Security
Headlines
HeadlinesLatestCVEs

Tag

#sap

How Donald Trump Could Weaponize US Surveillance in a Second Term

Donald Trump has vowed to go after political enemies, undocumented immigrants, and others if he wins. Experts warn he could easily turn the surveillance state against his targets.

Wired
Open in Source
#intel#sap
The Unusual Espionage Act Case Against a Drone Photographer

In seemingly the first case of its kind, the US Justice Department has charged a Chinese national with using a drone to photograph a Virginia shipyard where the US Navy was assembling nuclear submarines.

GHSA-4rmg-292m-wg3w: Smarty vulnerable to PHP Code Injection by malicious attribute in extends-tag

### Impact Template authors could inject php code by choosing a malicous file name for an extends-tag. Users that cannot fully trust template authors should update asap. ### Patches Please upgrade to the most recent version of Smarty v4 or v5. There is no patch for v3.

Siemens CP-XXXX Series Exposed Serial Shell

Siemens CP-XXXX Series (CP-2014, CP-2016, CP-2017, CP-2019, CP-5014) expose serial shells on multiple PLCs. A serial interface can be accessed with physical access to the PCB. After connecting to the interface, access to a shell with various debug functions as well as a login prompt is possible. The hardware is no longer produced nor offered to the market.

Debian Security Advisory 5698-1

Debian Linux Security Advisory 5698-1 - Multiple security issues were found in Rack, an interface for developing web applications in Ruby, which could result in denial of service.

How FHE Technology Is Making End-to-End Encryption a Reality

By Uzair Amir Is End-to-End Encryption (E2EE) a Myth? Traditional encryption has vulnerabilities. Fully Homomorphic Encryption (FHE) offers a new hope… This is a post from HackRead.com Read the original post: How FHE Technology Is Making End-to-End Encryption a Reality

Red Hat Security Advisory 2024-3323-03

Red Hat Security Advisory 2024-3323-03 - An update for pcp is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Telecommunications Update Service, and Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions.

Google Detects 4th Chrome Zero-Day in May Actively Under Attack - Update ASAP

Google on Thursday rolled out fixes to address a high-severity security flaw in its Chrome browser that it said has been exploited in the wild. Assigned the CVE identifier CVE-2024-5274, the vulnerability relates to a type confusion bug in the V8 JavaScript and WebAssembly engine. It was reported by Clément Lecigne of Google's Threat Analysis Group and Brendon Tiszka of

WhatsApp Engineers Fear Encryption Flaw Exposes User Data, Memo

By Deeba Ahmed Is your WhatsApp privacy a myth? New reports reveal a vulnerability that could expose who you message to government agents. This is a post from HackRead.com Read the original post: WhatsApp Engineers Fear Encryption Flaw Exposes User Data, Memo

Red Hat Security Advisory 2024-3309-03

Red Hat Security Advisory 2024-3309-03 - An update for glibc is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Telecommunications Update Service, and Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions. Issues addressed include buffer overflow, code execution, null pointer, and out of bounds write vulnerabilities.