DSA-5064 python-nbxmpp – security update
It was discovered that missing input sanitising in python-nbxmpp, a Jabber/XMPP Python library, could result in denial of service in clients based on it (such...
Multiple Vulnerabilities in Apple Products Could Allow for Arbitrary Code Execution.
Multiple vulnerabilities have been discovered in Apple Products, the most severe of which could allow for arbitrary code execution. iOS is a mobile operating system...
Critical VMware vCenter Server vulnerability (CVE-2021-22005) being exploited in the wild
FortiGuard Labs is aware that VMware disclosed a critical vulnerability (CVE-2021-22005) on September 21st, 2021 that affects vCenter Server versions 6.7 and 7.0. A malicious...
Multiple Agency Announcement on APT Actors Exploiting Zoho ManageEngine ADSelfService Plus (AA21-259A)
On September 16th, the Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and United States Coast Guard Cyber Command (CGCYBER) released...
GLSA 202201-01: Polkit: Local privilege escalation
Post Content Read More
A Vulnerability in Polkit’s pkexec Component Could Allow For Local Privilege Escalation
A vulnerability in Polkit's pkexec component could allow for local privilege escalation. Polkit (formerly PolicyKit) is a component for controlling system-wide privileges in Unix-like operating...
DSA-5063 uriparser – security update
Two vulnerabilities were discovered in uriparser, a library that parses Uniform Resource Identifiers (URIs), which may result in denial of service or potentially in the...
A Vulnerability in F5Networks BIG-IP Could Allow for Denial of Service
A vulnerability has been discovered in F5Networks BIG-IP, which could result in a denial-of-service (DoS). BIG-IP is a family of products covering software and hardware...
DSA-5062 nss – security update
Tavis Ormandy discovered that incorrect parsing of pkcs7 sequences in nss, the Mozilla Network Security Service library, may result in denial of service. Read More
DSA-5061 wpewebkit – security update
The following vulnerabilities have been discovered in the wpewebkit web engine: Read More