Gitpod flaw shows cloud-based development environments need security assessments
Researchers from cloud security firm Snyk recently discovered a vulnerability that would have allowed attackers to perform full account takeover and remote code execution (RCE)...
strongswan-5.9.10-1.el8
FEDORA-EPEL-2023-cf1c0e2ced Packages in this update: strongswan-5.9.10-1.el8 Update description: Update to 5.9.10 that fixes CVE-2023-26463 Read More
strongswan-5.9.10-1.el9
FEDORA-EPEL-2023-95d098a2d9 Packages in this update: strongswan-5.9.10-1.el9 Update description: Update to 5.9.10 that fixes CVE-2023-26463 Read More
strongswan-5.9.10-1.fc37
FEDORA-2023-25800591ef Packages in this update: strongswan-5.9.10-1.fc37 Update description: Update to 5.9.10 for CVE-2023-26463 Read More
strongswan-5.9.10-1.fc38
FEDORA-2023-9fb10d880d Packages in this update: strongswan-5.9.10-1.fc38 Update description: Update to 5.9.10 for CVE-2023-26463 Read More
USN-5910-1: Rack vulnerabilities
It was discovered that Rack did not properly structure regular expressions in some of its parsing components, which could result in uncontrolled resource consumption if...
API Security Flaw Found in Booking.com Allowed Full Account Takeover
The vulnerabilities could affect users logging into the site via their Facebook accounts Read More
Vice Society publishes data stolen during Vesuvius ransomware attack
A notorious ransomware gang has claimed responsibility for a cyber attack against Vesuvius, the London Stock Exchange-listed molten metal flow engineering company. Read More
Software liability reform is liable to push us off a cliff
Like “SBOMs will solve everything,” there is a regular cry to reform software liability, specifically in the case of products with insecurities and vulnerabilities. US...
USN-5909-1: Linux kernel (Azure CVM) vulnerabilities
It was discovered that the Broadcom FullMAC USB WiFi driver in the Linux kernel did not properly perform bounds checking in some situations. A physically...