Read Time:3 Second
Many are operating under a false sense of security
Daily Archives: September 28, 2022
Meta Takes Down Russian “Smash-and-Grab” Disinformation Campaign
ZDI-22-1302: Rockwell Automation ThinManager ThinServer URI Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability
Read Time:7 Second
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Rockwell Automation ThinManager. Authentication is not required to exploit this vulnerability.
dropbear-2019.78-4.el8
Read Time:7 Second
FEDORA-EPEL-2022-54e8e9bf3b
Packages in this update:
dropbear-2019.78-4.el8
Update description:
Backport fix for CVE-2020-36254, resolves rhbz#1933067
dropbear-2017.75-2.el7
Read Time:10 Second
FEDORA-EPEL-2022-f0317a13d8
Packages in this update:
dropbear-2017.75-2.el7
Update description:
Backport fix for CVE-2018-15599, resolves rhbz#1623177
Backport fix for CVE-2020-36254, resolves rhbz#1933067
DSA-5244 chromium – security update
Read Time:7 Second
Multiple security issues were discovered in Chromium, which could result
in the execution of arbitrary code, denial of service or information
disclosure.
DSA-5242 maven-shared-utils – security update
Read Time:10 Second
It was discovered that the Commandline class in maven-shared-utils, a
collection of various utility classes for the Maven build system, can
emit double-quoted strings without proper escaping, allowing shell
injection attacks.
DSA-5243 lighttpd – security update
Read Time:4 Second
Several vulnerabilities were discovered in lighttpd, a fast webserver
with minimal memory footprint.
DSA-5240 webkit2gtk – security update
Read Time:3 Second
The following vulnerabilities have been discovered in the WebKitGTK
web engine:
DSA-5241 wpewebkit – security update
Read Time:4 Second
The following vulnerabilities have been discovered in the WPE WebKit
web engine: