Category Archives: Advisories

Christoper L. Shannon discovered that the implementation of the OpenWire
protocol in Apache ActiveMQ was susceptible to the execution of
arbitrary code.

https://security-tracker.debian.org/tracker/DSA-5798-1

Advisories

python-single-version-1.6.0-1.fc40

October 25, 2024

Read Time:6 Second

FEDORA-2024-e82145eb25

Packages in this update:

python-single-version-1.6.0-1.fc40

Update description:

Initial import

Advisories

SEC Consult SA-20241024-0 :: Unauthenticated Path Traversal Vulnerability in Lawo AG – vsm LTC Time Sync (vTimeSync) (CVE-2024-6049)

October 25, 2024

Read Time:17 Second

Posted by SEC Consult Vulnerability Lab via Fulldisclosure on Oct 24

SEC Consult Vulnerability Lab Security Advisory < 20241024-0 >
=======================================================================
title: Unauthenticated Path Traversal Vulnerability
product: Lawo AG – vsm LTC Time Sync (vTimeSync)
vulnerable version: <4.5.6.0
fixed version: 4.5.6.0
CVE number: CVE-2024-6049
impact: high
homepage:…

Advisories

[RESEARCH] DTLS ‘ClientHello’ Race Conditions in WebRTC Implementations

October 25, 2024

Read Time:19 Second

Posted by Sandro Gauci via Fulldisclosure on Oct 24

Dear Full Disclosure community,

We’ve released a white paper detailing a critical vulnerability affecting multiple WebRTC implementations: “DTLS
‘ClientHello’ Race Conditions in WebRTC Implementations”.

White paper: https://www.enablesecurity.com/research/webrtc-hello-race-conditions-paper.pdf

Key points:

1. Vulnerability: Failure to properly verify the origin of DTLS “ClientHello” messages in WebRTC…

Advisories

Adversary3 updated with 700 malware and C2 panel vulnerabilities

October 25, 2024

Read Time:10 Second

Posted by malvuln on Oct 24

Adversary3 malware vulnerability intel tool for third-party attackers
living off malware (LOM), updated with 700 malware and C2 panel
vulnerabilities

https://github.com/malvuln/Adversary3

Thanks,
malvuln

Advisories

DSA-5797-1 twisted – security update

October 25, 2024

Read Time:11 Second

Multiple security issues were found in Twisted, an event-based framework
for internet applications, which could result in incorrect ordering of
HTTP requests or cross-site scripting.

https://security-tracker.debian.org/tracker/DSA-5797-1

Advisories

DSA-5796-1 libheif – security update

October 25, 2024

Read Time:12 Second

Multiple security issues were found in libheif, a library to parse HEIF
and AVIF files, which could result in denial of service or potentially
the execution of arbitrary code.

https://security-tracker.debian.org/tracker/DSA-5796-1

Advisories

mysql8.0-8.0.40-1.fc41

October 24, 2024

Read Time:11 Second

FEDORA-2024-9bef6cc6d4

Packages in this update:

mysql8.0-8.0.40-1.fc41

Update description:

MySQL 8.0.40

Release notes:

https://dev.mysql.com/doc/relnotes/mysql/8.0/en/news-8-0-40.html

Advisories

mysql8.0-8.0.40-1.fc40

October 24, 2024

Read Time:11 Second

FEDORA-2024-0c1c9227e5

Packages in this update:

mysql8.0-8.0.40-1.fc40

Update description:

MySQL 8.0.40

Release notes:

https://dev.mysql.com/doc/relnotes/mysql/8.0/en/news-8-0-40.html

Cyber Security News

Category Archives: Advisories

python-quart-0.19.8-1.fc41

FEDORA-2024-2f78bf0769

Packages in this update:

Update description:

0.19.8 2024-10-25

0.19.7 2024-10-25

DSA-5798-1 activemq – security update

python-single-version-1.6.0-1.fc40

FEDORA-2024-e82145eb25

Packages in this update:

Update description:

SEC Consult SA-20241024-0 :: Unauthenticated Path Traversal Vulnerability in Lawo AG – vsm LTC Time Sync (vTimeSync) (CVE-2024-6049)

[RESEARCH] DTLS ‘ClientHello’ Race Conditions in WebRTC Implementations

Adversary3 updated with 700 malware and C2 panel vulnerabilities

DSA-5797-1 twisted – security update

DSA-5796-1 libheif – security update

mysql8.0-8.0.40-1.fc41

FEDORA-2024-9bef6cc6d4

Packages in this update:

Update description:

mysql8.0-8.0.40-1.fc40

FEDORA-2024-0c1c9227e5

Packages in this update:

Update description:

News, Advisories and much more