Security
Headlines
HeadlinesLatestCVEs

Tag

#vulnerability

SQLite3 generate_series Stack Buffer Underflow

SQLite3 suffers from a stack buffer underflow condition in seriesBestIndex in the generate_series extension.

Packet Storm
Open in Source
#sql#vulnerability#google
Red Hat Security Advisory 2024-8425-03

Red Hat Security Advisory 2024-8425-03 - Red Hat OpenShift Container Platform release 4.15.37 is now available with updates to packages and images that fix several bugs and add enhancements. Issues addressed include denial of service and traversal vulnerabilities.

Google: Big Sleep AI Agent Puts SQLite Software Bug to Bed

A research tool by the company found a vulnerability in the SQLite open source database, demonstrating the "defensive potential" for using LLMs to find vulnerabilities in applications before they're publicly released.

Hackers Claim Access to Nokia Internal Data, Selling for $20,000

Hackers claim to have breached Nokia through a third-party contractor, allegedly stealing SSH keys, source code, and internal…

Critical Flaws in Ollama AI Framework Could Enable DoS, Model Theft, and Poisoning

Cybersecurity researchers have disclosed six security flaws in the Ollama artificial intelligence (AI) framework that could be exploited by a malicious actor to perform various actions, including denial-of-service, model poisoning, and model theft. "Collectively, the vulnerabilities could allow an attacker to carry out a wide-range of malicious actions with a single HTTP request, including

GHSA-752q-72qc-rc66: Apache Kylin Session Fixation vulnerability

Session Fixation vulnerability in Apache Kylin. This issue affects Apache Kylin: from 2.0.0 through 4.x. Users are recommended to upgrade to version 5.0.0 or above, which fixes the issue.

GHSA-q3rp-vvm7-j8jg: Safearchive Path Traversal vulnerability

There exists a Path Traversal vulnerability in Safearchive on Platforms with Case-Insensitive Filesystems (e.g., NTFS). This allows Attackers to Write Arbitrary Files via Archive Extraction containing symbolic links. We recommend upgrading past commit f7ce9d7b6f9c6ecd72d0b0f16216b046e55e44dc

THN Recap: Top Cybersecurity Threats, Tools, and Practices (Oct 28 - Nov 03)

This week was a total digital dumpster fire! Hackers were like, "Let's cause some chaos!" and went after everything from our browsers to those fancy cameras that zoom and spin. (You know, the ones they use in spy movies? 🕵️‍♀️) We're talking password-stealing bots, sneaky extensions that spy on you, and even cloud-hacking ninjas! 🥷 It's enough to make you want to chuck your phone in the ocean.

Cyber Threats That Could Impact the Retail Industry This Holiday Season (and What to Do About It)

As the holiday season approaches, retail businesses are gearing up for their annual surge in online (and in-store) traffic. Unfortunately, this increase in activity also attracts cybercriminals looking to exploit vulnerabilities for their gain.  Imperva, a Thales company, recently published its annual holiday shopping cybersecurity guide. Data from the Imperva Threat Research team’s

Google’s AI Tool Big Sleep Finds Zero-Day Vulnerability in SQLite Database Engine

Google said it discovered a zero-day vulnerability in the SQLite open-source database engine using its large language model (LLM) assisted framework called Big Sleep (formerly Project Naptime). The tech giant described the development as the "first real-world vulnerability" uncovered using the artificial intelligence (AI) agent. "We believe this is the first public example of an AI agent finding