Ukrainian officials say Russian intelligence is using video games to trick children into helping the enemy
Monthly Archives: December 2024
ZDI-24-1689: Dell Avamar Fitness Analyzer API SQL Injection Information Disclosure Vulnerability
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Dell Avamar. Authentication is required to exploit this vulnerability. The ZDI has assigned a CVSS rating of 7.1. The following CVEs are assigned: CVE-2024-47977.
ZDI-24-1690: Dell Avamar Fitness Analyzer API SQL Injection Information Disclosure Vulnerability
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Dell Avamar. Authentication is required to exploit this vulnerability. The ZDI has assigned a CVSS rating of 7.1. The following CVEs are assigned: CVE-2024-47977.
ZDI-24-1691: Dell Avamar Fitness Analyzer API SQL Injection Information Disclosure Vulnerability
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Dell Avamar. Authentication is required to exploit this vulnerability. The ZDI has assigned a CVSS rating of 7.1. The following CVEs are assigned: CVE-2024-52538.
ZDI-24-1692: Dell Avamar Fitness Analyzer API SQL Injection Information Disclosure Vulnerability
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Dell Avamar. Authentication is required to exploit this vulnerability. The ZDI has assigned a CVSS rating of 7.1. The following CVEs are assigned: CVE-2024-47977.
ZDI-24-1693: Dell Avamar Web Restore Login Action SQL Injection Information Disclosure Vulnerability
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Dell Avamar. Authentication is not required to exploit this vulnerability. The ZDI has assigned a CVSS rating of 8.2. The following CVEs are assigned: CVE-2024-47484.
DSA-5832-1 gstreamer1.0 – security update
Antonio Morales reported an integer overflow vulnerability in the memory
allocator in the Core GStreamer libraries, which may result in denial of
service or potentially the execution of arbitrary code if a malformed
media file is processed.
USN-7160-1: Mpmath vulnerability
It was discovered Mpmath incorrectly handled certain regular expressions.
An attacker could possibly use this issue to cause Mpmath to consume
resources, leading to a denial of service.
doctl-1.120.0-1.fc42
FEDORA-2024-6267b82cf7
Packages in this update:
doctl-1.120.0-1.fc42
Update description:
Automatic update for doctl-1.120.0-1.fc42.
Changelog
* Sun Dec 15 2024 Mikel Olasagasti Uranga <mikel@olasagasti.info> – 1.120.0-1
– Update to 1.120.0 – Closes rhbz#2272525 rhbz#2292680 rhbz#2294002
rhbz#2331944 rhbz#2331970
Upcoming Speaking Events
This is a current list of where and when I am scheduled to speak:
I’m speaking at a joint meeting of the Boston Chapter of the IEEE Computer Society and GBC/ACM, in Boston, Massachusetts, USA, at 7:00 PM ET on Thursday, January 9, 2025. The event will take place at the Massachusetts Institute of Technology in Room 32-G449 (Kiva), as well as online via Zoom. Please register in advance if you plan to attend (whether online or in person).
The list is maintained on this page.