Security
Headlines
HeadlinesLatestCVEs

Tag

#linux

Red Hat Security Advisory 2024-0254-03

Red Hat Security Advisory 2024-0254-03 - An update for rsync is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Issues addressed include a buffer over-read vulnerability.

Packet Storm
Open in Source
#vulnerability#linux#red_hat#js
Red Hat Security Advisory 2024-0253-03

Red Hat Security Advisory 2024-0253-03 - An update for sqlite is now available for Red Hat Enterprise Linux 8. Issues addressed include a buffer overflow vulnerability.

Red Hat Security Advisory 2024-0252-03

Red Hat Security Advisory 2024-0252-03 - An update for krb5 is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Issues addressed include bypass and cross site request forgery vulnerabilities.

Patch management needs a revolution, part 2: The flood of vulnerabilities

This is the second part of Vincent Danen’s “Patch management needs a revolution” series. The first post can be read here.When I started working in the security field over 20 years ago, CVE (Common Vulnerabilities and Exposures) had just been created. In 1999, MITRE, a US-based Federally Funded Research and Development Corporation (FFRDC) was established to advance national security, creating the CVE program as a way of cataloging vulnerabilities so that any single vulnerability could be distinguished from another. It was a few years before it gained wider adoption and longer yet to be co

3 Ransomware Group Newcomers to Watch in 2024

The ransomware industry surged in 2023 as it saw an alarming 55.5% increase in victims worldwide, reaching a staggering 4,368 cases.  Figure 1: Year over year victims per quarter The rollercoaster ride from explosive growth in 2021 to a momentary dip in 2022 was just a teaser—2023 roared back with the same fervor as 2021, propelling existing groups and ushering in a wave of formidable

Gentoo Linux Security Advisory 202401-18

Gentoo Linux Security Advisory 202401-18 - A vulnerability has been found in zlib that can lead to a heap-based buffer overflow. Versions greater than or equal to 1.2.13-r2 are affected.

Gentoo Linux Security Advisory 202401-17

Gentoo Linux Security Advisory 202401-17 - A vulnerability has been found in libgit2 which could result in privilege escalation. Versions greater than or equal to 1.4.4 are affected.

Korenix JetNet Series Unauthenticated Access

Korenix JetNet Series allows TFTP without authentication and also allows for unauthenticated firmware upgrades.

Forescout Report Uncovers New Details in Danish Energy Hack

By Deeba Ahmed The attacks, potentially linked to Russian APT Sandworm, exploited vulnerabilities in Zyxel firewalls. This is a post from HackRead.com Read the original post: Forescout Report Uncovers New Details in Danish Energy Hack

High-Severity Flaws Uncovered in Bosch Thermostats and Smart Nutrunners

Multiple security vulnerabilities have been disclosed in Bosch BCC100 thermostats and Rexroth NXA015S-36V-B smart nutrunners that, if successfully exploited, could allow attackers to execute arbitrary code on affected systems. Romanian cybersecurity firm Bitdefender, which discovered the flaw in Bosch BCC100 thermostats last August, said the issue could be weaponized by an attacker to