USN-7139-1: Apache Shiro vulnerability

Read Time:11 Second

It was discovered that Apache Shiro used a static cipher within the
“Remember Me” feature inside authentication by default. An attacker could
possibly use this issue to achieve remote code execution or obtain
sensitive information.

USN-7178-1: DPDK vulnerability

It was discovered that DPDK incorrectly handled the Vhost library checksum offload feature. An malicious guest could possibly use this...

December 19, 2024

LSN-0108-1: Kernel Live Patch Security Notice

In the Linux kernel, the following vulnerability has been resolved: tls: fix use-after-free on failed backlog decryption When the decrypt...

December 19, 2024

Stored XSS with Filter Bypass – blogenginev3.3.8

Posted by Andrey Stoykov on Dec 18 # Exploit Title: Stored XSS with Filter Bypass - blogenginev3.3.8 # Date: 12/2024...

December 19, 2024

[SYSS-2024-085]: Broadcom CA Client Automation – Improper Privilege Management (CWE-269)

Posted by Matthias Deeg via Fulldisclosure on Dec 18 Advisory ID: SYSS-2024-085 Product: CA Client Automation (CA DSM) Manufacturer: Broadcom...

December 19, 2024

webkitgtk-2.46.5-1.fc40

FEDORA-2024-03a1955920 Packages in this update: webkitgtk-2.46.5-1.fc40 Update description: Update to 2.46.5: Fix several crashes and rendering issues. CVE-2024-54479, CVE-2024-54502, CVE-2024-54508,...

December 19, 2024

webkitgtk-2.46.5-1.fc41

FEDORA-2024-32bc143584 Packages in this update: webkitgtk-2.46.5-1.fc41 Update description: Update to 2.46.5: Fix several crashes and rendering issues. CVE-2024-54479, CVE-2024-54502, CVE-2024-54508,...

December 19, 2024

US Organizations Still Using Kaspersky Products Despite Ban

Smashing Security podcast #398: Fake CAPTCHAs, Harmageddon, and Krispy Kreme

Mailbox Insecurity

New Malware Can Kill Engineering Processes in ICS Environments

EU Opens Door for AI Training Using Personal Data

Crypto-Hackers Steal $2.2bn as North Koreans Dominate

Recorded Future CEO Calls Russia’s “Undesirable” Listing a “Compliment”

Vulnerability Exploit Assessment Tool EPSS Exposed to Adversarial Attack

Interpol Calls for an End to “Pig Butchering” Terminology

USN-7139-1: Apache Shiro vulnerability

USN-7178-1: DPDK vulnerability

LSN-0108-1: Kernel Live Patch Security Notice

Stored XSS with Filter Bypass – blogenginev3.3.8

[SYSS-2024-085]: Broadcom CA Client Automation – Improper Privilege Management (CWE-269)

webkitgtk-2.46.5-1.fc40

webkitgtk-2.46.5-1.fc41