Read Time:3 Second
Netacea warns of growing threat from malicious automation
Monthly Archives: September 2023
thunderbird-115.2.2-1.fc39
Read Time:32 Second
FEDORA-2023-1bcd79cdf6
Packages in this update:
thunderbird-115.2.2-1.fc39
Update description:
Update to 115.2.2 ;
https://www.thunderbird.net/en-US/thunderbird/115.1.0/releasenotes/ ;
https://www.thunderbird.net/en-US/thunderbird/115.1.1/releasenotes/ ;
https://www.thunderbird.net/en-US/thunderbird/115.2.0/releasenotes/ ;
https://www.thunderbird.net/en-US/thunderbird/115.2.1/releasenotes/ ;
https://www.thunderbird.net/en-US/thunderbird/115.2.2/releasenotes/ ;
https://www.mozilla.org/en-US/security/advisories/mfsa2023-33/ ;
https://www.mozilla.org/en-US/security/advisories/mfsa2023-38/ ;
https://www.mozilla.org/en-US/security/advisories/mfsa2023-40/
Scams Now Make Up 75% of Cyber-Threats
US Government in Snatch Ransomware Warning
CVE-2018-5478
Read Time:6 Second
Contao 3.x before 3.5.32 allows XSS via the unsubscribe module in the frontend newsletter extension.
CVE-2015-8371
Read Time:27 Second
Composer before 2016-02-10 allows cache poisoning from other projects built on the same host. This results in attacker-controlled code entering a server-side build process. The issue occurs because of the way that dist packages are cached. The cache key is derived from the package name, the dist type, and certain other data from the package repository (which may simply be a commit hash, and thus can be found by an attacker). Versions through 1.0.0-alpha11 are affected, and 1.0.0 is unaffected.
CVE-2015-5467
Read Time:8 Second
webViewAction in Yii (aka Yii2) 2.x before 2.0.5 allows attackers to execute any local .php file via a relative path in the view parameeter.
ZDI-23-1450: Ashlar-Vellum Cobalt AR File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability
Read Time:12 Second
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
ZDI-23-1451: Ashlar-Vellum Cobalt AR File Parsing Type Confusion Remote Code Execution Vulnerability
Read Time:12 Second
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
ZDI-23-1452: Ashlar-Vellum Cobalt AR File Parsing Use-After-Free Remote Code Execution Vulnerability
Read Time:12 Second
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.