Security Pop Quiz! q30.mp3

News

Packet Storm Security

Security Affairs Looking Glass Cyber
    securingtomorrow.mcafee.com
      Quick Heal Threat Post Naked Security
        ESET CIS Malware Patrol SecList MySonicWall

        Critical Infrastructure

        Case Studies

        Tools

        Exploits

        Last 20 Website Defacements - Zone-h

          Press Play to hear the answer!

          Advisories

          • Ubuntu Security Notice USN-6644-1 Tue, 20 Feb 2024 15:43:22 GMT
            Ubuntu Security Notice 6644-1 - It was discovered that LibTIFF incorrectly handled certain files. If a user were tricked into opening a specially crafted file, an attacker could possibly use this issue to cause the application to crash, resulting in a denial of service. It was discovered that LibTIFF incorrectly handled certain image files with the tiffcp utility. If a user were tricked into opening a specially crafted image file, an attacker could possibly use this issue to cause tiffcp to crash, resulting in a denial of service.
          • Ubuntu Security Notice USN-6643-1 Tue, 20 Feb 2024 15:43:10 GMT
            Ubuntu Security Notice 6643-1 - Emre Durmaz discovered that NPM IP package incorrectly distinguished between private and public IP addresses. A remote attacker could possibly use this issue to perform Server-Side Request Forgery attacks.
          • Ubuntu Security Notice USN-6625-3 Tue, 20 Feb 2024 15:42:13 GMT
            Ubuntu Security Notice 6625-3 - Marek Marczykowski-Górecki discovered that the Xen event channel infrastructure implementation in the Linux kernel contained a race condition. An attacker in a guest VM could possibly use this to cause a denial of service. Zheng Wang discovered a use-after-free in the Renesas Ethernet AVB driver in the Linux kernel during device removal. A privileged attacker could use this to cause a denial of service.
          • Ubuntu Security Notice USN-6642-1 Tue, 20 Feb 2024 15:34:42 GMT
            Ubuntu Security Notice 6642-1 - Shoham Danino, Anat Bremler-Barr, Yehuda Afek, and Yuval Shavitt discovered that Bind incorrectly handled parsing large DNS messages. A remote attacker could possibly use this issue to cause Bind to consume resources, leading to a denial of service. Elias Heftrig, Haya Schulmann, Niklas Vogel, and Michael Waidner discovered that Bind incorrectly handled validating DNSSEC messages. A remote attacker could possibly use this issue to cause Bind to consume resources, leading to a denial of service.
          • Ubuntu Security Notice USN-6641-1 Tue, 20 Feb 2024 15:25:31 GMT
            Ubuntu Security Notice 6641-1 - Harry Sintonen discovered that curl incorrectly handled mixed case cookie domains. A remote attacker could possibly use this issue to set cookies that get sent to different and unrelated sites and domains.
          • Red Hat Security Advisory 2024-0903-03 Tue, 20 Feb 2024 15:25:15 GMT
            Red Hat Security Advisory 2024-0903-03 - Red Hat AMQ Broker 7.10.6 is now available from the Red Hat Customer Portal. Issues addressed include a bypass vulnerability.
          • Red Hat Security Advisory 2024-0897-03 Tue, 20 Feb 2024 15:25:07 GMT
            Red Hat Security Advisory 2024-0897-03 - An update for kernel is now available for Red Hat Enterprise Linux 8. Issues addressed include null pointer, out of bounds access, out of bounds read, out of bounds write, and use-after-free vulnerabilities.
          • Red Hat Security Advisory 2024-0894-03 Tue, 20 Feb 2024 15:24:58 GMT
            Red Hat Security Advisory 2024-0894-03 - An update for the mysql:8.0 module is now available for Red Hat Enterprise Linux 8.
          • Red Hat Security Advisory 2024-0893-03 Tue, 20 Feb 2024 15:24:49 GMT
            Red Hat Security Advisory 2024-0893-03 - An update for python-pillow is now available for Red Hat Enterprise Linux 8. Issues addressed include a code execution vulnerability.
          • Red Hat Security Advisory 2024-0889-03 Tue, 20 Feb 2024 15:24:39 GMT
            Red Hat Security Advisory 2024-0889-03 - An update for oniguruma is now available for Red Hat Enterprise Linux 8. Issues addressed include buffer over-read, integer overflow, out of bounds read, and use-after-free vulnerabilities.
          • Red Hat Security Advisory 2024-0888-03 Tue, 20 Feb 2024 15:24:32 GMT
            Red Hat Security Advisory 2024-0888-03 - An update for edk2 is now available for Red Hat Enterprise Linux 8.
          • Red Hat Security Advisory 2024-0887-03 Tue, 20 Feb 2024 15:24:24 GMT
            Red Hat Security Advisory 2024-0887-03 - An update for the go-toolset:rhel8 module is now available for Red Hat Enterprise Linux 8. Issues addressed include a denial of service vulnerability.
          • Red Hat Security Advisory 2024-0881-03 Tue, 20 Feb 2024 15:24:15 GMT
            Red Hat Security Advisory 2024-0881-03 - An update for kernel-rt is now available for Red Hat Enterprise Linux 8. Issues addressed include null pointer, out of bounds access, out of bounds read, out of bounds write, and use-after-free vulnerabilities.
          • Red Hat Security Advisory 2024-0880-03 Tue, 20 Feb 2024 15:24:05 GMT
            Red Hat Security Advisory 2024-0880-03 - Red Hat OpenShift Serverless 1.31.1 is now available. Issues addressed include denial of service and traversal vulnerabilities.
          • Red Hat Security Advisory 2024-0879-03 Tue, 20 Feb 2024 15:23:24 GMT
            Red Hat Security Advisory 2024-0879-03 - An update for java-1.8.0-ibm is now available for Red Hat Enterprise Linux 7 Supplementary. Issues addressed include denial of service and deserialization vulnerabilities.
          • Red Hat Security Advisory 2024-0876-03 Tue, 20 Feb 2024 15:23:14 GMT
            Red Hat Security Advisory 2024-0876-03 - An update for kpatch-patch is now available for Red Hat Enterprise Linux 8. Issues addressed include a use-after-free vulnerability.
          • Red Hat Security Advisory 2024-0866-03 Tue, 20 Feb 2024 15:23:05 GMT
            Red Hat Security Advisory 2024-0866-03 - An update for java-1.8.0-ibm is now available for Red Hat Enterprise Linux 8. Issues addressed include denial of service and deserialization vulnerabilities.
          • Red Hat Security Advisory 2024-0863-03 Tue, 20 Feb 2024 15:22:56 GMT
            Red Hat Security Advisory 2024-0863-03 - An update for the gimp:2.8 module is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Issues addressed include a buffer overflow vulnerability.
          • Red Hat Security Advisory 2024-0862-03 Tue, 20 Feb 2024 15:22:48 GMT
            Red Hat Security Advisory 2024-0862-03 - An update for the gimp:2.8 module is now available for Red Hat Enterprise Linux 8.8 Extended Update Support. Issues addressed include a buffer overflow vulnerability.
          • Red Hat Security Advisory 2024-0861-03 Tue, 20 Feb 2024 15:22:38 GMT
            Red Hat Security Advisory 2024-0861-03 - An update for the gimp:2.8 module is now available for Red Hat Enterprise Linux 8. Issues addressed include a buffer overflow vulnerability.
          • Gentoo Linux Security Advisory 202402-28 Mon, 19 Feb 2024 14:58:16 GMT
            Gentoo Linux Security Advisory 202402-28 - Multiple vulnerabilities have been discovered in Samba, the worst of which can lead to remote code execution. Versions greater than or equal to 4.18.9 are affected.
          • Debian Security Advisory 5626-1 Mon, 19 Feb 2024 14:58:02 GMT
            Debian Linux Security Advisory 5626-1 - It was discovered that malformed DNSSEC records within a DNS zone could result in denial of service against PDNS Recursor, a resolving name server.
          • Gentoo Linux Security Advisory 202402-27 Mon, 19 Feb 2024 14:57:35 GMT
            Gentoo Linux Security Advisory 202402-27 - A vulnerability has been discovered in Glade which can lead to a denial of service. Versions greater than or equal to 3.38.2 are affected.
          • Gentoo Linux Security Advisory 202402-26 Mon, 19 Feb 2024 14:37:58 GMT
            Gentoo Linux Security Advisory 202402-26 - Multiple vulnerabilities have been discovered in Mozilla Firefox, the worst of which could result in arbitrary code execution. Versions greater than or equal to 115.7.0:esr are affected.
          • Gentoo Linux Security Advisory 202402-25 Mon, 19 Feb 2024 14:30:48 GMT
            Gentoo Linux Security Advisory 202402-25 - Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution. Versions greater than or equal to 115.7.0 are affected.