Security
Headlines
HeadlinesLatestCVEs

Tag

#google

Craft CMS 4.4.14 Code Injection

Craft CMS version 4.4.14 suffers from a PHP code injection vulnerability.

Packet Storm
Open in Source
#vulnerability#web#windows#google#php#auth#firefox
Chamilo 1.11.18 Code Injection

Chamilo version 1.11.18 suffers from a PHP code injection vulnerability.

Artica Proxy 4.40 Code Injection

Artica Proxy version 4.40 suffers from a code injection vulnerability that provides a reverse shell.

Octo2 Malware Uses Fake NordVPN, Chrome Apps to Infect Android Devices

Octo2 malware is targeting Android devices by disguising itself as popular apps like NordVPN and Google Chrome. This…

Palo Alto Networks GlobalProtect Local Privilege Escalation

Palo Alto Networks GlobalProtect versions 5.1.x, 5.2.x, 6.0.x, 6.1.x, 6.3.x and versions less than 6.2.5 suffer from a local privilege escalation vulnerability.

Android GKI Kernels Use-After-Free

Android GKI kernels contain broken non-upstream Speculative Page Faults MM code that can lead to use-after-free conditions.

AI-Powered Cybercrime Cartels on the Rise in Asia

All across the Asia-Pacific region, large and diverse marketplaces for AI cybercrime tools have developed, with deepfakes proving most popular.

Google Launches Data-Sharing Initiative to Fight Fraud

Global Signal Exchange will act as a global clearing house for online scams and fraud signals.

GHSA-q8hx-mm92-4wvg: wasmtime has a runtime crash when combining tail calls with trapping imports

### Impact Wasmtime's implementation of WebAssembly tail calls combined with stack traces can result in a runtime crash in certain WebAssembly modules. The runtime crash may be undefined behavior if Wasmtime was compiled with Rust 1.80 or prior. The runtime crash is a deterministic process abort when Wasmtime is compiled with Rust 1.81 and later. [WebAssembly tail calls](https://github.com/webassembly/tail-call) are a proposal which relatively recently reached stage 4 in the [standardization process](https://github.com/WebAssembly/proposals/). Wasmtime first enabled support for tail calls by default [in Wasmtime 21.0.0](https://github.com/bytecodealliance/wasmtime/pull/8540), although that release contained a bug where it was only on-by-default for some configurations. In [Wasmtime 22.0.0](https://github.com/bytecodealliance/wasmtime/pull/8682) tail calls were enabled by default for all configurations. The specific crash happens when an exported function in a WebAssembly module (or ...

Lamborghini Carjackers Lured by $243M Cyberheist

The parents of a 19-year-old Connecticut honors student accused of taking part in a $243 million cryptocurrency heist in August were carjacked a week later, while out house-hunting in a brand new Lamborghini. Prosecutors say the couple was beaten and briefly kidnapped by six young men who traveled from Florida as part of a botched plan to hold the parents for ransom.