USN-6413-1: GNU binutils vulnerabilities
It was discovered that GNU binutils was not properly performing checks when dealing with memory allocation operations, which could lead to excessive memory consumption. An...
USN-6414-1: Django vulnerability
Wenchao Li discovered that the Django Truncator function incorrectly handled very long HTML input. A remote attacker could possibly use this issue to cause Django...
CVE-2022-36277
The 'sReferencia', 'sDescripcion', 'txtCodigo' and 'txtDescripcion' parameters, in the frmGestionStock.aspx and frmEditServicio.aspx files in TCMAN GIM v8.0.1, could allow an attacker to perform persistent XSS...
CVE-2022-36276
TCMAN GIM v8.0.1 is vulnerable to a SQL injection via the 'SqlWhere' parameter inside the function 'BuscarESM'. The exploitation of this vulnerability might allow a...
CVE-2021-3784
Garuda Linux performs an insecure user creation and authentication that allows any user to impersonate the created account. By creating users from the 'Garuda settings...
LightSpy iPhone Spyware Linked to Chinese APT41 Group
ThreatFabric found evidence that LighSpy is linked to Android spyware DragonEgg, attributed to the Chinese-sponsored group Read More
USN-6412-1: Linux kernel vulnerabilities
Hyunwoo Kim discovered that the DVB Core driver in the Linux kernel contained a race condition during device removal, leading to a use-after- free vulnerability....
EvilProxy Phishing Attack Strikes Indeed, Targets Executives
Menlo Labs brought this discovery to light in an advisory published on Tuesday Read More
CVE-2022-43906
IBM Security Guardium 11.5 could disclose sensitive information due to a missing or insecure SameSite attribute for a sensitive cookie. IBM X-Force ID: 240897. Read...
Malware-Infected Devices Sold Through Major Retailers
The BADBOX scheme deploys the Triada malware on various devices like smartphones and tablets Read More