#web

Ubuntu Security Notice 7039-1 - Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system.

Red Hat Security Advisory 2024-7164-03 - The Migration Toolkit for Containers 1.8.4 is now available. Issues addressed include denial of service and password leak vulnerabilities.

Ubuntu Security Notice 7036-1 - It was discovered that Rack was not properly parsing data when processing multipart POST requests. If a user or automated system were tricked into sending a specially crafted multipart POST request to an application using Rack, a remote attacker could possibly use this issue to cause a denial of service. It was discovered that Rack was not properly escaping untrusted data when performing logging operations, which could cause shell escaped sequences to be written to a terminal. If a user or automated system were tricked into sending a specially crafted request to an application using Rack, a remote attacker could possibly use this issue to execute arbitrary code in the machine running the application.

SchoolPlus version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.

School Log Management System version 1.0 suffers from a PHP code injection vulnerability.

School Dormitory Management System version 1.0 suffers from an ignored default credential vulnerability.

Restaurant POS version 1.0 suffers from a remote SQL injection vulnerability.

A major cyberattack targeting Wi-Fi networks at UK railway stations, including London Euston and Manchester Piccadilly, has caused…

The United States today unveiled sanctions and indictments against the alleged proprietor of Joker's Stash, a now-defunct cybercrime store that peddled tens of millions of payment cards stolen in some of the largest data breaches of the past decade. The government also indicted a top Russian cybercriminal known as Taleon, whose cryptocurrency exchange Cryptex has evolved into one of Russia's most active money laundering networks.

Many spammers have elected to attack web pages and mail servers of legitimate organizations, so they may use these “pirated” resources to send unsolicited email.