Read Time:7 Second
Russian-made spyware BoneSpy and PlainGnome target former Soviet states, while public security bureaus in mainland China use Chinese surveillance tool EagleMsgSpy
Insurance Worker Sentenced After Illegally Accessing Claimants’ Data
Read Time:4 Second
An insurance employee has been handed a suspended sentence after illegally accessing personal information
glibc-2.40-14.fc41
Read Time:12 Second
FEDORA-2024-846e191001
Packages in this update:
glibc-2.40-14.fc41
Update description:
This update addresses a security vulnerability in the getrandom and arc4random implementation (CVE-2024-12455) on POWER systems (pcpc64le). Other architectures are not affected.
Three-Quarters of Security Leaders Admit Gaps in Hardware Knowledge
Read Time:6 Second
HP Wolf reveals that 79% of IT security decision makers are lacking in crucial hardware and firmware expertise
chromium-131.0.6778.139-1.el10_0
Read Time:12 Second
FEDORA-EPEL-2024-ed082ef765
Packages in this update:
chromium-131.0.6778.139-1.el10_0
Update description:
Update to 131.0.6778.139
High CVE-2024-12381: Type Confusion in V8
High CVE-2024-12382: Use after free in Translate
chromium-131.0.6778.139-1.el9
Read Time:12 Second
FEDORA-EPEL-2024-306ebea6f6
Packages in this update:
chromium-131.0.6778.139-1.el9
Update description:
Update to 131.0.6778.139
High CVE-2024-12381: Type Confusion in V8
High CVE-2024-12382: Use after free in Translate
chromium-131.0.6778.139-1.el8
Read Time:12 Second
FEDORA-EPEL-2024-60f7d4fb00
Packages in this update:
chromium-131.0.6778.139-1.el8
Update description:
Update to 131.0.6778.139
High CVE-2024-12381: Type Confusion in V8
High CVE-2024-12382: Use after free in Translate
chromium-131.0.6778.139-1.fc41
Read Time:12 Second
FEDORA-2024-ccaff13d21
Packages in this update:
chromium-131.0.6778.139-1.fc41
Update description:
Update to 131.0.6778.139
High CVE-2024-12381: Type Confusion in V8
High CVE-2024-12382: Use after free in Translate
chromium-131.0.6778.139-1.fc40
Read Time:12 Second
FEDORA-2024-162a4dfe4f
Packages in this update:
chromium-131.0.6778.139-1.fc40
Update description:
Update to 131.0.6778.139
High CVE-2024-12381: Type Confusion in V8
High CVE-2024-12382: Use after free in Translate
USN-7108-2: AsyncSSH vulnerabilities
Read Time:32 Second
USN-7108-1 fixed vulnerabilities in AysncSSH. This update provides the
corresponding update for Ubuntu 18.04 LTS.
Original advisory details:
Fabian Bäumer, Marcus Brinkmann, and Jörg Schwenk discovered that AsyncSSH
did not properly handle the extension info message. An attacker able to
intercept communications could possibly use this issue to downgrade
the algorithm used for client authentication. (CVE-2023-46445)
Fabian Bäumer, Marcus Brinkmann, and Jörg Schwenk discovered that AsyncSSH
did not properly handle the user authentication request message. An
attacker could possibly use this issue to control the remote end of an SSH
client session via packet injection/removal and shell emulation.
(CVE-2023-46446)