Security
Headlines
HeadlinesLatestCVEs

Tag

#ssl

OpenSSL: From FIPS 140-2 upstream to 140-3 downstream

<h3>Red Hat Enterprise Linux 9.0 and OpenSSL 3.0</h3> <p>During the development of Red Hat Enterprise Linux (RHEL) 9, we decided to switch to OpenSSL 3.0 even though we were not sure that it would be finalized early enough. This decision was made to significantly reduce our maintenance burden during the 10+ years of RHEL 9 support.</p> <p>One of the anticipated changes in OpenSSL 3.0 was the new provider model. The provider that we were particularly interested in was the one implementing Federal Information Processing

Red Hat Blog
Open in Source
#vulnerability#ios#mac#linux#red_hat#git#perl#auth#ssl
CVE-2022-46449: MPD crashes on windows when large input is submitted · Issue #1676 · MusicPlayerDaemon/MPD

An issue in MPD (Music Player Daemon) v0.23.10 allows attackers to cause a Denial of Service (DoS) via a crafted input.

CVE-2022-38482: HOPEX Platform

A link-manipulation issue was discovered in Mega HOPEX 15.2.0.6110 before V5CP4.

65% of Organizations Plan to Adopt a Security Service Edge Platform in Next 2 Years: Axis Security

2023 Security Service Edge (SSE) Adoption Report finds that SSE technology addresses key pain points including much-needed solution consolidation, transition to hybrid work and need for hardened security.

US school district sues Facebook, Instagram, Snapchat, TikTok over harm to kids

Categories: News Tags: Facebook Tags: Instagram Tags: Snapchat Tags: TikTok Tags: YouTube Tags: Section 230 Tags: Seattle Public School Tags: SPS Tags: Meta Tags: Alphabet Tags: Snap Tags: ByteDance A whole school district in Seattle is suing social media giants for causing harm to kids and youths. (Read more...) The post US school district sues Facebook, Instagram, Snapchat, TikTok over harm to kids appeared first on Malwarebytes Labs.

Expert Analysis Reveals Cryptographic Weaknesses in Threema Messaging App

A comprehensive analysis of the cryptographic protocols used in the Swiss encrypted messaging application Threema has revealed a number of loopholes that could be exploited to break authentication protections and even recover users' private keys. The seven attacks span three different threat models, according to ETH Zurich researchers Kenneth G. Paterson, Matteo Scarlata, and Kien Tuong Truong,

Red Hat Security Advisory 2023-0045-01

Red Hat Security Advisory 2023-0045-01 - Virtual Network Computing is a remote display system which allows users to view a computing desktop environment not only on the machine where it is running, but from anywhere on the Internet and from a wide variety of machine architectures. TigerVNC is a suite of VNC servers and clients. Issues addressed include out of bounds access and use-after-free vulnerabilities.

Latest Firmware Flaws in Qualcomm Snapdragon Need Attention

The issue concerns the boot layer of ARM chips, which are driving a low-power mobile ecosystem that includes 5G smartphones and base stations.

CVE-2022-46603: GitHub - 10cks/inkdropPoc: inkdrop XSS to RCE Poc

An issue in Inkdrop v5.4.1 allows attackers to execute arbitrary commands via uploading a crafted markdown file.