Security
Headlines
HeadlinesLatestCVEs

Tag

#ios

Red Hat Security Advisory 2024-3920-03

Red Hat Security Advisory 2024-3920-03 - Migration Toolkit for Runtimes 1.2.6 release Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link in the References section. Issues addressed include a password leak vulnerability.

Packet Storm
Open in Source
#vulnerability#web#ios#red_hat#js
Update now! Google Pixel vulnerability is under active exploitation

Google revealed that a firmware vulnerability in its Pixel devices has been under limited active exploitation

Pakistani Hacking Team 'Celestial Force' Spies on Indian Gov't, Defense

Against a backdrop of political conflict, a years-long cyber-espionage campaign in South Asia is coming to light.

CVE-2024-30057: Microsoft Edge for iOS Spoofing Vulnerability

**According to the CVSS metric, successful exploitation of this vulnerability could lead to some loss of integrity (I:L)? What does that mean for this vulnerability?** The attacker is only able to modify the content of the vulnerable link to redirect the victim to a malicious site.

IPsec performance on Red Hat Enterprise Linux 9: A performance analysis of AES-GCM

Testing environmentIn this performance analysis, we investigate various configurations and testing scenarios to showcase IPsec throughput on the latest RHEL 9 platform. Our choice of a modern multicore CPU and the latest stable RHEL aims to represent today's technological capabilities.Hardware configurationDual socket of 28 cores each Intel 4th Generation Xeon Scalable ProcessorHyper-threading enabled (two sockets with 56 logical cores each)Directly connected high-speed 100Gbit Intel E810 network cardsSoftware informationDistribution: RHEL-9.4.0Kernel: 5.14.0-427.13.1.el9_4.x86_64NetworkManage

Nvidia Patches High-Severity Flaws in GPU Drivers

Nvidia's latest GPUs are a hot commodity for AI, but security vulnerabilities could expose them to attacks from hackers.

GHSA-hjx6-f647-mvf9: Invenio-Communities has a Cross-Site Scripting (XSS) vulnerability in React components

# Impact We have identified a Cross-Site Scripting (XSS) vulnerability within certain React components related to community members in the Invenio-Communities module. This vulnerability enables a user to inject a script tag into the Affiliations field during the account registration process. The malicious script is executed when the user creates a new community and is listed as a public member. The script is triggered whenever any user visits the Members section of any community that includes the compromised user. This can potentially allow the attacker to access personal information, such as cookies, of the visiting user. # Patches The problem has been patched in [v7.8.0](https://github.com/inveniosoftware/invenio-communities/releases/tag/v7.8.0). Patches also have been backported in versions [v4.2.2](https://github.com/inveniosoftware/invenio-communities/tree/v4.2.2) and [v2.8.11](https://github.com/inveniosoftware/invenio-communities/tree/v2.8.11). # Credits Thanks to [Twitter....

Why CIO & CISO Collaboration Is Key to Organizational Resilience

Alignment between these domains is quickly becoming a strategic imperative.

Apple Security Advisory 06-10-2024-1

Apple Security Advisory 06-10-2024-1 - visionOS 1.2 addresses bypass, code execution, integer overflow, out of bounds access, out of bounds read, and out of bounds write vulnerabilities.

Oracle Database Password Hash Unauthorized Access

Oracle Database versions 11.2.0.4, 12.1.0.2, 12.2.0.1, 18c, and 19c allows for unauthorized access to password hashes by an account with the DBA role.