Latest News

WordPress Poll plugin version 2.3.6 suffers from a remote SQL injection vulnerability.

Debian Linux Security Advisory 5726-1 - Two vulnerabilities were discovered in the GSS message token handling in krb5, the MIT implementation of Kerberos. An attacker can take advantage of these flaws to bypass integrity protections or cause a denial of service.

Ubuntu Security Notice 6884-1 - Martin Kaesberger discovered that Nova incorrectly handled QCOW2 image processing. An authenticated user could use this issue to access arbitrary files on the server, possibly exposing sensitive information.

Ubuntu Security Notice 6883-1 - Martin Kaesberger discovered that Glance incorrectly handled QCOW2 image processing. An authenticated user could use this issue to access arbitrary files on the server, possibly exposing sensitive information.

Ubuntu Security Notice 6882-1 - Martin Kaesberger discovered that Cinder incorrectly handled QCOW2 image processing. An authenticated user could use this issue to access arbitrary files on the server, possibly exposing sensitive information.

An analysis of information-stealing malware logs published on the dark web has led to the discovery of thousands of consumers of child sexual abuse material (CSAM), indicating how such information could be used to combat serious crimes. "Approximately 3,300 unique users were found with accounts on known CSAM sources," Recorded Future said in a proof-of-concept (PoC) report published last week. "

VMWare Aria Operations for Networks (vRealize Network Insight) is vulnerable to command injection when accepting user input through the Apache Thrift RPC interface. This is a proof of concept exploit.

Veeam Backup Enterprise Manager authentication bypass proof of concept exploit. Versions prior to 12.1.2.172 are vulnerable.

Veeam Recovery Orchestrator authentication bypass proof of concept exploit.

Telerik Report Server deserialization and authentication bypass exploit chain that makes use of the vulnerabilities noted in CVE-2024-4358 and CVE-2024-1800.