USN-6530-2: HAProxy vulnerability
Seth Manesse and Paul Plasil discovered that HAProxy incorrectly handled URI components containing the hash character (#). A remote attacker could possibly use this issue...
USN-6911-1: Nova vulnerability
Arnaud Morin discovered that Nova incorrectly handled certain raw format images. An authenticated user could use this issue to access arbitrary files on the server,...
USN-6907-1: Squid vulnerability
Joshua Rogers discovered that Squid did not properly handle multi-byte characters during Edge Side Includes (ESI) processing. A remote attacker could possibly use this issue...
USN-6909-1: Bind vulnerabilities
It was discovered that Bind incorrectly handled a flood of DNS messages over TCP. A remote attacker could possibly use this issue to cause Bind...
USN-6908-1: Tomcat vulnerabilities
It was discovered that the Tomcat SSI printenv command echoed user provided data without escaping it. An attacker could possibly use this issue to perform...
USN-6898-4: Linux kernel vulnerabilities
Ziming Zhang discovered that the DRM driver for VMware Virtual GPU did not properly handle certain error conditions, leading to a NULL pointer dereference. A...
USN-6893-3: Linux kernel vulnerabilities
It was discovered that a race condition existed in the Bluetooth subsystem in the Linux kernel when modifying certain settings values through debugfs. A privileged...
USN-6896-5: Linux kernel vulnerabilities
It was discovered that the ATA over Ethernet (AoE) driver in the Linux kernel contained a race condition, leading to a use-after-free vulnerability. An attacker...
Threat Actors leveraging the recent CrowdStrike update outage
DescriptionFortiGuard Labs is aware of the campaigns used by threat actors to spread malware, using phishing and scams to take advantage of the recent widespread...
ZDI-24-957: (0Day) Comodo Internet Security Pro cmdagent Link Following Local Privilege Escalation Vulnerability
This vulnerability allows local attackers to escalate privileges on affected installations of Comodo Internet Security Pro. An attacker must first obtain the ability to execute...