ICO says handling of domestic abuse victims’ data must improve
Yearly Archives: 2023
USN-6398-1: ReadyMedia vulnerabilities
It was discovered that ReadyMedia was vulnerable to DNS rebinding attacks.
A remote attacker could possibly use this issue to trick the local DLNA
server to leak information. This issue only affected Ubuntu 16.04 LTS,
Ubuntu 18.04 LTS, Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. (CVE-2022-26505)
It was discovered that ReadyMedia incorrectly handled certain HTTP requests
using chunked transport encoding. A remote attacker could possibly use this
issue to cause buffer overflows, resulting in out-of-bounds reads and writes.
(CVE-2023-33476)
Attacks on European Financial Services Double in a Year
NCSC Launches Cyber Incident Exercise Scheme
gdb-13.2-3.fc37
FEDORA-2023-8d0913f986
Packages in this update:
gdb-13.2-3.fc37
Update description:
Security fix for CVE-2022-48064, Backport upstream commit 8f2c64de86b which fixes RHBZ 2233961,
ZDI-23-1468: (0Day) Exim NTLM Challenge Out-Of-Bounds Read Information Disclosure Vulnerability
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Exim. Authentication is not required to exploit this vulnerability.
ZDI-23-1469: (0Day) Exim AUTH Out-Of-Bounds Write Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Exim. Authentication is not required to exploit this vulnerability.
ZDI-23-1470: (0Day) Exim SMTP Challenge Stack-based Buffer Overflow Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Exim. Authentication is not required to exploit this vulnerability.
ZDI-23-1471: (0Day) Exim Improper Neutralization of Special Elements Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Exim. Authentication is not required to exploit this vulnerability.
ZDI-23-1472: (0Day) Exim libspf2 Integer Underflow Remote Code Execution Vulnerability
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Exim libspf2. Authentication is not required to exploit this vulnerability.