USN-6744-2: Pillow vulnerability
USN-6744-1 fixed a vulnerability in Pillow (Python 3). This update provides the corresponding updates for Pillow (Python 2) in Ubuntu 20.04 LTS. Original advisory details:...
Dependency Confusion Vulnerability Found in Apache Project
This occurs when a private package fetches a similar public one, leading to exploit due to misconfigurations in package managers Read More
python-dns-2.6.1-1.fc40
FEDORA-2024-930af3332f Packages in this update: python-dns-2.6.1-1.fc40 Update description: Update to 2.6.1 (rhbz#2263657) (refix for CVE-2023-29483) Read More
USN-6745-1: Percona XtraBackup vulnerability
It was discovered that in Percona XtraBackup, a local crafted filename could trigger arbitrary code execution. Read More
CrushFTP File Transfer Vulnerability Lets Attackers Download System Files
CrushFTP is urging customers to download v11 of its file transfer platform, with attackers actively exploiting a vulnerability that allows them to download system files...
NSA Launches Guidance for Secure AI Deployment
The new document is the first release from NSA’s Artificial Intelligence Security Center (AISC), in partnership with other government agencies in the US and other...
Bring Your Own Device: How to Educate Your Employees On Cybersecurity Best Practices
The content of this post is solely the responsibility of the author. AT&T does not adopt or endorse any of the views, positions, or information...
USN-6738-1: LXD vulnerability
Fabian Bäumer, Marcus Brinkmann, and Jörg Schwenk discovered that LXD incorrectly handled the handshake phase and the use of sequence numbers in SSH Binary Packet...
USN-6744-1: Pillow vulnerability
Hugo van Kemenade discovered that Pillow was not properly performing bounds checks when processing an ICC file, which could lead to a buffer overflow. If...
NCSC Announces PwC’s Richard Horne as New CEO
The UK’s National Cyber Security Centre will see Richard Horne take over as its new boss in the autumn Read More