This vulnerability allows remote attackers to execute arbitrary code on affected installations of Progress Software WhatsUp Gold. Authentication is not required to exploit this vulnerability. The ZDI has assigned a CVSS rating of 9.8. The following CVEs are assigned: CVE-2024-4885.
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Progress Software WhatsUp Gold. Authentication is not required to exploit this vulnerability. The ZDI has assigned a CVSS rating of 9.8. The following CVEs are assigned: CVE-2024-4884.
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Progress Software WhatsUp Gold. Authentication is required to exploit this vulnerability. The ZDI has assigned a CVSS rating of 8.8. The following CVEs are assigned: CVE-2024-5008.
Johannes Kuhn discovered that messages and channel names are not
properly escaped in the modtcl module in ZNC, a IRC bouncer, which could
result in remote code execution via specially crafted messages.
Proofpoint highlighted how smishing, impersonation and spam are eroding trust in mobile messaging
The move follows a series of reported compliance failures and lack of progress in addressing publicly disclosed incidents
Comparitech calculated that the average ransom demand was over $5.2m in the first six months of 2024, with 421 confirmed incidents during this period
Reynir Björnsson discovered that OpenVPN incorrectly handled terminating
client connections. A remote authenticated client could possibly use this
issue to keep the connection active, bypassing certain security policies.
This issue only affected Ubuntu 23.10, and Ubuntu 24.04 LTS.
(CVE-2024-28882)
Reynir Björnsson discovered that OpenVPN incorrectly handled certain
control channel messages with nonprintable characters. A remote attacker
could possibly use this issue to cause OpenVPN to consume resources, or
fill up log files with garbage, leading to a denial of service.
(CVE-2024-5594)
Find out why AI is stupid, what Toys “R” Us has done that’s even more annoying than putting that “R” in its name, why Graham Cluley has an angry AI girlfriend, and much much more in episode five of “The AI Fix” podcast
onnx-1.14.1-3.fc40
Security fix for CVE-2024-5187
