Read Time:26 Second

FEDORA-2023-25617e952a

Packages in this update:

tpm2-tss-3.2.2-1.fc37

Update description:

Fixed:

A buffer overflow in tss2-rc as CVE-2023-22745.
The drv layer in tss2-rc should have been the policy layer.
Spec deviation in Fapi_GetDescription caused description to be NULL when it should be empty string.
This is API breaking but considered a bug since it deviated from the FAPI spec.
FAPI: undefined reference to curl_url_strerror when using curl less than 7.80.0.

USN-7464-1: Jupyter Notebook vulnerability

It was discovered that Jupyter Notebook did not properly parse HTML comments under certain circumstances. An attacker could possibly use...

April 28, 2025

[IWCC 2025] CfP: 14th International Workshop on Cyber Crime – Ghent, Belgium, Aug 11-14, 2025

Posted by Artur Janicki via Fulldisclosure on Apr 26 [APOLOGIES FOR CROSS-POSTING] CALL FOR PAPERS 14th International Workshop on Cyber...

April 27, 2025

Inedo ProGet Insecure Reflection and CSRF Vulnerabilities

Posted by Daniel Owens via Fulldisclosure on Apr 26 Inedo ProGet 2024.22 and below are vulnerable to unauthenticated denial of...

April 27, 2025

Ruby on Rails Cross-Site Request Forgery

Posted by Daniel Owens via Fulldisclosure on Apr 26 Good morning. All current versions and all versions since the 2022/2023...

April 27, 2025

Microsoft “.library-ms” File / NTLM Information Disclosure (Resurrected 2025)

Posted by hyp3rlinx on Apr 26 [-] Microsoft ".library-ms" File / NTLM Information Disclosure Spoofing (Resurrected 2025) / CVE-2025-24054 [+]...

April 27, 2025

kappanhang-0-0.3.20250427gitdffb773.fc41

FEDORA-2025-eecb0ea534 Packages in this update: kappanhang-0-0.3.20250427gitdffb773.fc41 Update description: Update to git snapshot dffb773 Read More

April 27, 2025

Friday Squid Blogging: Squid Facts on Your Phone

Law Enforcement Crackdowns Drive Novel Ransomware Affiliate Schemes

SAP Fixes Critical Vulnerability After Evidence of Exploitation

M&S Shuts Down Online Orders Amid Ongoing Cyber Incident

Security Experts Flag Chrome Extension Using AI Engine to Act Without User Input

Cryptocurrency Thefts Get Physical

US Data Breach Lawsuits Total $155M Amid Cybersecurity Failures

Popular LLMs Found to Produce Vulnerable Code by Default

Hackers access sensitive SIM card data at South Korea’s largest telecoms company

tpm2-tss-3.2.2-1.fc37

FEDORA-2023-25617e952a

Packages in this update:

Update description:

USN-7464-1: Jupyter Notebook vulnerability

[IWCC 2025] CfP: 14th International Workshop on Cyber Crime – Ghent, Belgium, Aug 11-14, 2025

Inedo ProGet Insecure Reflection and CSRF Vulnerabilities

Ruby on Rails Cross-Site Request Forgery

Microsoft “.library-ms” File / NTLM Information Disclosure (Resurrected 2025)

kappanhang-0-0.3.20250427gitdffb773.fc41