#web

Red Hat Security Advisory 2023-7508-01 - An update for firefox is now available for Red Hat Enterprise Linux 8. Issues addressed include a use-after-free vulnerability.

Red Hat Security Advisory 2023-7507-01 - An update for firefox is now available for Red Hat Enterprise Linux 9. Issues addressed include a use-after-free vulnerability.

Red Hat Security Advisory 2023-7506-01 - An update for thunderbird is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Issues addressed include a use-after-free vulnerability.

Red Hat Security Advisory 2023-7505-01 - An update for thunderbird is now available for Red Hat Enterprise Linux 7. Issues addressed include a use-after-free vulnerability.

Red Hat Security Advisory 2023-7504-01 - An update for thunderbird is now available for Red Hat Enterprise Linux 8.8 Extended Update Support. Issues addressed include a use-after-free vulnerability.

Red Hat Security Advisory 2023-7503-01 - An update for thunderbird is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Issues addressed include a use-after-free vulnerability.

By Deeba Ahmed The victim company, Gellyberry Studios, an independent game studio, developed Ethyrial: Echoes of Yore. This is a post from HackRead.com Read the original post: Ethyrial: Echoes of Yore Hit by Ransomware, Player Accounts Deleted

As cloud technology evolves, so does the challenge of securing sensitive data. In a world where data duplication and sprawl are common, organizations face increased risks of non-compliance and unauthorized data breaches. Sentra's DSPM (Data Security Posture Management) emerges as a comprehensive solution, offering continuous discovery and accurate classification of sensitive data in the cloud.

Cybersecurity researchers have detailed a "severe design flaw" in Google Workspace's domain-wide delegation (DWD) feature that could be exploited by threat actors to facilitate privilege escalation and obtain unauthorized access to Workspace APIs without super admin privileges. "Such exploitation could result in theft of emails from Gmail, data exfiltration from Google Drive, or other

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Delta Electronics Equipment: InfraSuite Device Master Vulnerabilities: Path Traversal, Deserialization of Untrusted Data, Exposed Dangerous Method or Function. 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to remotely execute arbitrary code and obtain plaintext credentials. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following Delta Electronics products are affected: InfraSuite Device Master: Versions 1.0.7 and prior 3.2 Vulnerability Overview 3.2.1 PATH TRAVERSAL CWE-35 In Delta Electronics InfraSuite Device Master v.1.0.7, a vulnerability exists that allows an attacker to write to any file to any location of the filesystem, which could lead to remote code execution. CVE-2023-46690 has been assigned to this vulnerability. A CVSS v3.1 base score of 8.8 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H...