Security
Headlines
HeadlinesLatestCVEs

Tag

#linux

Red Hat Security Advisory 2024-8354-03

Red Hat Security Advisory 2024-8354-03 - An update for NetworkManager-libreswan is now available for Red Hat Enterprise Linux 8.8 Extended Update Support. Issues addressed include a privilege escalation vulnerability.

Packet Storm
Open in Source
#vulnerability#linux#red_hat#js
Red Hat Security Advisory 2024-8353-03

Red Hat Security Advisory 2024-8353-03 - An update for NetworkManager-libreswan is now available for Red Hat Enterprise Linux 8. Issues addressed include a privilege escalation vulnerability.

Red Hat Security Advisory 2024-8352-03

Red Hat Security Advisory 2024-8352-03 - An update for the NetworkManager-libreswan:1.2.14 module is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Issues addressed include a privilege escalation vulnerability.

Red Hat Security Advisory 2024-8351-03

Red Hat Security Advisory 2024-8351-03 - An update for the grafana:7.3.6 module is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Telecommunications Update Service, and Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions.

Red Hat Security Advisory 2024-8338-03

Red Hat Security Advisory 2024-8338-03 - An update for NetworkManager-libreswan is now available for Red Hat Enterprise Linux 7.7 Advanced Update Support. Issues addressed include a privilege escalation vulnerability.

Red Hat Security Advisory 2024-8327-03

Red Hat Security Advisory 2024-8327-03 - An update for grafana is now available for Red Hat Enterprise Linux 8. Issues addressed include a cross site scripting vulnerability.

Red Hat Security Advisory 2024-8312-03

Red Hat Security Advisory 2024-8312-03 - An update for NetworkManager-libreswan is now available for Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions. Issues addressed include a privilege escalation vulnerability.

Ransomware Gangs Use LockBit's Fame to Intimidate Victims in Latest Attacks

Threat actors have been observed abusing Amazon S3 (Simple Storage Service) Transfer Acceleration feature as part of ransomware attacks designed to exfiltrate victim data and upload them to S3 buckets under their control. "Attempts were made to disguise the Golang ransomware as the notorious LockBit ransomware," Trend Micro researchers Jaromir Horejsi and Nitesh Surana said. "However, such is

OPA for Windows Vulnerability Exposes NTLM Hashes

The vulnerability affects all versions prior to v0.68.0 and highlights the risks organizations assume when consuming open source software and code.

GHSA-3vpc-4p9p-47hc: curl_cffi bundles a version of libcurl affected by High Severity vulnerability

### Summary curl_cffi is potentially affected by High Severity vulnerability (CVE-2023-38545) in libcurl<8.4.0 ### Details HIGH severity vulnerability in curl and libcurl: [announcement](https://github.com/curl/curl/discussions/12026#discussioncomment-7195548) Details are still unknown, but seems it will be a major issue as it's advertised by curl devs as "_probably the worst curl security flaw in a long time_". A patched version (8.4.0) and details will be published around 06:00 UTC on October 11. curl_cffi wheels on PyPI ship with libcurl 7.84.0 ### PoC [https://inspector.pypi.io/project/curl-cffi/0.5.10b2/packages/56/ae/eb7d39ad234f1f44650b910757d5aa696feff413d327c8328223ce78cb76/curl_cffi-0.5.10b2-cp37-abi3-manylinux_2_17_aarch64.manylinux2014_aarch64.whl/curl_cffi/include/curl/curlver.h](https://inspector.pypi.io/project/curl-cffi/0.5.10b2/packages/56/ae/eb7d39ad234f1f44650b910757d5aa696feff413d327c8328223ce78cb76/curl_cffi-0.5.10b2-cp37-abi3-manylinux_2_17_aarch64.manylinux2014...