#Infosec2024: Tackling Cyber Challenges of AI-Generated Code
If software developers want to benefit from AI-generated code tools, they must mitigate some of the risks they could bring first, Synopsys’ Lucas von Stockhausen...
ZDI-24-567: GStreamer AV1 Video Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but...
ZDI-24-564: Fuji Electric Monitouch V-SFT V9 File Parsing Type Confusion Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fuji Electric Monitouch V-SFT. User interaction is required to exploit this vulnerability...
ZDI-24-565: Luxion KeyShot Viewer KSP File Parsing Use-After-Free Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Luxion KeyShot Viewer. User interaction is required to exploit this vulnerability in...
ZDI-24-566: Luxion KeyShot Viewer KSP File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Luxion KeyShot Viewer. User interaction is required to exploit this vulnerability in...
DSA-5706-1 libarchive – security update
An integer overflow vulnerability in the rar e8 filter was discovered in libarchive, a multi-format archive and compression library, which may result in the execution...
DSA-5704-1 pillow – security update
Multiple security issues were discovered in Pillow, a Python imaging library, which could result in denial of service or the execution of arbitrary code if...
DSA-5705-1 tinyproxy – security update
A use-after-free was discovered in tinyproxy, a lightweight, non-caching, optionally anonymizing HTTP proxy, which could result in denial of service. https://security-tracker.debian.org/tracker/DSA-5705-1 Read More
Multiple Vulnerabilities in Progress Telerik Report Server Could Allow for Remote Code Execution
Multiple vulnerabilities have been discovered in Progress Telerik Report Server, which could allow for remote code execution. Telerik Report Server provides centralized management for Progress’...
London Hospitals Cancel Operations Following Ransomware Incident
A ransomware attack on a supplier of pathology services has forced leading London hospitals to cancel operations and divert emergency patients Read More