Metabase Information Disclosure Vulnerability (CVE-2021-41277)
What is the attack?FortiGuard Labs observes widespread attack attempts targeting a three-year-old Metabase vulnerability (CVE-2021-41277) detected by more than 30,000 sensors. Successful exploitation could lead...
USN-7072-2: Linux kernel (GKE) vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the...
USN-7062-2: libgsf vulnerabilities
USN-7062-1 fixed vulnerabilities in libgsf. This update provides the corresponding updates for Ubuntu 24.10. Original advisory details: It was discovered that libgsf incorrectly handled certain...
USN-7042-3: cups-browsed vulnerability
USN-7042-2 released an improved fix for cups-browsed. This update provides the corresponding update for Ubuntu 24.10. Original advisory details: Simone Margaritelli discovered that cups-browsed could...
SEC Consult SA-20241015-0 :: Multiple Vulnerabilities in Rittal IoT Interface & CMC III Processing Unit (CVE-2024-47943, CVE-2024-47944, CVE-2024-47945)
Posted by SEC Consult Vulnerability Lab via Fulldisclosure on Oct 20 No message preview for long message of 359314 bytes. Read More
CVE-2024-48939: Unauthorized enabling of API in Paxton Net2 software
Posted by Jeroen Hermans via Fulldisclosure on Oct 20 CloudAware Security Advisory CVE-2024-48939: Unauthorized enabling of API in Paxton Net2 software ======================================================================== Summary ======================================================================== Bypass...
USN-7077-1: AMD Microcode vulnerability
Enrique Nissim and Krzysztof Okupski discovered that some AMD processors did not properly restrict access to the System Management Mode (SMM) configuration when the SMM...
DSA-5794-1 openjdk-17 – security update
Several vulnerabilities have been discovered in the OpenJDK Java runtime, which may result in denial of service or information disclosure. https://security-tracker.debian.org/tracker/DSA-5794-1 Read More
DSA-5795-1 python-sql – security update
Cedric Krier discovered that python-sql, a library to write SQL queries in a pythonic way, performed insufficient sanitising which could result in SQL injection. https://security-tracker.debian.org/tracker/DSA-5795-1...
DSA-5793-1 chromium – security update
Security issues were discovered in Chromium which could result in the execution of arbitrary code, denial of service, or information disclosure. https://security-tracker.debian.org/tracker/DSA-5793-1 Read More