off As Postal Service Used To Spread Malware— [Category: headline,government,malware,switzerland]
+ Will Passkeys Ever Replace Passwords? Can They?— [Category: headline,password]

As of 12/21/24 8:02am. Last new 12/3/24 11:51pm. Score: 425

Next feed in category: Microsoft Support Content - Windows 10/11