Security
Headlines
HeadlinesLatestCVEs

Tag

#ssl

Ubuntu Security Notice USN-6059-1

Ubuntu Security Notice 6059-1 - It was discovered that Erlang did not properly implement TLS client certificate validation during the TLS handshake. A remote attacker could use this issue to bypass client authentication.

Packet Storm
#vulnerability#ubuntu#perl#auth#ssl
Ransomware review: May 2023

LockBit maintained its position as the top ransomware attacker and was also observed expanding into the Mac space. (Read more...) The post Ransomware review: May 2023 appeared first on Malwarebytes Labs.

CVE-2023-29944: GitHub - metersphere/metersphere: MeterSphere 是一站式开源持续测试平台,覆盖测试管理、接口测试、UI 测试和性能测试等。搞测试,就选 MeterSphere!

Metersphere v1.20.20-lts-79d354a6 is vulnerable to Remote Command Execution. The system command reverse-shell can be executed at the custom code snippet function of the metersphere system workbench

CVE-2023-32290: mailbox.org discovers unencrypted password transmission in myMail | mailbox.org

The myMail app through 14.30 for iOS sends cleartext credentials in a situation where STARTTLS is expected by a server.

Transferring WhatsApp Data Between Android and iPhone [2023]

By ghostadmin When you transfer data from an Android to an iOS device, the Move to an iOS app is… This is a post from HackRead.com Read the original post: Transferring WhatsApp Data Between Android and iPhone [2023]

Debian Security Advisory 5399-1

Debian Linux Security Advisory 5399-1 - Several vulnerabilities were discovered in odoo, a suite of web based open source business apps.

Red Hat Security Advisory 2023-2122-01

Red Hat Security Advisory 2023-2122-01 - Libreswan is an implementation of IPsec and IKE for Linux. IPsec is the Internet Protocol Security and uses strong cryptography to provide both authentication and encryption services. These services allow you to build secure tunnels through untrusted networks such as virtual private network.

Packagist Repository Hacked: Over a Dozen PHP Packages with 500 Million Compromised

PHP software package repository Packagist revealed that an "attacker" gained access to four inactive accounts on the platform to hijack over a dozen packages with over 500 million installs to date. "The attacker forked each of the packages and replaced the package description in composer.json with their own message but did not otherwise make any malicious changes," Packagist's Nils Adermann said

CVE-2023-30550: Release v2.9.0 · metersphere/metersphere

MeterSphere is an open source continuous testing platform, covering functions such as test tracking, interface testing, UI testing, and performance testing. This IDOR vulnerability allows the administrator of a project to modify other projects under the workspace. An attacker can obtain some operating permissions. The issue has been fixed in version 2.9.0.

Red Hat Security Advisory 2023-2107-01

Red Hat Security Advisory 2023-2107-01 - The Migration Toolkit for Containers (MTC) 1.7.9 is now available. Red Hat Product Security has rated this update as having a security impact of Moderate. Issues addressed include a denial of service vulnerability.