Security
Headlines
HeadlinesLatestCVEs

Tag

#mac

CVE-2021-3998: security - CVE-2021-3998 and CVE-2021-3999 in glibc's realpath() and getcwd()

A flaw was found in glibc. The realpath() function can mistakenly return an unexpected value, potentially leading to information leakage and disclosure of sensitive data.

CVE
Open in Source
#vulnerability#web#mac#windows#ubuntu#linux#red_hat#git#php#c++#buffer_overflow#auth
CVE-2021-4209: Null pointer dereference in MD_UPDATE (#1306) · Issues · gnutls / GnuTLS · GitLab

A NULL pointer dereference flaw was found in GnuTLS. As Nettle's hash update functions internally call memcpy, providing zero-length input may cause undefined behavior. This flaw leads to a denial of service after authentication in rare circumstances.

Unusual Microsoft 365 Phishing Campaign Spoofs eFax Via Compromised Dynamics Voice Account

In a widespread campaign, threat actors use a compromised Dynamics 365 Customer Voice business account and a link posing as a survey to steal Microsoft 365 credentials.

Nearly 3 Years Later, SolarWinds CISO Shares 3 Lessons From the Infamous Attack

SolarWinds CISO Tim Brown explains how organizations can prepare for eventualities like the nation-state attack on his company’s software.

Acronis' Midyear Cyberthreats Report Finds Ransomware Is the No. 1 Threat to Organizations, Projects Damages to Exceed $30 Billion by 2023

Increasing complexity in IT continues to lead to breaches and compromises, highlighting the need for more holistic approaches to cyber protection.

CVE-2022-36633: GitHub - gravitational/teleport: The easiest, most secure way to access infrastructure.

Teleport 9.3.6 is vulnerable to Command injection leading to Remote Code Execution. An attacker can craft a malicious ssh agent installation link by URL encoding a bash escape with carriage return line feed. This url encoded payload can be used in place of a token and sent to a user in a social engineering attack. This is fully unauthenticated attack utilizing the trusted teleport server to deliver the payload.

Ubuntu Security Notice USN-5578-1

Ubuntu Security Notice 5578-1 - It was discovered that Open VM Tools incorrectly handled certain requests. An attacker inside the guest could possibly use this issue to gain root privileges inside the virtual machine.

Red Hat Security Advisory 2022-6103-01

Red Hat Security Advisory 2022-6103-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.11.1.

CVE-2022-27812: SNS : risk of DOS on SNS firewall

Flooding SNS firewall 3.7.0 to 3.7.26 with udp or icmp randomizing the source through an internal to internal or external to internal interfaces will lead the firewall to overwork. It will consume 100% CPU, 100 RAM and won't be available and can crash.

How to secure a Mac for your kids

Categories: Explained Categories: Personal Tags: Mac Tags: Parental Controls Tags: Screen Time If you want to know how to secure your Mac so your kids can use it safely, we're here to help. (Read more...) The post How to secure a Mac for your kids appeared first on Malwarebytes Labs.