Russian Sandworm Group Hit 20 Ukrainian Energy and Water Sites
Notorious APT44 group Sandworm launched a major campaign against Ukrainian critical infrastructure in March Read More
freerdp2-2.11.7-1.fc40
FEDORA-2024-982a7184e0 Packages in this update: freerdp2-2.11.7-1.fc40 Update description: Update to 2.11.7 (CVE-2024-32039, CVE-2024-32040, CVE-2024-32041, CVE-2024-32458, CVE-2024-32459, CVE-2024-32460) Read More
freerdp-2.11.7-1.fc38
FEDORA-2024-c702ea0fb1 Packages in this update: freerdp-2.11.7-1.fc38 Update description: Update to 2.11.7 (CVE-2024-32039, CVE-2024-32040, CVE-2024-32041, CVE-2024-32458, CVE-2024-32459, CVE-2024-32460) Read More
freerdp-2.11.7-1.fc39
FEDORA-2024-1b11432d52 Packages in this update: freerdp-2.11.7-1.fc39 Update description: Update to 2.11.7 (CVE-2024-32039, CVE-2024-32040, CVE-2024-32041, CVE-2024-32458, CVE-2024-32459, CVE-2024-32460) Read More
Russian APT28 Group in New “GooseEgg” Hacking Campaign
Microsoft has warned of a long-running credential stealing campaign from Russia’s APT28 Read More
chromium-124.0.6367.60-2.fc40
FEDORA-2024-8b50ca2e22 Packages in this update: chromium-124.0.6367.60-2.fc40 Update description: update to 124.0.6367.60 High CVE-2024-3832: Object corruption in V8 High CVE-2024-3833: Object corruption in WebAssembly High CVE-2024-3914:...
php-tcpdf-6.7.5-1.fc40
FEDORA-2024-27eafd0e65 Packages in this update: php-tcpdf-6.7.5-1.fc40 Update description: Version 6.7.5 (2024-04-20) Update GitHub actions fix: CSV-2024-22640 (#712) Read More
ZDI-24-377: Ivanti Avalanche WLAvalancheService Out-Of-Bounds Read Information Disclosure Vulnerability
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Ivanti Avalanche. Authentication is not required to exploit this vulnerability. The ZDI...
ZDI-24-378: Ivanti Avalanche WLAvalancheService Out-Of-Bounds Read Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ivanti Avalanche. Authentication is required to exploit this vulnerability. The ZDI has...
ZDI-24-379: Ivanti Avalanche getMasterAdhocCollectionsPath Unrestricted File Upload Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ivanti Avalanche. Authentication is required to exploit this vulnerability. The ZDI has...