Security
Headlines
HeadlinesLatestCVEs

Tag

#web

Red Hat Security Advisory 2023-5967-01

Red Hat Security Advisory 2023-5967-01 - An update for collectd-libpod-stats and etcd is now available for Red Hat OpenStack Platform 16.1.9. Issues addressed include a denial of service vulnerability.

Packet Storm
Open in Source
#vulnerability#web#red_hat#ddos#dos#js
Red Hat Security Advisory 2023-5965-01

Red Hat Security Advisory 2023-5965-01 - An update for collectd-libpod-stats and etcd is now available for Red Hat OpenStack Platform 16.2.5. Issues addressed include a denial of service vulnerability.

Red Hat Security Advisory 2023-5964-01

Red Hat Security Advisory 2023-5964-01 - An update for collectd-libpod-stats is now available for Red Hat OpenStack Platform 16.2.5. Issues addressed include a denial of service vulnerability.

Red Hat Security Advisory 2023-5715-01

Red Hat Security Advisory 2023-5715-01 - An update for the nginx:1.20 module is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Issues addressed include a denial of service vulnerability.

Red Hat Security Advisory 2023-5712-01

Red Hat Security Advisory 2023-5712-01 - An update for the nginx:1.20 module is now available for Red Hat Enterprise Linux 8. Issues addressed include a denial of service vulnerability.

Contractor Database Leak Exposes 500K Irish Police Vehicle Seizure Records

By Waqas This marks the fourth data security incident to affect a UK police department in 2023. This is a post from HackRead.com Read the original post: Contractor Database Leak Exposes 500K Irish Police Vehicle Seizure Records

CVE-2023-46315: Require secret key configuration when enabling gradio auth by zanllp · Pull Request #368 · zanllp/sd-webui-infinite-image-browsing

The zanllp sd-webui-infinite-image-browsing (aka Infinite Image Browsing) extension before 977815a for stable-diffusion-webui (aka Stable Diffusion web UI), if Gradio authentication is enabled without secret key configuration, allows remote attackers to read any local file via /file?path= in the URL, as demonstrated by reading /proc/self/environ to discover credentials.

CVE-2023-46306

The web administration interface in NetModule Router Software (NRSW) 4.6 before 4.6.0.106 and 4.8 before 4.8.0.101 executes an OS command constructed with unsanitized user input: shell metacharacters in the /admin/gnssAutoAlign.php device_id parameter. This occurs because another thread can be started before the trap that triggers the cleanup function. A successful exploit could allow an authenticated user to execute arbitrary commands with elevated privileges. NOTE: this is different from CVE-2023-0861 and CVE-2023-0862, which were fixed in version 4.6.0.105.

What is the Dark Web, Search Engines, and What Not to Do on the Dark Web

By Waqas In this article, we will delve deeper into what is the dark web, exploring its definition, the top… This is a post from HackRead.com Read the original post: What is the Dark Web, Search Engines, and What Not to Do on the Dark Web

CVE-2023-38735: Security Bulletin: IBM Cognos Dashboards on Cloud Pak for Data has addressed security vulnerabilities

IBM Cognos Dashboards on Cloud Pak for Data 4.7.0 could allow a remote attacker to bypass security restrictions, caused by a reverse tabnabbing flaw. An attacker could exploit this vulnerability and redirect a victim to a phishing site. IBM X-Force ID: 262482.