Tag
#linux
SAP SAProuter suffers from an improper access control vulnerability where permitting loopback traffic can lead to unexpected behavior.
Malicious actors such as Kinsing are taking advantage of both recently disclosed and older security flaws in Oracle WebLogic Server to deliver cryptocurrency-mining malware. Cybersecurity company Trend Micro said it found the financially-motivated group leveraging the vulnerability to drop Python scripts with capabilities to disable operating system (OS) security features such as
As organizations adopt container-based ecosystems, the approach to continuous IT security and compliance must shift from traditional system security assessments to new methodologies that account for how cloud-based technologies operate. Containers enable agnosticism amongst cloud computing operating environments by packaging applications, or workloads, within a virtualized environment.
An issue in the component post_applogin.php of Super Flexible Software GmbH & Co. KG Syncovery 9 for Linux v9.47x and below allows attackers to escalate privileges via creating crafted session tokens.
XPDF v4.04 was discovered to contain a stack overflow via the function Catalog::countPageTree() at Catalog.cc.
By Deeba Ahmed The Flexlan FXA3000 and FXA2000 series LAN devices made by the Japan-based firm contain two critical vulnerabilities tracked as CVE–2022–36158 and CVE–2022–36159. This is a post from HackRead.com Read the original post: Critical Vulnerabilities Found in Devices That Provide WiFi on Airplanes
Mplayer SVN-r38374-13.0.1 is vulnerable to Memory Leak via vf.c and vf_vo.c.
A path traversal vulnerability in KubeVirt versions up to 0.56 (and 0.55.1) on all platforms allows a user able to configure the kubevirt to read arbitrary files on the host filesystem which are publicly readable or which are readable for UID 107 or GID 107. /proc/self/<> is not accessible.
Red Hat Security Advisory 2022-6542-01 - PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Issues addressed include file overwrite and traversal vulnerabilities.
Red Hat Security Advisory 2022-6540-01 - WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform. Issues addressed include a code execution vulnerability.