AR1200, AR1200-S, AR150, AR160, AR200, AR2200, AR2200-S, AR3200, SRG1300, SRG2300, SRG3300 Security Vulnerabilities

(RHSA-2024:2784) Important: OpenShift Container Platform 4.12.57 security update

Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.12.57. See the following advisory for the container...

Rounding up some of the major headlines from RSA

While I one day wish to make it to the RSA Conference in person, I've never had the pleasure of making the trek to San Francisco for one of the largest security conferences in the U.S. Instead, I had to watch from afar and catch up on the internet every day like the common folk. This at least...

(RHSA-2024:2782) Important: OpenShift Container Platform 4.12.57 security update

Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.12.57. See the following advisory for the RPM...

See a Sneak Peek of Tuesday’s Take Command Summit

In just a few short days, some of the best minds in cybersecurity will come together at Take Command to discuss the most pressing challenges and opportunities we face as an industry. The sessions include in-depth discussions on attacker trends and behaviors, a look into the Rapid7 SOC, top guest...

REXML contains a denial of service vulnerability

Impact The REXML gem before 3.2.6 has a DoS vulnerability when it parses an XML that has many <s>

REXML contains a denial of service vulnerability

Impact The REXML gem before 3.2.6 has a DoS vulnerability when it parses an XML that has many <s>

Security Bulletin: IBM Security Guardium is affected by multiple vulnerabilities

Summary IBM Security Guardium has addressed these vulnerabilities in updates. Vulnerability Details ** CVEID: CVE-2024-20952 DESCRIPTION: **An unspecified vulnerability in Java SE related to the Security component could allow a remote attacker to cause high confidentiality impact and high...

Security Bulletin: IBM Security Guardium is affected by a Kernel vulnerability (CVE-2023-3609)

Summary IBM Security Guardium has addressed this vulnerability in an update. Vulnerability Details ** CVEID: CVE-2023-3609 DESCRIPTION: **Linux Kernel could allow a local authenticated attacker to gain elevated privileges on the system, caused by a use-after-free flaw in the net/sched: cls_u32...

CVE-2024-35176

REXML is an XML toolkit for Ruby. The REXML gem before 3.2.6 has a denial of service vulnerability when it parses an XML that has many <s>

CVE-2024-35176

REXML is an XML toolkit for Ruby. The REXML gem before 3.2.6 has a denial of service vulnerability when it parses an XML that has many <s>

(RHSA-2024:2781) Moderate: OpenShift Container Platform 4.12.57 security update

Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.12.57. See the following advisory for the container...

CVE-2024-35176 REXML contains a denial of service vulnerability

REXML is an XML toolkit for Ruby. The REXML gem before 3.2.6 has a denial of service vulnerability when it parses an XML that has many <s>

How the Qualys Enterprise TruRisk™ Platform Supports CISA Vulnrichment

Introduction In today's interconnected digital landscape, cybersecurity threats pose significant risks to organizations across various sectors. Recognizing the need for a structured approach to identify, prioritize, and address vulnerabilities, the Cybersecurity and Infrastructure Security Agency.....

TotalCloud Container Security Best Practices

Qualys Container Security (CS), an integral part of TotalCloud 2.0, provides a comprehensive view of the security posture of containerized applications. Operationalizing a new technology tool in an enterprise often presents its own challenges. This blog seeks to help the operations team...

The magic of inclusion: Wiz’s journey to democratize cloud security

Empowering every cloud security stakeholder by eliminating...

Deleted iPhone photos show up again after iOS update

iPhone owners are reporting that photos they'd deleted are now back on their phones, after updating to iOS 17.5. With so many users reporting similar oddities, it would seem something went wrong, or at least different than to be expected. Here are some examples from Reddit: “When in conversation...

Wordfence Intelligence Weekly WordPress Vulnerability Report (May 6, 2024 to May 12, 2024)

Did you know we're running a Bug Bounty Extravaganza again? Earn over 6x our usual bounty rates, up to $10,000, for all vulnerabilities submitted through May 27th, 2024 when you opt to have Wordfence handle responsible disclosure! Last week, there were 180 vulnerabilities disclosed in 142...

Talos releases new macOS open-source fuzzer

Cisco Talos has developed a fuzzer that enables us to test macOS software on commodity hardware. Fuzzer utilizes a snapshot-based fuzzing approach and is based on WhatTheFuzz framework. Support for VM state extraction was implemented and WhatTheFuzz was extended to support the loading of VMWare...

Siemens SIMATIC RTLS Locating Manager

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services |.....

Scammers can easily phish your multi-factor authentication codes. Here&#8217;s how to avoid it

More and more websites and services are making multi-factor-authentication (MFA) mandatory, which makes it much harder for cybercriminals to access your accounts. That's a great thing. But as security evolves, so do cybercriminals who are always looking for new ways to scam us. A type of phishing.....

(RHSA-2024:2891) Moderate: httpd:2.4 security update

The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fix(es): mod_http2: httpd: CONTINUATION frames DoS (CVE-2024-27316) mod_http2: reset requests exhaust memory (incomplete fix of CVE-2023-44487) (CVE-2023-45802) For more details...

(RHSA-2024:2890) Important: bind and dhcp security update

The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly. The...

(RHSA-2024:2889) Moderate: gnutls security update

The gnutls packages provide the GNU Transport Layer Security (GnuTLS) library, which implements cryptographic algorithms and protocols such as SSL, TLS, and DTLS. Security Fix(es): gnutls: potential crash during chain building/verification (CVE-2024-28835) gnutls: vulnerable to Minerva...

(RHSA-2024:2888) Important: thunderbird security update

Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 115.11.0. Security Fix(es): firefox: Arbitrary JavaScript execution in PDF.js (CVE-2024-4367) firefox: IndexedDB files retained in private browsing mode (CVE-2024-4767) firefox:...

(RHSA-2024:2887) Important: firefox security update

Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 115.11.0 ESR. Security Fix(es): firefox: Arbitrary JavaScript execution in PDF.js (CVE-2024-4367) firefox: IndexedDB files retained in private...

(RHSA-2024:2886) Important: firefox security update

Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 115.11.0 ESR. Security Fix(es): firefox: Arbitrary JavaScript execution in PDF.js (CVE-2024-4367) firefox: IndexedDB files retained in private...

(RHSA-2024:2885) Important: firefox security update

Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 115.11.0 ESR. Security Fix(es): firefox: Arbitrary JavaScript execution in PDF.js (CVE-2024-4367) firefox: IndexedDB files retained in private...

(RHSA-2024:2884) Important: firefox security update

Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 115.11.0 ESR. Security Fix(es): firefox: Arbitrary JavaScript execution in PDF.js (CVE-2024-4367) firefox: IndexedDB files retained in private...

(RHSA-2024:2883) Important: firefox security update

Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 115.11.0 ESR. Security Fix(es): firefox: Arbitrary JavaScript execution in PDF.js (CVE-2024-4367) firefox: IndexedDB files retained in private...

(RHSA-2024:2882) Important: firefox security update

Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 115.11.0 ESR. Security Fix(es): firefox: Arbitrary JavaScript execution in PDF.js (CVE-2024-4367) firefox: IndexedDB files retained in private...

(RHSA-2024:2881) Important: firefox security update

Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 115.11.0 ESR. Security Fix(es): firefox: Arbitrary JavaScript execution in PDF.js (CVE-2024-4367) firefox: IndexedDB files retained in private...

Security Bulletin: IBM App Connect Enterprise is vulnerable to a denial of service and HTTP request smuggling due to Node.js(CVE-2024-27983 & CVE-2024-27982)

Summary IBM App Connect Enterprise is vulnerable to a denial of service and HTTP request smuggling due to Node.js. This bulletin identifies the steps to take to address the vulnerability. Vulnerability Details ** CVEID: CVE-2024-27983 DESCRIPTION: **Node.js is vulnerable to a denial of service,...

Weights and Biases (wandb) has a Server-Side Request Forgery (SSRF) vulnerability

A Server-Side Request Forgery (SSRF) vulnerability exists in the wandb/wandb repository due to improper handling of HTTP 302 redirects. This issue allows team members with access to the 'User settings -&gt; Webhooks' function to exploit this vulnerability to access internal HTTP(s) servers. In seve...

Weights and Biases (wandb) has a Server-Side Request Forgery (SSRF) vulnerability

A Server-Side Request Forgery (SSRF) vulnerability exists in the wandb/wandb repository due to improper handling of HTTP 302 redirects. This issue allows team members with access to the 'User settings -&gt; Webhooks' function to exploit this vulnerability to access internal HTTP(s) servers. In seve...

CVE-2024-4642

A Server-Side Request Forgery (SSRF) vulnerability exists in the wandb/wandb repository due to improper handling of HTTP 302 redirects. This issue allows team members with access to the 'User settings -&gt; Webhooks' function to exploit this vulnerability to access internal HTTP(s) servers. In seve...

CVE-2024-4642 SSRF due to bad 302 redirect handling in wandb/wandb

A Server-Side Request Forgery (SSRF) vulnerability exists in the wandb/wandb repository due to improper handling of HTTP 302 redirects. This issue allows team members with access to the 'User settings -&gt; Webhooks' function to exploit this vulnerability to access internal HTTP(s) servers. In seve...

CVE-2024-4844

Hardcoded credentials vulnerability in Trellix ePolicy Orchestrator (ePO) on Premise prior to 5.10 Service Pack 1 Update 2 allows an attacker with admin privileges on the ePO server to read the contents of the orion.keystore file, allowing them to access the ePO database encryption key. This was...

CVE-2024-4843

ePO doesn't allow a regular privileged user to delete tasks or assignments. Insecure direct object references that allow a least privileged user to manipulate the client task and client task assignments, hence escalating his/her...

Security Bulletin: AIX is vulnerable to arbitrary command execution due to invscout (CVE-2024-27260)

Summary A vulnerability in the AIX invscout command could allow a non-privileged local user to execute arbitrary commands (CVE-2024-27260). Vulnerability Details ** CVEID: CVE-2024-27260 DESCRIPTION: **IBM AIX could allow a non-privileged local user to exploit a vulnerability in the invscout...

Huawei EulerOS: Security Advisory for shim (EulerOS-SA-2024-1666)

The remote host is missing an update for the Huawei...

Huawei EulerOS: Security Advisory for mdadm (EulerOS-SA-2024-1659)

The remote host is missing an update for the Huawei...

Huawei EulerOS: Security Advisory for shim-signed (EulerOS-SA-2024-1667)

The remote host is missing an update for the Huawei...

Huawei EulerOS: Security Advisory for cups (EulerOS-SA-2024-1646)

The remote host is missing an update for the Huawei...

Huawei EulerOS: Security Advisory for procps-ng (EulerOS-SA-2024-1662)

The remote host is missing an update for the Huawei...

K000139652: Intel CPU vulnerability CVE-2023-23583

Security Advisory Description Sequence of processor instructions leads to unexpected behavior for some Intel(R) Processors may allow an authenticated user to potentially enable escalation of privilege and/or information disclosure and/or denial of service via local access. (CVE-2023-23583) Impact.....

Huawei EulerOS: Security Advisory for glibc (EulerOS-SA-2024-1650)

The remote host is missing an update for the Huawei...

Huawei EulerOS: Security Advisory for openssl098e (EulerOS-SA-2024-1661)

The remote host is missing an update for the Huawei...

K000139630: Expat vulnerability CVE-2023-52425

Security Advisory Description libexpat through 2.5.0 allows a denial of service (resource consumption) because many full reparsings are required in the case of a large token for which multiple buffer fills are needed. (CVE-2023-52425) Impact An attacker may be able to cause an increase in memory...

Huawei EulerOS: Security Advisory for libtiff (EulerOS-SA-2024-1655)

The remote host is missing an update for the Huawei...

Ubuntu: Security Advisory (USN-6766-2)

The remote host is missing an update for...