USN-7141-1: oFono vulnerabilities

Read Time:12 Second

It was discovered that oFono incorrectly handled decoding SMS messages
leading to a stack overflow. A remote attacker could potentially use
this issue to cause a denial of service.
(CVE-2023-2794, CVE-2023-4233, CVE-2023-4234)

perl-5.40.2-518.fc42

FEDORA-2025-30244ebfc7 Packages in this update: perl-5.40.2-518.fc42 Update description: Fixes CVE-2025-40909 - Clone dirhandles without fchdir Read More

July 10, 2025

perl-5.40.2-516.fc41

FEDORA-2025-f142899732 Packages in this update: perl-5.40.2-516.fc41 Update description: Fixes CVE-2025-40909 - Clone dirhandles without fchdir Read More

July 10, 2025

Tiki Wiki CMS Groupware <= 28.3 Two Server-Side Template Injection Vulnerabilities

Posted by Egidio Romano on Jul 09 ---------------------------------------------------------------------------------- Tiki Wiki CMS Groupware <= 28.3 Two Server-Side Template Injection Vulnerabilities ----------------------------------------------------------------------------------...

July 10, 2025

KL-001-2025-011: Schneider Electric EcoStruxure IT Data Center Expert Unauthenticated Server-Side Request Forgery

Posted by KoreLogic Disclosures via Fulldisclosure on Jul 09 KL-001-2025-011: Schneider Electric EcoStruxure IT Data Center Expert Unauthenticated Server-Side Request...

July 9, 2025

KL-001-2025-010: Schneider Electric EcoStruxure IT Data Center Expert Privilege Escalation

Posted by KoreLogic Disclosures via Fulldisclosure on Jul 09 KL-001-2025-010: Schneider Electric EcoStruxure IT Data Center Expert Privilege Escalation Title:...

July 9, 2025

KL-001-2025-009: Schneider Electric EcoStruxure IT Data Center Expert Remote Command Execution

Posted by KoreLogic Disclosures via Fulldisclosure on Jul 09 KL-001-2025-009: Schneider Electric EcoStruxure IT Data Center Expert Remote Command Execution...

July 9, 2025

Smashing Security podcast #425: Call of Duty: From pew-pew to pwned

As Texas floods, so does the internet – with dangerous lies

Ransomware Attack Stops Nova Scotia Power Meter Readings

AiLock ransomware: What you need to know

Microsoft Patch Tuesday: One Zero-Day and A Potential ‘Wormable’ Flaw

Yet Another Strava Privacy Leak

Chinese State-Sponsored Hacker Charged Over COVID-19 Research Theft

MacOS Infostealer AMOS Evolves with Backdoor for Persistent Access

M&S Chair Details Ransomware Attack, Declines to Confirm if Payment Was Made

USN-7141-1: oFono vulnerabilities

perl-5.40.2-518.fc42

perl-5.40.2-516.fc41

Tiki Wiki CMS Groupware <= 28.3 Two Server-Side Template Injection Vulnerabilities

KL-001-2025-011: Schneider Electric EcoStruxure IT Data Center Expert Unauthenticated Server-Side Request Forgery

KL-001-2025-010: Schneider Electric EcoStruxure IT Data Center Expert Privilege Escalation

KL-001-2025-009: Schneider Electric EcoStruxure IT Data Center Expert Remote Command Execution