Read Time:8 Second
FEDORA-2023-43cb13aefb
Packages in this update:
vim-9.0.1407-1.fc38
Update description:
Security fixes for CVE-2023-1175, CVE-2023-1170, CVE-2023-1264.
Yearly Archives: 2023
ChipMixer Crypto Laundromat Shut Down By German, US Authorities
Read Time:5 Second
The operation seized four servers, 7TB of data and 1909.4 Bitcoins (roughly $47.3m)
UK Joins US, Canada, Others in Banning TikTok From Government Devices
Read Time:4 Second
The Chancellor of the Duchy of Lancaster, Oliver Dowden, confirmed the plans earlier today
CVE-2021-36821
Read Time:8 Second
Unauth. Stored Cross-Site Scripting (XSS) vulnerability in WPMU DEV Forminator – Contact Form, Payment Form & Custom Form Builder plugin <= 1.14.11 versions.
CVE-2021-31637
Read Time:13 Second
An issue found in UwAmp v.1.1, 1.2, 1.3, 2.0, 2.1, 2.2, 2.2.1, 3.0.0, 3.0.1, 3.0.2 allows a remote attacker to execute arbitrary code via a crafted DLL.
CVE-2020-22647
Read Time:6 Second
An issue found in DepositGame v.1.0 allows an attacker to gain sensitive information via the GetBonusWithdraw and withdraw functions.
CVE-2020-19947
Read Time:7 Second
Cross Site Scripting vulnerability found in Markdown Edit allows a remote attacker to execute arbitrary code via the edit parameter of the webpage.
USN-5960-1: Python vulnerability
Read Time:9 Second
Yebo Cao discovered that Python incorrectly handled certain URLs.
An attacker could possibly use this issue to bypass blocklisting
methods by supplying a URL that starts with blank characters.
USN-5961-1: abcm2ps vulnerabilities
Read Time:30 Second
It was discovered that abcm2ps incorrectly
handled memory when parsing specially crafted ABC files.
An attacker could use this issue to cause abcm2ps to crash,
leading to a denial of service, or possibly execute
arbitrary code. This issue only affected Ubuntu 16.04 ESM
and Ubuntu 18.04 LTS.
(CVE-2018-10753, CVE-2018-10771, CVE-2019-1010069)
Chiba of Topsec Alpha Lab discovered that abcm2ps incorrectly
handled memory when parsing specially crafted ABC files.
An attacker could use this issue to cause abcm2ps to crash,
leading to a denial of service.
(CVE-2021-32434, CVE-2021-32435, CVE-2021-32436)
UK bans TikTok on government devices over data security fears
Read Time:35 Second
Social media app TikTok has been banned on UK government electronic devices, the Cabinet Office has announced. The ban, announced by the chancellor of the Duchy of Lancaster, Oliver Dowden, comes in the wake of a security review into the risks posed to government data by social media apps on devices along with the potential for sensitive information to be accessed and used by some platforms. The move follows other Western countries who have barred the Chinese-owned video app over security concerns and increasing fear that user data from the app (owned by Beijing-based company ByteDance) could end up in the hands of the Chinese government.