USN-7007-1: Linux kernel vulnerabilities
Chenyuan Yang discovered that the CEC driver driver in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a...
Microsoft Vows to Prevent Future CrowdStrike-Like Outages
Microsoft will introduce new security capabilities for solution providers outside of kernel mode, preventing events like the CrowdStrike global outage Read More
USN-7003-3: Linux kernel vulnerabilities
It was discovered that the JFS file system contained an out-of-bounds read vulnerability when printing xattr debug information. A local attacker could use this to...
ZDI-24-1224: SolarWinds Access Rights Manager JsonSerializationBinder Deserialization of Untrusted Data Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of SolarWinds Access Rights Manager. Although authentication is required to exploit this vulnerability,...
ZDI-24-1225: SolarWinds Access Rights Manager Hard-Coded Credentials Authentication Bypass Vulnerability
This vulnerability allows remote attackers to bypass authentication on affected installations of SolarWinds Access Rights Manager. Authentication is not required to exploit this vulnerability. The...
ZDI-24-1226: mySCADA myPRO Hard-Coded Credentials Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of mySCADA myPRO. Authentication is not required to exploit this vulnerability. The ZDI...
DSA-5769-1 git – security update
Multiple issues were found in Git, a fast, scalable, distributed revision control system, which may result in file overwrites outside the repository, arbitrary configuration injection...
openssl-3.2.2-7.fc41
FEDORA-2024-7d5c1bcc78 Packages in this update: openssl-3.2.2-7.fc41 Update description: Fix CVE-2024-5535: SSL_select_next_proto buffer overread Read More
Irish Data Protection Regulator to Investigate Google AI
Ireland’s Data Protection Commission launches inquiry into whether Google followed GDPR rules over AI model training Read More
WordPress plugin and theme developers told they must use 2FA
Starting October 1, WordPress plugin and theme developers must enable 2FA. This move aims to boost security and help prevent supply-chain attacks from targeting millions...