Security
Headlines
HeadlinesLatestCVEs

Tag

#bios

Hacker Leaks 35 Million Scraped LinkedIn User Records

By Waqas The hacker responsible for this leak is the same individual who previously leaked databases from InfraGard and Twitter. This is a post from HackRead.com Read the original post: Hacker Leaks 35 Million Scraped LinkedIn User Records

HackRead
#web#ios#mac#git#bios#auth
CVE-2022-44569: Ivanti Automation 2023.4 Release Notes

A locally authenticated attacker with low privileges can bypass authentication due to insecure inter-process communication.

Researchers Find 34 Windows Drivers Vulnerable to Full Device Takeover

As many as 34 unique vulnerable Windows Driver Model (WDM) and Windows Driver Frameworks (WDF) drivers could be exploited by non-privileged threat actors to gain full control of the devices and execute arbitrary code on the underlying systems. "By exploiting the drivers, an attacker without privilege may erase/alter firmware, and/or elevate [operating system] privileges," Takahiro Haruyama, a

CVE-2023-3397: Linux Kernel: [PATCH] fs/jfs: Add a mutex named txEnd_lmLogClose_mutex to prevent a race condition between txEnd and lmLogClose functions

A race condition occurred between the functions lmLogClose and txEnd in JFS, in the Linux Kernel, executed in different threads. This flaw allows a local attacker with normal user privileges to crash the system or leak internal kernel information.

CVE-2023-26300: Certain HP PC products - BIOS Password Unlock

A potential security vulnerability has been identified in the system BIOS for certain HP PC products which might allow escalation of privilege. HP is releasing firmware updates to mitigate the potential vulnerability.

CVE-2023-40791: LKML: Yikebaer Aizezi: WARNING in try_grab_page

extract_user_to_sg in lib/scatterlist.c in the Linux kernel before 6.4.2 fails to unpin pages in a certain situation, as demonstrated by a WARNING for try_grab_page.

CVE-2023-5409: HP t430 and t638 Thin Clients - Firmware Tampering Vulnerability

HP is aware of a potential security vulnerability in HP t430 and t638 Thin Client PCs. These models may be susceptible to a physical attack, allowing an untrusted source to tamper with the system firmware using a publicly disclosed private key. HP is providing recommended guidance for customers to reduce exposure to the potential vulnerability.

Brands Beware: X's New Badge System Is a Ripe Cyber-Target

Scammers have targeted the vaunted blue check marks on the platform formerly known as Twitter, smearing individuals and brands alike.

RHSA-2023:5587: Red Hat Security Advisory: virt:rhel security update

An update for the virt:rhel module is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support, Red Hat Enterprise Linux 8.2 Telecommunications Update Service, and Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-40284: A buffer overflow flaw was found in NTFS-3G. This issue occurs via a crafted metadata in an NTFS image that can cause code execution. A local attacker can exploit this issue i...

Red Hat Security Advisory 2023-5405-01

Red Hat Security Advisory 2023-5405-01 - The Advanced Virtualization module provides the user-space component for running virtual machines that use KVM in environments managed by Red Hat products. Issues addressed include buffer overflow and code execution vulnerabilities.