#dell

Red Hat Security Advisory 2023-1203-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include denial of service, integer overflow, and use-after-free vulnerabilities.

Microsoft's Patch Tuesday update for March 2023 is rolling out with remediations for a set of 80 security flaws, two of which have come under active exploitation in the wild. Eight of the 80 bugs are rated Critical, 71 are rated Important, and one is rated Moderate in severity. The updates are in addition to 29 flaws the tech giant fixed in its Chromium-based Edge browser in recent weeks. The

A cross-site scripting (XSS) vulnerability in the check_login function of SIPE s.r.l WI400 between version 8 and 11 included allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the f parameter.

Prometei botnet continued its activity since Cisco Talos first reported about it in 2020. Since November 2022, we have observed Prometei improving the infrastructure components and capabilities.

Dell BIOS contains an Improper Authorization vulnerability. An unauthenticated physical attacker may potentially exploit this vulnerability, leading to denial of service.

Cisco’s acquisition of cloud-native firewall provider Valtix and HPE’s deal to buy SSE provider Axis Security fill gaps in their existing portfolios.

Ubuntu Security Notice 5920-1 - It was discovered that the Upper Level Protocol subsystem in the Linux kernel did not properly handle sockets entering the LISTEN state in certain protocols, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Kyle Zeng discovered that the sysctl implementation in the Linux kernel contained a stack-based buffer overflow. A local attacker could use this to cause a denial of service or execute arbitrary code.

Dell PowerScale OneFS 9.4.0.x contains exposure of sensitive information to an unauthorized actor. A malicious authenticated local user could potentially exploit this vulnerability in certificate management, leading to a potential system takeover.

Dell NetWorker versions 19.5 and earlier contain 'Apache Tomcat' version disclosure vulnerability. A NetWorker server user with remote access to NetWorker clients may potentially exploit this vulnerability and may launch target-specific attacks.

Domotica Labs srl Ikon Server before v2.8.6 was discovered to contain a SQL injection vulnerability.