USN-6415-1: Linux kernel (OEM) vulnerabilities
Daniel Trujillo, Johannes Wikner, and Kaveh Razavi discovered that some AMD processors utilising speculative execution and branch prediction may allow unauthorised memory reads via a...
python-waitress-1.4.4-8.el9
FEDORA-EPEL-2023-0e8bb46da1 Packages in this update: python-waitress-1.4.4-8.el9 Update description: Security update to fix CVE-2022-24761. Read More
CVE-2023-40044: Progress Software WS_FTP Server Insecure Deserialization Vulnerability
What is Progress Software WS_FTP? WS_FTP is a secure file transfer client and server software package from Ipswitch, which is now a part of Progress...
thunderbird-115.3.1-1.fc38
FEDORA-2023-1f5f7b9b92 Packages in this update: thunderbird-115.3.1-1.fc38 Update description: Rebase / Update to 115.3.1 ; https://www.thunderbird.net/en-US/thunderbird/115.0/whatsnew/ ; https://support.mozilla.org/en-US/kb/thunderbird-115-supernova-faq ; https://www.thunderbird.net/en-US/thunderbird/115.2.3/releasenotes/ ; https://www.thunderbird.net/en-US/thunderbird/115.3.0/releasenotes/ ; https://www.thunderbird.net/en-US/thunderbird/115.3.1/releasenotes/ Read More
USN-6413-1: GNU binutils vulnerabilities
It was discovered that GNU binutils was not properly performing checks when dealing with memory allocation operations, which could lead to excessive memory consumption. An...
USN-6414-1: Django vulnerability
Wenchao Li discovered that the Django Truncator function incorrectly handled very long HTML input. A remote attacker could possibly use this issue to cause Django...
CVE-2022-36277
The 'sReferencia', 'sDescripcion', 'txtCodigo' and 'txtDescripcion' parameters, in the frmGestionStock.aspx and frmEditServicio.aspx files in TCMAN GIM v8.0.1, could allow an attacker to perform persistent XSS...
CVE-2022-36276
TCMAN GIM v8.0.1 is vulnerable to a SQL injection via the 'SqlWhere' parameter inside the function 'BuscarESM'. The exploitation of this vulnerability might allow a...
CVE-2021-3784
Garuda Linux performs an insecure user creation and authentication that allows any user to impersonate the created account. By creating users from the 'Garuda settings...
LightSpy iPhone Spyware Linked to Chinese APT41 Group
ThreatFabric found evidence that LighSpy is linked to Android spyware DragonEgg, attributed to the Chinese-sponsored group Read More