YubiKey Side-Channel Attack
There is a side-channel attack against YubiKey access tokens that allows someone to clone a device. It’s a complicated attack, requiring the victim’s username and...
ruby-3.3.5-14.fc41
FEDORA-2024-cfcd6258fa Packages in this update: ruby-3.3.5-14.fc41 Update description: Upgrade to Ruby 3.3.5. Read More
Spyware Vendors’ Nebulous Ecosystem Helps Them Evade Sanctions
The secret web of at least 435 entities across 42 countries making up the spyware landscape facilitates unpunished security and human rights violations, the Atlantic...
openjpeg-2.5.2-4.fc41
FEDORA-2024-3ecdf562bf Packages in this update: openjpeg-2.5.2-4.fc41 Update description: Backport fix for CVE-2023-39327. Read More
US and Allies Accuse Russian Military of Destructive Cyber-Attacks
The joint government advisory highlighted the cyber activities of Unit 29155, which has launched destructive cyber-attacks against critical infrastructure globally Read More
clamav-1.0.7-1.el8
FEDORA-EPEL-2024-cef1a533b1 Packages in this update: clamav-1.0.7-1.el8 Update description: Update to 1.0.7 CVE-2024-20506: Changed the logging module to disable following symlinks on Linux and Unix systems...
[SYSS-2024-030]: C-MOR Video Surveillance – OS Command Injection (CWE-78)
Posted by Matthias Deeg via Fulldisclosure on Sep 05 Advisory ID: SYSS-2024-030 Product: C-MOR Video Surveillance Manufacturer: za-internet GmbH Affected Version(s): 5.2401, 6.00PL01 Tested Version(s):...
[SYSS-2024-029]: C-MOR Video Surveillance – Dependency on Vulnerable Third-Party Component (CWE-1395)
Posted by Matthias Deeg via Fulldisclosure on Sep 05 Advisory ID: SYSS-2024-029 Product: C-MOR Video Surveillance Manufacturer: za-internet GmbH Affected Version(s): 5.2401 Tested Version(s): 5.2401...
[SYSS-2024-028]: C-MOR Video Surveillance – Cleartext Storage of Sensitive Information (CWE-312)
Posted by Matthias Deeg via Fulldisclosure on Sep 05 Advisory ID: SYSS-2024-028 Product: C-MOR Video Surveillance Manufacturer: za-internet GmbH Affected Version(s): 5.2401, 6.00PL01 Tested Version(s):...
[SYSS-2024-027]: C-MOR Video Surveillance – Improper Privilege Management (CWE-269)
Posted by Matthias Deeg via Fulldisclosure on Sep 05 Advisory ID: SYSS-2024-027 Product: C-MOR Video Surveillance Manufacturer: za-internet GmbH Affected Version(s): 5.2401, 6.00PL01 Tested Version(s):...