Security
Headlines
HeadlinesLatestCVEs

Tag

#mac

Google Urged to Stop Tracking Location Data Ahead of Roe Reversal

Lawmakers argue Android phone data could be “weaponized against women” if the US Supreme Court officially overturns abortion protections.

Wired
Open in Source
#android#mac#apple#google#git#wifi
RHSA-2022:4712: Red Hat Security Advisory: RHV Engine and Host Common Packages security update

Updated dependency packages for ovirt-engine and ovirt-host that fix several bugs and add various enhancements are now available. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-24302: python-paramiko: Race condition in the write_private_key_file function

RHSA-2022:4764: Red Hat Security Advisory: RHV RHEL Host (ovirt-host) [ovirt-4.5.0] security update

Updated host packages that fix several bugs and add various enhancements are now available. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-0207: vdsm: disclosure of sensitive values in log files

CVE-2022-21827: Citrix Gateway Plug-in for Windows Security Bulletin for CVE-2022-21827

An improper privilege vulnerability has been discovered in Citrix Gateway Plug-in for Windows (Citrix Secure Access for Windows) <21.9.1.2 what could allow an attacker who has gained local access to a computer with Citrix Gateway Plug-in installed, to corrupt or delete files as SYSTEM.

The FDA's New Cybersecurity Guidance for Medical Devices Reminds Us That Safety & Security Go Hand in Hand

The new draft guidance on premarket submissions incorporates quality system regulations and doubles down on a life-cycle approach to product security.

VMware, Airline Targeted as Ransomware Chaos Reigns

Global ransomware incidents target everything from enterprise servers to grounding an airline, with one India-based group even taking a Robin Hood approach to extortion with the "GoodWill" strain.

ChromeOS usbguard Bypass

ChromeOS uses usbguard when the screen is locked but appears to suffer from bypass issues.

CVE-2022-30789

A crafted NTFS image can cause a heap-based buffer overflow in ntfs_check_log_client_array in NTFS-3G through 2021.8.22.

Big Cyber Hits on GM, Chicago Public Schools, & Zola Showcase the Password Problem

Credential-stuffing attacks against online accounts are still popular, and they work thanks to continuing password reuse.

CVE-2021-40317: [11.5.0]SQL Injection Vulnerability · Issue #1470 · Piwigo/Piwigo

Piwigo 11.5.0 is affected by a SQL injection vulnerability via admin.php and the id parameter.