USN-5835-4: Cinder vulnerability

Read Time:21 Second

USN-5835-1 fixed vulnerabilities in Cinder. This update provides the
corresponding updates for Ubuntu 18.04 LTS. In addition, a regression was
fixed for Ubuntu 20.04 LTS.

Original advisory details:

Guillaume Espanel, Pierre Libeau, Arnaud Morin, and Damien Rannou
discovered that Cinder incorrectly handled VMDK image processing. An
authenticated attacker could possibly supply a specially crafted VMDK flat
image and obtain arbitrary files from the server containing sensitive
information.

A Vulnerability in SolarWinds Access Rights Manager Could Allow for Privilege Escalation

A vulnerability has been discovered in SolarWinds Access Rights Manager that could allow for privilege escalation. Successful exploitation of this...

May 15, 2024

Multiple Vulnerabilities in Google Chrome Could Allow for Arbitrary Code Execution

Multiple vulnerabilities have been discovered in Google Chrome, the most severe of which could allow for arbitrary code execution. Successful...

May 15, 2024

USN-6766-2: Linux kernel vulnerabilities

It was discovered that the Open vSwitch implementation in the Linux kernel could overflow its stack during recursive action operations...

May 15, 2024

git-2.45.1-1.fc39

FEDORA-2024-4c06645f07 Packages in this update: git-2.45.1-1.fc39 Update description: update to 2.45.1 Read More

May 15, 2024

git-2.45.1-1.fc40

FEDORA-2024-ecba8476e2 Packages in this update: git-2.45.1-1.fc40 Update description: update to 2.45.1 Read More

May 15, 2024

ZDI-24-456: NI FlexLogger FLXPROJ File Parsing Deserialization of Untrusted Data Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of NI FlexLogger. User interaction is required to...

May 15, 2024

Generated by Feedzy

Cyber Security News

Smashing Security podcast #372: The fake deepfake, and Estate insecurity

Cyber-Attack Disrupts Christie’s $840M Art Auctions

PDF Exploitation Targets Foxit Reader Users

Why You Need a Personal VPN

NCSC Expands Election Cybersecurity to Safeguard Candidates and Officials

How To Spot A Fake Facebook Account

Google Expands Synthetic Content Watermarking Tool to AI-Generated Text

Santander Customer Data Compromised Following Third-Party Breach

Current Market Forces Disincentivizing Cybersecurity, Says NCSC CTO

A Vulnerability in SolarWinds Access Rights Manager Could Allow for Privilege Escalation

Multiple Vulnerabilities in Google Chrome Could Allow for Arbitrary Code Execution

USN-6766-2: Linux kernel vulnerabilities

git-2.45.1-1.fc39

git-2.45.1-1.fc40

ZDI-24-456: NI FlexLogger FLXPROJ File Parsing Deserialization of Untrusted Data Remote Code Execution Vulnerability