Security
Headlines
HeadlinesLatestCVEs

Tag

#perl

Ubuntu Security Notice USN-7089-1

Ubuntu Security Notice 7089-1 - Chenyuan Yang discovered that the USB Gadget subsystem in the Linux kernel did not properly check for the device to be enabled before writing. A local attacker could possibly use this to cause a denial of service. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system.

Packet Storm
Open in Source
#vulnerability#mac#google#microsoft#ubuntu#linux#dos#perl#samba#amd
Developer Velocity & Security: Can You Get Out of the Way in Time?

When a CISO can articulate risk in context to the business as a whole, development teams can better prioritize their activities.

New Phishing Kit Xiū gǒu Targets Users Across Five Countries With 2,000 Fake Sites

Cybersecurity researchers have disclosed a new phishing kit that has been put to use in campaigns targeting Australia, Japan, Spain, the U.K., and the U.S. since at least September 2024. Netcraft said more than 2,000 phishing websites have been identified the kit, known as Xiū gǒu, with the offering used in attacks aimed at a variety of verticals, such as public sectors, postal, digital services

GHSA-hhhv-ggjx-q9j2: Glossarizer Cross-site Scripting vulnerability

Glossarizer through 1.5.2 improperly tries to convert text into HTML. Even though the application itself escapes special characters (e.g., <>), the underlying library converts these encoded characters into legitimate HTML, thereby possibly causing stored XSS. Attackers can append a XSS payload to a word that has a corresponding glossary entry.

NVIDIA shader out-of-bounds and eleven LevelOne router vulnerabilities

Cisco Talos' Vulnerability Research team recently discovered five Nvidia out-of-bounds access vulnerabilities in shader processing, as well as eleven LevelOne router vulnerabilities spanning a range of possible exploits. For Snort coverage that can detect the exploitation of these vulnerabilities, download the latest rule sets from Snort.org, and our

‘We’re a Fortress Now’: The Militarization of US Elections Is Here

From bulletproof glass, drones, and snipers to boulders blocking election offices, the US democratic system is bracing for violent attacks in 2024.

ABB Cylon Aspect 3.08.01 jsonProxy.php Cross Site Scripting

ABB Cylon Aspect version 3.08.01 suffers from an unauthenticated reflected cross-site scripting vulnerability. Input passed to the GET parameters query and application is not properly sanitized before being returned to the user. This can be exploited to execute arbitrary HTML/JS code in a user's browser session in context of an affected site.

Red Hat Security Advisory 2024-8617-03

Red Hat Security Advisory 2024-8617-03 - An update for kernel is now available for Red Hat Enterprise Linux 9.

Red Hat Security Advisory 2024-8614-03

Red Hat Security Advisory 2024-8614-03 - An update for kernel-rt is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Issues addressed include null pointer and use-after-free vulnerabilities.