Notice: Function _load_textdomain_just_in_time was called incorrectly. Translation loading for the wordpress-seo domain was triggered too early. This is usually an indicator for some code in the plugin or theme running too early. Translations should be loaded at the init action or later. Please see Debugging in WordPress for more information. (This message was added in version 6.7.0.) in /var/www/html/wp-includes/functions.php on line 6114
[Vulnerability description]
A NULL pointer dereference in the component /X11/xedit/lisp of Xedit v1.2.3 allows attackers to cause a Denial of
Service (DoS) via a crafted lisp.lsp file.
[Vulnerability description]
freedesktop Mesa v23.0.4 was discovered to contain a NULL pointer dereference via the function
dri2GetGlxDrawableFromXDrawableId(). This vulnerability is triggered when the X11 server sends an
DRI2_BufferSwapComplete event unexpectedly when the application is using DRI3.
I think that building a tool that quite facilitates the scraping work of
the data presented by the Prometheus metrics, perhaps it is possible to
make the team that develops it becomes aware of the existing need to
protect them from their core.
23/01/2024:
– Google (search engine): ~ 1832 servers with exposed metrics
– Shodan ~ 7320 servers with exposed metrics
Searching the web for `javascript fork malloc bomb` returns results,
e.g. [here][1]: and [here][2]:
We got a javascript fork malloc bomb which crashed Chrome 121 on linux
with SIGILL and about one in five runs the virtual machine freezes.
SIGILL almost always is a sign of memory corruption 🙂
On android it crashes the current tab without explanation.
Firefox 121 on linux also crashes the current tab.
Posted by Apple Product Security via Fulldisclosure on Jan 26
APPLE-SA-01-22-2024-7 macOS Monterey 12.7.3
macOS Monterey 12.7.3 addresses the following issues.
Information about the security content is also available at https://support.apple.com/kb/HT214057.
Apple maintains a Security Updates page at https://support.apple.com/HT201222 which lists recent
software updates with security advisories.
Accessibility
Available for: macOS Monterey
Impact: An app may be able to access sensitive user data…
Posted by Apple Product Security via Fulldisclosure on Jan 26
APPLE-SA-01-22-2024-6 macOS Ventura 13.6.4
macOS Ventura 13.6.4 addresses the following issues.
Information about the security content is also available at https://support.apple.com/kb/HT214058.
Apple maintains a Security Updates page at https://support.apple.com/HT201222 which lists recent
software updates with security advisories.
Apple Neural Engine
Available for: macOS Ventura
Impact: An app may be able to execute arbitrary code with…