[R1] Nessus 10.1.0 Fixes One Third-Party Vulnerability
Nessus leverages third-party software to help provide underlying functionality. One of the third-party components (Underscore.js) was found to contain a vulnerability, and an updated version...
DSA-5065 ipython – security update
It was discovered that IPython, an enhanced interactive Python shell, executed config files from the current working directory, which could result in cross-user attacks if...
GLSA 202201-02: Chromium, Google Chrome: Multiple vulnerabilities
Post Content Read More
DSA-5064 python-nbxmpp – security update
It was discovered that missing input sanitising in python-nbxmpp, a Jabber/XMPP Python library, could result in denial of service in clients based on it (such...
Multiple Vulnerabilities in Apple Products Could Allow for Arbitrary Code Execution.
Multiple vulnerabilities have been discovered in Apple Products, the most severe of which could allow for arbitrary code execution. iOS is a mobile operating system...
Critical VMware vCenter Server vulnerability (CVE-2021-22005) being exploited in the wild
FortiGuard Labs is aware that VMware disclosed a critical vulnerability (CVE-2021-22005) on September 21st, 2021 that affects vCenter Server versions 6.7 and 7.0. A malicious...
Multiple Agency Announcement on APT Actors Exploiting Zoho ManageEngine ADSelfService Plus (AA21-259A)
On September 16th, the Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and United States Coast Guard Cyber Command (CGCYBER) released...
GLSA 202201-01: Polkit: Local privilege escalation
Post Content Read More
A Vulnerability in Polkit’s pkexec Component Could Allow For Local Privilege Escalation
A vulnerability in Polkit's pkexec component could allow for local privilege escalation. Polkit (formerly PolicyKit) is a component for controlling system-wide privileges in Unix-like operating...
DSA-5063 uriparser – security update
Two vulnerabilities were discovered in uriparser, a library that parses Uniform Resource Identifiers (URIs), which may result in denial of service or potentially in the...