Drupal core – Less critical – Gadget chain – SA-CORE-2024-006
Project: Drupal core Date: 2024-November-20 Security risk: Less critical 8 ∕ 25 AC:Complex/A:User/CI:None/II:Some/E:Theoretical/TD:Uncommon Vulnerability: Gadget chain Affected versions: >= 8.0.0 < 10.2.11 || >= 10.3.0 < 10.3.9...
Drupal core – Critical – Cross Site Scripting – SA-CORE-2024-005
Project: Drupal core Date: 2024-November-20 Security risk: Critical 17 ∕ 25 AC:None/A:None/CI:Some/II:Some/E:Theoretical/TD:Default Vulnerability: Cross Site Scripting Description: Drupal 7 core's Overlay module doesn't safely handle user input,...
Drupal core – Moderately critical – Access bypass – SA-CORE-2024-004
Project: Drupal core Date: 2024-November-20 Security risk: Moderately critical 10 ∕ 25 AC:Basic/A:User/CI:None/II:Some/E:Theoretical/TD:Default Vulnerability: Access bypass Affected versions: >= 8.0.0 < 10.2.11 || >= 10.3.0 < 10.3.9...
Drupal core – Moderately critical – Cross Site Scripting – SA-CORE-2024-003
Project: Drupal core Date: 2024-November-20 Security risk: Moderately critical 13 ∕ 25 AC:Basic/A:User/CI:Some/II:Some/E:Theoretical/TD:Default Vulnerability: Cross Site Scripting Affected versions: >= 8.8.0 < 10.2.11 || >= 10.3.0 <...
Five Privilege Escalation Flaws Found in Ubuntu needrestart
Five LPE flaws in Ubuntu’s needrestart utility enable attackers to gain root access in versions prior to 3.8 Read More
60% of Emails with QR Codes Classified as Spam or Malicious
60% of QR code emails are spam according findings from Cisco Talos, who also identified attackers using QR code art to bypass security filters Read...
Steve Bellovin’s Retirement Talk
Steve Bellovin is retiring. Here’s his retirement talk, reflecting on his career and what the cybersecurity field needs next. Read More
rust-rustls-0.23.17-1.el9 rust-zlib-rs-0.4.0-1.el9
FEDORA-EPEL-2024-3672733748 Packages in this update: rust-rustls-0.23.17-1.el9 rust-zlib-rs-0.4.0-1.el9 Update description: Update the rustls crate to version 0.23.17. Update the zlib-rs crate to version 0.4.0. The update...
rust-rustls-0.23.17-1.el10_0 rust-zlib-rs-0.4.0-1.el10_0
FEDORA-EPEL-2024-21e104619e Packages in this update: rust-rustls-0.23.17-1.el10_0 rust-zlib-rs-0.4.0-1.el10_0 Update description: Update the rustls crate to version 0.23.17. Update the zlib-rs crate to version 0.4.0. The update...
rust-rustls-0.23.17-1.fc40 rust-zlib-rs-0.4.0-1.fc40
FEDORA-2024-632b468c59 Packages in this update: rust-rustls-0.23.17-1.fc40 rust-zlib-rs-0.4.0-1.fc40 Update description: Update the rustls crate to version 0.23.17. Update the zlib-rs crate to version 0.4.0. The update...