Security
Headlines
HeadlinesLatestCVEs

Tag

#web

Gentoo Linux Security Advisory 202405-04

Gentoo Linux Security Advisory 202405-4 - Multiple vulnerabilities have been discovered in systemd, the worst of which can lead to a denial of service. Versions greater than or equal to 252.4 are affected.

Packet Storm
Open in Source
#vulnerability#web#mac#linux#dos
Gentoo Linux Security Advisory 202405-03

Gentoo Linux Security Advisory 202405-3 - A vulnerability has been discovered in Dalli, which can lead to code injection. Versions greater than or equal to 3.2.3 are affected.

Red Hat Security Advisory 2024-2700-03

Red Hat Security Advisory 2024-2700-03 - An update for varnish is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Issues addressed include a denial of service vulnerability.

Gentoo Linux Security Advisory 202405-02

Gentoo Linux Security Advisory 202405-2 - Multiple vulnerabilities have been discovered in ImageMagick, the worst of which can lead to remote code execution. Versions greater than or equal to 6.9.13.0 are affected.

Critical Cybersecurity Loopholes Found in Paris 2024 Olympics Infrastructure

By Deeba Ahmed Paris 2024 Olympics face cybersecurity threats. Outpost24 analysis reveals open ports, SSL misconfigurations, and more. Can the organizers secure the Games in time? Read for critical insights and potential consequences. This is a post from HackRead.com Read the original post: Critical Cybersecurity Loopholes Found in Paris 2024 Olympics Infrastructure

Fully Offline Electronic Cash: Is It an Intractable Problem?

By Daily Contributors Is truly offline offline electronic Cash possible? Unlike Bitcoin, experts dig deeper into the technical hurdles of creating software-based cash that works without the internet. Discover why achieving this might be a tougher nut to crack than expected. This is a post from HackRead.com Read the original post: Fully Offline Electronic Cash: Is It an Intractable Problem?

A Checklist for What Every Online Coding Class for Kids Needs

By Uzair Amir Is your coding class engaging and effective? Learn what makes the best online coding classes for kids fun, effective, and future-proof! This is a post from HackRead.com Read the original post: A Checklist for What Every Online Coding Class for Kids Needs

A New Surveillance Tool Invades Border Towns

Plus: An assassination plot, an AI security bill, a Project Nimbus revelation, and more of the week’s top security news.

New Goldoon Botnet Targeting D-Link Devices by Exploiting 9-Year-Old Flaw

By Waqas A new botnet called Goldoon targets D-Link routers and NAS devices putting them at risk of DDoS attacks and more. Learn how weak credentials leave you vulnerable and how to secure your network. pen_spark This is a post from HackRead.com Read the original post: New Goldoon Botnet Targeting D-Link Devices by Exploiting 9-Year-Old Flaw

GHSA-g7vv-2v7x-gj9p: tqdm CLI arguments injection attack

### Impact Any optional non-boolean CLI arguments (e.g. `--delim`, `--buf-size`, `--manpath`) are passed through python's `eval`, allowing arbitrary code execution. Example: ```sh python -m tqdm --manpath="\" + str(exec(\"import os\nos.system('echo hi && killall python3')\")) + \"" ``` ### Patches https://github.com/tqdm/tqdm/commit/4e613f84ed2ae029559f539464df83fa91feb316 released in `tqdm>=4.66.3` ### Workarounds None ### References - https://github.com/tqdm/tqdm/releases/tag/v4.66.3