Ivanti Connect Secure and Policy Secure Gateways Zero-day Vulnerabilities (CVE-2023-46805 and CVE-2024-21887)
What is the Vulnerability? Ivanti recently published an advisory on two vulnerabilities on Jan 10, 2024 affecting Ivanti Connect Secure (ICS) and Ivanti Policy Secure...
Re: ODR violation in Redis Raft
Posted by Jeffrey Walton on Jan 18 I fail to see how a One Definition Rule (ODR) violation results in a Remote Code Execution. Can...
Minor firefox DoS – semi silently polluting ~/Downloads with files (part 2)
Posted by Georgi Guninski on Jan 18 Minor firefox DoS - semi silently polluting ~/Downloads with files (part 2) Tested on: firefox 121 and chrome...
USN-6590-1: Xerces-C++ vulnerabilities
It was discovered that Xerces-C++ was not properly handling memory management operations when parsing XML data containing external DTDs, which could trigger a use-after-free error....
USN-6589-1: FileZilla vulnerability
Fabian Baeumer, Marcus Brinkmann and Joerg Schwenk discovered that the SSH protocol used in FileZilla is prone to a prefix truncation attack, known as the...
grub2-2.06-114.fc38
FEDORA-2024-633dc7e183 Packages in this update: grub2-2.06-114.fc38 Update description: Combined update for several fixes as well as security fix for CVE-2023-4001 Mon Jan 15 2024 Nicolas...
TA866 Resurfaces in Targeted OneDrive Campaign
Proofpoint said it thwarted a large-scale campaign on January 11 primarily targeting North America Read More
grub2-2.06-116.fc39
FEDORA-2024-53d986312e Packages in this update: grub2-2.06-116.fc39 Update description: Combined update for several fixes as well as security fix for CVE-2023-4001 Mon Jan 15 2024 Nicolas...
New Malware Campaign Exploits 9hits in Docker Assault
Discovered by Cado Security, the campaign deploys two containers to vulnerable Docker instances Read More
Iranian Phishing Campaign Targets Israel-Hamas War Experts
Microsoft said the social engineering campaign aims to steal sensitive data from experts deemed to be able to influence intelligence and policies relating to the...