CVE-2021-37936
It was discovered that Kibana was not sanitizing document fields containing HTML snippets. Using this vulnerability, an attacker with the ability to write documents to...
CVE-2021-33621
cgi.rb in Ruby through 2.6.x, through 3.0x, and through 3.1.x allows HTTP header injection. If a CGI application using the CGI library inserts untrusted input...
CVE-2021-31739
The SEPPmail solution is vulnerable to a Cross-Site Scripting vulnerability (XSS), because user input is not correctly encoded in HTML attributes when returned by the...
CVE-2021-22141
An open redirect flaw was found in Kibana versions before 7.13.0 and 6.8.16. If a logged in user visits a maliciously crafted URL, it could...
kubernetes-1.25.4-3.fc37
FEDORA-2022-8647729ff8 Packages in this update: kubernetes-1.25.4-3.fc37 Update description: Resolves, in part, #2142161. Security patches that resolve CVE-2022-3162 and CVE-2022-3294. Read More
Friday Squid Blogging: Squid Brains
Researchers have new evidence of how squid brains develop: Researchers from the FAS Center for Systems Biology describe how they used a new live-imaging technique...
USN-5729-2: Linux kernel vulnerabilities
It was discovered that a race condition existed in the instruction emulator of the Linux kernel on Arm 64-bit systems. A local attacker could use...
USN-5728-2: Linux kernel vulnerabilities
Jann Horn discovered that the Linux kernel did not properly track memory allocations for anonymous VMA mappings in some situations, leading to potential data structure...
USN-5727-2: Linux kernel (GCP) vulnerabilities
It was discovered that a race condition existed in the instruction emulator of the Linux kernel on Arm 64-bit systems. A local attacker could use...
Almost half of customers have left a vendor due to poor digital trust: Report
Forty-seven percent of consumers have stopped doing business with a company after losing trust in that company’s digital security, according to new research from certificate...