Security
Headlines
HeadlinesLatestCVEs

Tag

#linux

Red Hat Security Advisory 2024-5231-03

Red Hat Security Advisory 2024-5231-03 - An update for bind and bind-dyndb-ldap is now available for Red Hat Enterprise Linux 9.

Packet Storm
#vulnerability#linux#red_hat#js#ldap#auth
Debian Security Advisory 5749-1

Debian Linux Security Advisory 5749-1 - Chris Williams discovered a flaw in the handling of mounts for persistent directories in Flatpak, an application deployment framework for desktop apps. A malicious or compromised Flatpak app using persistent directories could take advantage of this flaw to access files outside of the sandbox.

OpenMetadata 1.2.3 Authentication Bypass / SpEL Injection

This Metasploit module exploits OpenMetadata versions 1.2.3 and below by chaining an API authentication bypass using JWT tokens along with a SpEL injection vulnerability to achieve arbitrary command execution.

Apache HugeGraph Gremlin Remote Code Execution

This Metasploit module exploits CVE-2024-27348, a remote code execution vulnerability that exists in Apache HugeGraph Server in versions before 1.3.0. An attacker can bypass the sandbox restrictions and achieve remote code execution through Gremlin, resulting in complete control over the server.

Red Hat Security Advisory 2024-5418-03

Red Hat Security Advisory 2024-5418-03 - An update for bind9.16 is now available for Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.6 Telecommunications Update Service.

Ubuntu Security Notice USN-6951-2

Ubuntu Security Notice 6951-2 - Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system.