Newsletter Via SMTP, Sendinblue, Sendgrid, Mailgun - AcyMailing SMTP Newsletter Security Vulnerabilities
IT threat evolution Q1 2024 IT threat evolution Q1 2024. Mobile statistics IT threat evolution Q1 2024. Non-mobile statistics Targeted attacks Operation Triangulation: the final mystery Last June, we published a series of reports on Operation Triangulation, a previously unknown iOS malware...
0.003EPSS
IT threat evolution in Q1 2024. Non-mobile statistics
IT threat evolution Q1 2024 IT threat evolution Q1 2024. Mobile statistics IT threat evolution Q1 2024. Non-mobile statistics The statistics presented here are based on detection verdicts by Kaspersky products and services received from users who consented to providing statistical data. Quarterly.....
Multiple improper authorization vulnerabilities [CWE-285] in FortiWeb version 7.4.2 and below, version 7.2.7 and below, version 7.0.10 and below, version 6.4.3 and below, version 6.3.23 and below may allow an authenticated attacker to perform unauthorized ADOM operations via crafted...
A URL redirection to untrusted site ('open redirect') in Fortinet FortiAuthenticator version 6.6.0, version 6.5.3 and below, version 6.4.9 and below may allow an attacker to to redirect users to an arbitrary website via a crafted...
An improper authorization in Fortinet FortiWebManager version 7.2.0 and 7.0.0 through 7.0.4 and 6.3.0 and 6.2.3 through 6.2.4 and 6.0.2 allows attacker to execute unauthorized code or commands via HTTP requests or...
An improper authorization in Fortinet FortiWebManager version 7.2.0 and 7.0.0 through 7.0.4 and 6.3.0 and 6.2.3 through 6.2.4 and 6.0.2 allows attacker to execute unauthorized code or commands via HTTP requests or...
An improper authorization in Fortinet FortiWebManager version 7.2.0 and 7.0.0 through 7.0.4 and 6.3.0 and 6.2.3 through 6.2.4 and 6.0.2 allows attacker to execute unauthorized code or commands via HTTP requests or...
dahaboo.com Cross Site Scripting vulnerability OBB-3932630
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
In the Linux kernel, the following vulnerability has been resolved: i40e: fix vf may be used uninitialized in this function warning To fix the regression introduced by commit 52424f974bc5, which causes servers hang in very hard to reproduce conditions with resets races. Using two sources for the...
A client-side enforcement of server-side security in Fortinet FortiPortal version 6.0.0 through 6.0.14 allows attacker to improper access control via crafted HTTP...
An improper removal of sensitive information before storage or transfer vulnerability [CWE-212] in FortiSOAR version 7.3.0, version 7.2.2 and below, version 7.0.3 and below may allow an authenticated low privileged user to read Connector passwords in plain-text via HTTP...
An exposure of sensitive information to an unauthorized actor vulnerability [CWE-200] in FortiWeb version 7.4.0, version 7.2.4 and below, version 7.0.8 and below, 6.3 all versions may allow an authenticated attacker to read password hashes of other administrators via CLI...
CVE-2024-36963 tracefs: Reset permissions on remount if permissions are options
In the Linux kernel, the following vulnerability has been resolved: tracefs: Reset permissions on remount if permissions are options There's an inconsistency with the way permissions are handled in tracefs. Because the permissions are generated when accessed, they default to the root inode's...
(RHSA-2024:3545) Important: nodejs security update
Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Security Fix(es): nodejs: HTTP Request Smuggling via Content Length Obfuscation (CVE-2024-27982) nodejs: CONTINUATION frames DoS (CVE-2024-27983) For more...
0.0004EPSS
(RHSA-2024:3543) Moderate: python-idna security and bug fix update
Security Fix(es): python-idna: potential DoS via resource consumption via specially crafted inputs to idna.encode()...
Huawei EulerOS: Security Advisory for shim (EulerOS-SA-2024-1793)
The remote host is missing an update for the Huawei...
0.003EPSS
Huawei EulerOS: Security Advisory for libxml2 (EulerOS-SA-2024-1791)
The remote host is missing an update for the Huawei...
0.0005EPSS
Huawei EulerOS: Security Advisory for expat (EulerOS-SA-2024-1786)
The remote host is missing an update for the Huawei...
0.001EPSS
Huawei EulerOS: Security Advisory for linux-sgx (EulerOS-SA-2024-1804)
The remote host is missing an update for the Huawei...
0.002EPSS
0.007EPSS
0.005EPSS
0.001EPSS
0.001EPSS
Huawei EulerOS: Security Advisory for dnsmasq (EulerOS-SA-2024-1796)
The remote host is missing an update for the Huawei...
0.037EPSS
Huawei EulerOS: Security Advisory for ncurses (EulerOS-SA-2024-1805)
The remote host is missing an update for the Huawei...
0.0004EPSS
Huawei EulerOS: Security Advisory for expat (EulerOS-SA-2024-1798)
The remote host is missing an update for the Huawei...
0.001EPSS
0.0005EPSS
Huawei EulerOS: Security Advisory for grub2 (EulerOS-SA-2024-1787)
The remote host is missing an update for the Huawei...
0.0005EPSS
Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2024-1788)
The remote host is missing an update for the Huawei...
0.003EPSS
Huawei EulerOS: Security Advisory for less (EulerOS-SA-2024-1801)
The remote host is missing an update for the Huawei...
0.0004EPSS
Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2024-1800)
The remote host is missing an update for the Huawei...
0.003EPSS
0.0004EPSS
Huawei EulerOS: Security Advisory for docker-engine (EulerOS-SA-2024-1797)
The remote host is missing an update for the Huawei...
0.02EPSS
Huawei EulerOS: Security Advisory for docker-engine (EulerOS-SA-2024-1785)
The remote host is missing an update for the Huawei...
0.02EPSS
Huawei EulerOS: Security Advisory for bind (EulerOS-SA-2024-1783)
The remote host is missing an update for the Huawei...
0.037EPSS
Huawei EulerOS: Security Advisory for libuv (EulerOS-SA-2024-1790)
The remote host is missing an update for the Huawei...
0.001EPSS
Huawei EulerOS: Security Advisory for bind (EulerOS-SA-2024-1795)
The remote host is missing an update for the Huawei...
0.037EPSS
Huawei EulerOS: Security Advisory for less (EulerOS-SA-2024-1789)
The remote host is missing an update for the Huawei...
0.0004EPSS
Huawei EulerOS: Security Advisory for unbound (EulerOS-SA-2024-1807)
The remote host is missing an update for the Huawei...
0.037EPSS
Huawei EulerOS: Security Advisory for ncurses (EulerOS-SA-2024-1792)
The remote host is missing an update for the Huawei...
0.0004EPSS
Huawei EulerOS: Security Advisory for libuv (EulerOS-SA-2024-1802)
The remote host is missing an update for the Huawei...
0.001EPSS
Huawei EulerOS: Security Advisory for grub2 (EulerOS-SA-2024-1799)
The remote host is missing an update for the Huawei...
0.0005EPSS
Huawei EulerOS: Security Advisory for libxml2 (EulerOS-SA-2024-1803)
The remote host is missing an update for the Huawei...
0.0005EPSS
Huawei EulerOS: Security Advisory for dnsmasq (EulerOS-SA-2024-1784)
The remote host is missing an update for the Huawei...
0.037EPSS
Huawei EulerOS: Security Advisory for unbound (EulerOS-SA-2024-1794)
The remote host is missing an update for the Huawei...
0.037EPSS
0.0004EPSS
Huawei EulerOS: Security Advisory for shim (EulerOS-SA-2024-1806)
The remote host is missing an update for the Huawei...
0.003EPSS
Multiple stack-based buffer overflow vulnerabilities exist in the readOFF functionality of libigl v2.5.0. A specially crafted .off file can lead to stack-based buffer overflow. An attacker can provide a malicious file to trigger this vulnerability.This vulnerability concerns the parsing of...
Multiple stack-based buffer overflow vulnerabilities exist in the readOFF functionality of libigl v2.5.0. A specially crafted .off file can lead to stack-based buffer overflow. An attacker can provide a malicious file to trigger this vulnerability.This vulnerability concerns the header parsing...