Month: August 2023

Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to...

FEDORA-2023-c68f2227e6 Packages in this update: php-8.1.22-1.fc37 Update description: PHP version 8.1.22 (03 Aug 2023) Build: Fixed bug GH-11522 (PHP version check fails with '-' separator)....

In affected versions of Octopus Deploy it is possible for a low privileged guest user to craft a request that allows enumeration/recon of an environment....

In affected versions of Octopus Deploy it is possible for a low privileged guest user to interact with extension endpoints. Read More

FEDORA-2023-b7b87e4966 Packages in this update: xen-4.16.4-4.fc37 Update description: arm: Guests can trigger a deadlock on Cortex-A77 [XSA-436, CVE-2023-34320] (#2228238) bugfix for x86/AMD: Zenbleed [XSA-433, CVE-2023-20593]...

FEDORA-2023-0d6aa10621 Packages in this update: xen-4.17.1-9.fc38 Update description: arm: Guests can trigger a deadlock on Cortex-A77 [XSA-436, CVE-2023-34320] (#2228238) bugfix for x86/AMD: Zenbleed [XSA-433, CVE-2023-20593]...

Posted by Stefan Pietsch on Aug 01 # Trovent Security Advisory 2303-01 # ##################################### Authenticated remote code execution in Eramba ############################################# Overview ######## Advisory ID:...

Posted by Rick Verdoes via Fulldisclosure on Aug 01 ========================= Exploit Title: Hostname injection leads to Remote Code Execution RCE (Authenticated) Product: Gaia Portal Vendor:...