Security
Headlines
HeadlinesLatestCVEs

Tag

#linux

LofyGang Uses 100s of Malicious NPM Packages to Poison Open Source Software

The group has been operating for over a year, promoting their tools in hacking forums, stealing credit card information, and using typosquatting techniques to target open source software flaws.

DARKReading
#web#google#linux#nodejs#js#git#backdoor#perl#auth
Red Hat Security Advisory 2022-6838-01

Red Hat Security Advisory 2022-6838-01 - Expat is a C library for parsing XML documents. Issues addressed include a use-after-free vulnerability.

Red Hat Security Advisory 2022-6839-01

Red Hat Security Advisory 2022-6839-01 - Squid is a high-performance proxy caching server for web clients, supporting FTP, Gopher, and HTTP data objects.

Red Hat Security Advisory 2022-6850-01

Red Hat Security Advisory 2022-6850-01 - Open vSwitch provides standard network bridging functions and support for the OpenFlow protocol for remote per-flow control of traffic. Issues addressed include a denial of service vulnerability.

Red Hat Security Advisory 2022-6831-01

Red Hat Security Advisory 2022-6831-01 - Expat is a C library for parsing XML documents. Issues addressed include a use-after-free vulnerability.

Red Hat Security Advisory 2022-6832-01

Red Hat Security Advisory 2022-6832-01 - Expat is a C library for parsing XML documents. Issues addressed include a use-after-free vulnerability.

Red Hat Security Advisory 2022-6834-01

Red Hat Security Advisory 2022-6834-01 - Expat is a C library for parsing XML documents. Issues addressed include a use-after-free vulnerability.

Red Hat Security Advisory 2022-6833-01

Red Hat Security Advisory 2022-6833-01 - Expat is a C library for parsing XML documents. Issues addressed include a use-after-free vulnerability.

Hashicorp Boundary Clickjacking

Hashicorp Boundary versions prior to 0.9.1 suffer from a clickjacking vulnerability.

WordPress Zephyr Project Manager 3.2.42 SQL Injection

WordPress Zephyr Project Manager plugin version 3.2.42 suffers from a remote SQL injection vulnerability.