CVE-2022-41221
The client in OpenText Archive Center Administration through 21.2 allows XXE attacks. Authenticated users of the OpenText Archive Center Administration client (Versions 16.2.3, 21.2, and...
CVE-2022-30025
SQL injection in "/Framewrk/Home.jsp" file (POST method) in tCredence Analytics iDEAL Wealth and Funds - 1.0 iallows authenticated remote attackers to inject payload via "v"...
python3.11-3.11.3-2.fc37
FEDORA-2023-63c69aa712 Packages in this update: python3.11-3.11.3-2.fc37 Update description: Fix for CVE-2023-24329 Read More
Mobile Spyware—How You Can Keep Stalkers Off Your Phone
When you wind up with mobile spyware, you may wind up with a stalker on your phone. In its most malicious forms, mobile spyware can...
python3.11-3.11.3-2.fc38
FEDORA-2023-1092538441 Packages in this update: python3.11-3.11.3-2.fc38 Update description: Fix for CVE-2023-24329 Read More
SMBs and regional MSPs are increasingly targeted by state-sponsored APT groups
Advanced persistent threat (APT) attacks were once mainly a concern for large corporations in industries that presented cyberespionage interest. That's no longer the case and...
USN-6105-2: ca-certificates update
USN-6105-1 updated ca-certificates. This provides the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. Original advisory details: The ca-certificates package contained outdated CA...
CVE-2021-25749
Windows workloads can run as ContainerAdministrator even when those workloads set the runAsNonRoot option to true. Read More
CVE-2021-25748
A security issue was discovered in ingress-nginx where a user that can create or update ingress objects can use a newline character to bypass the...
Lazarus Group Targeting Microsoft Web Servers to Launch Espionage Malware
Researchers detail the DLL side-loading technique used to deploy malware that facilitates credential theft and lateral movement Read More