Security Pop Quiz! q415.mp3

News

Packet Storm Security

Security Affairs Looking Glass Cyber
    securingtomorrow.mcafee.com
      Quick Heal Threat Post Naked Security
        ESET CIS Malware Patrol SecList MySonicWall

        Critical Infrastructure

        Case Studies

        Tools

        Exploits

        Last 20 Website Defacements - Zone-h

          Press Play to hear the answer!

          Advisories

          • Gentoo Linux Security Advisory 202406-05 Mon, 24 Jun 2024 13:22:38 GMT
            Gentoo Linux Security Advisory 202406-5 - Multiple vulnerabilities have been discovered in JHead, the worst of which may lead to arbitrary code execution. Versions greater than or equal to 3.08 are affected.
          • Gentoo Linux Security Advisory 202406-04 Mon, 24 Jun 2024 13:22:19 GMT
            Gentoo Linux Security Advisory 202406-4 - A vulnerability has been discovered in LZ4, which can lead to memory corruption. Versions greater than or equal to 1.9.3-r1 are affected.
          • Gentoo Linux Security Advisory 202406-03 Mon, 24 Jun 2024 13:18:16 GMT
            Gentoo Linux Security Advisory 202406-3 - A vulnerability has been discovered in RDoc, which can lead to execution of arbitrary code. Versions greater than or equal to 6.6.3.1 are affected.
          • Gentoo Linux Security Advisory 202406-02 Mon, 24 Jun 2024 12:58:48 GMT
            Gentoo Linux Security Advisory 202406-2 - A vulnerability has been discovered in Flatpak, which can lead to a sandbox escape. Versions greater than or equal to 1.14.6 are affected.
          • Gentoo Linux Security Advisory 202406-01 Mon, 24 Jun 2024 12:51:01 GMT
            Gentoo Linux Security Advisory 202406-1 - A vulnerability has been discovered in GLib, which can lead to privilege escalation. Versions greater than or equal to 2.78.6 are affected.
          • Red Hat Security Advisory 2024-4058-03 Mon, 24 Jun 2024 12:47:01 GMT
            Red Hat Security Advisory 2024-4058-03 - An update for python3.11 is now available for Red Hat Enterprise Linux 8. Issues addressed include denial of service and traversal vulnerabilities.
          • Red Hat Security Advisory 2024-4057-03 Mon, 24 Jun 2024 12:46:52 GMT
            Red Hat Security Advisory 2024-4057-03 - Release of OpenShift Serverless Logic 1.33.0. Issues addressed include cross site scripting and denial of service vulnerabilities.
          • Red Hat Security Advisory 2024-4054-03 Mon, 24 Jun 2024 12:46:45 GMT
            Red Hat Security Advisory 2024-4054-03 - An update for python-gunicorn is now available for Red Hat OpenStack Platform 16.2. Issues addressed include a HTTP request smuggling vulnerability.
          • Red Hat Security Advisory 2024-4053-03 Mon, 24 Jun 2024 12:46:34 GMT
            Red Hat Security Advisory 2024-4053-03 - An update for python-yaql, openstack-tripleo-heat-templates, and openstack-tripleo-common is now available for Red Hat OpenStack Platform 16.2. Issues addressed include an information leakage vulnerability.
          • Red Hat Security Advisory 2024-4052-03 Mon, 24 Jun 2024 12:46:24 GMT
            Red Hat Security Advisory 2024-4052-03 - An update for dnsmasq is now available for Red Hat Enterprise Linux 9.2 Extended Update Support.
          • Red Hat Security Advisory 2024-4051-03 Mon, 24 Jun 2024 12:46:14 GMT
            Red Hat Security Advisory 2024-4051-03 - An update for pki-core is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Issues addressed include a bypass vulnerability.
          • Red Hat Security Advisory 2024-4050-03 Mon, 24 Jun 2024 12:46:05 GMT
            Red Hat Security Advisory 2024-4050-03 - An update for libreswan is now available for Red Hat Enterprise Linux 9.
          • Red Hat Security Advisory 2024-4036-03 Fri, 21 Jun 2024 12:46:28 GMT
            Red Hat Security Advisory 2024-4036-03 - An update for thunderbird is now available for Red Hat Enterprise Linux 8. Issues addressed include bypass and use-after-free vulnerabilities.
          • Red Hat Security Advisory 2024-4035-03 Fri, 21 Jun 2024 12:46:17 GMT
            Red Hat Security Advisory 2024-4035-03 - An update for ovn-2021 is now available in Fast Datapath for Red Hat Enterprise Linux 8. Issues addressed include a denial of service vulnerability.
          • Red Hat Security Advisory 2024-4034-03 Fri, 21 Jun 2024 12:46:07 GMT
            Red Hat Security Advisory 2024-4034-03 - OpenShift container images for the Red Hat Service Interconnect 1.5 release. Issues addressed include a denial of service vulnerability.
          • Red Hat Security Advisory 2024-4028-03 Fri, 21 Jun 2024 12:46:00 GMT
            Red Hat Security Advisory 2024-4028-03 - Red Hat OpenShift Serverless version 1.33.0 is now available.
          • Red Hat Security Advisory 2024-4023-03 Fri, 21 Jun 2024 12:45:50 GMT
            Red Hat Security Advisory 2024-4023-03 - Red Hat openshift-serverless-clients kn 1.33.0 is now available. Issues addressed include denial of service and memory exhaustion vulnerabilities.
          • Red Hat Security Advisory 2024-4018-03 Fri, 21 Jun 2024 12:45:36 GMT
            Red Hat Security Advisory 2024-4018-03 - An update for thunderbird is now available for Red Hat Enterprise Linux 8.8 Extended Update Support. Issues addressed include bypass and use-after-free vulnerabilities.
          • New North Korean Based Backdoor Packs A Punch Fri, 21 Jun 2024 12:39:30 GMT
            In recent months, North Korean based threat actors have been ramping up attack campaigns in order to achieve a myriad of their objectives, whether it be financial gain or with espionage purposes in mind. The North Korean cluster of attack groups is peculiar seeing there is quite some overlap with one another, and it is not always straightforward to attribute a specific campaign to a specific threat actor. This is no different in what the authors are presenting in this paper today, where they analyze a new threat campaign, initially discovered in late May, featuring multiple layers and which ultimately delivers a seemingly new and previously undocumented backdoor. These actions appear tied to Kimsuky and is specifically focused on Aerospace and Defense companies.
          • Microsoft PlayReady Data Leak Fri, 21 Jun 2024 12:32:25 GMT
            On June 11, 2024, a Microsoft Engineer posted information about a crash that inadvertently leaked internal data related to PlayReady and Warbird libraries.
          • Debian Security Advisory 5717-1 Thu, 20 Jun 2024 20:32:47 GMT
            Debian Linux Security Advisory 5717-1 - It was discovered that user validation was incorrectly implemented for filter_var(FILTER_VALIDATE_URL) for php8.2.
          • Ubuntu Security Notice USN-6842-1 Thu, 20 Jun 2024 11:51:31 GMT
            Ubuntu Security Notice 6842-1 - It was discovered that gdb incorrectly handled certain memory operations when parsing an ELF file. An attacker could possibly use this issue to cause a denial of service. This issue is the result of an incomplete fix for CVE-2020-16599. This issue only affected Ubuntu 22.04 LTS. It was discovered that gdb incorrectly handled memory leading to a heap based buffer overflow. An attacker could use this issue to cause a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 22.04 LTS.
          • Debian Security Advisory 5716-1 Thu, 20 Jun 2024 11:51:15 GMT
            Debian Linux Security Advisory 5716-1 - Security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.
          • Ubuntu Security Notice USN-6841-1 Thu, 20 Jun 2024 11:51:01 GMT
            Ubuntu Security Notice 6841-1 - It was discovered that PHP could early return in the filter_var function resulting in invalid user information being treated as valid user information. An attacker could possibly use this issue to expose raw user input information.
          • Red Hat Security Advisory 2024-4016-03 Thu, 20 Jun 2024 11:48:35 GMT
            Red Hat Security Advisory 2024-4016-03 - An update for thunderbird is now available for Red Hat Enterprise Linux 7. Issues addressed include bypass and use-after-free vulnerabilities.