RHEL 8 : libreoffice (RHSA-2024:1480)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:1480 advisory. LibreOffice is an open source, community-developed office productivity suite. It includes key desktop applications, such as a word...
8.8CVSS
9.2AI Score
0.001EPSS
7.5CVSS
7.4AI Score
0.001EPSS
Releases Ubuntu 20.04 LTS Packages firefox - Mozilla Open Source web browser Details Manfred Paul discovered that Firefox did not properly perform bounds checking during range analysis, leading to an out-of-bounds write vulnerability. A attacker could use this to cause a denial of service, or...
7.8AI Score
0.0005EPSS
7.6AI Score
0.0004EPSS
[SECURITY] [DSA 5645-1] firefox-esr security update
Debian Security Advisory DSA-5645-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso March 23, 2024 https://www.debian.org/security/faq Package : firefox-esr CVE ID : CVE-2024-29944 Manfred Paul...
5.8AI Score
0.0004EPSS
Sr2T - Converts Scanning Reports To A Tabular Format
Scanning reports to tabular (sr2t) This tool takes a scanning tool's output file, and converts it to a tabular format (CSV, XLSX, or text table). This tool can process output from the following tools: Nmap (XML); Nessus (XML); Nikto (XML); Dirble (XML); Testssl (JSON); Fortify (FPR). Rationale...
6.6AI Score
[SECURITY] [DLA 3769-1] thunderbird security update
Debian LTS Advisory DLA-3769-1 [email protected] https://www.debian.org/lts/security/ Emilio Pozuelo Monfort March 23, 2024 https://wiki.debian.org/LTS Package : thunderbird Version : 1:115.9.0-1~deb10u1 CVE...
7.5CVSS
8.9AI Score
0.001EPSS
Debian dla-3769 : thunderbird - security update
The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3769 advisory. NSS was susceptible to a timing side-channel attack when performing RSA decryption. This attack could potentially allow an attacker to recover the private...
7.5CVSS
9AI Score
0.001EPSS
Debian dsa-5645 : firefox-esr - security update
The remote Debian 11 / 12 host has packages installed that are affected by a vulnerability as referenced in the dsa-5645 advisory. An attacker was able to inject an event handler into a privileged object that would allow arbitrary JavaScript execution in the parent process. Note: This...
5.8AI Score
0.0004EPSS
AlmaLinux 9 : libreoffice (ALSA-2024:1427)
The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2024:1427 advisory. Improper Input Validation vulnerability in GStreamer integration of The Document Foundation LibreOffice allows an attacker to execute arbitrary...
8.8CVSS
9.3AI Score
0.001EPSS
7.5CVSS
7.4AI Score
0.001EPSS
Debian dsa-5644 : thunderbird - security update
The remote Debian 11 / 12 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5644 advisory. NSS was susceptible to a timing side-channel attack when performing RSA decryption. This attack could potentially allow an attacker to recover the...
7.5CVSS
9AI Score
0.001EPSS
7.5CVSS
7.4AI Score
0.001EPSS
[SECURITY] [DSA 5644-1] thunderbird security update
Debian Security Advisory DSA-5644-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff March 21, 2024 https://www.debian.org/security/faq Package : thunderbird CVE ID : CVE-2023-5388 CVE-2024-0743...
7.5CVSS
7.8AI Score
0.001EPSS
[SECURITY] [DSA 5643-1] firefox-esr security update
Debian Security Advisory DSA-5643-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff March 21, 2024 https://www.debian.org/security/faq Package : firefox-esr CVE ID : CVE-2023-5388 CVE-2024-0743...
7.5CVSS
7.1AI Score
0.001EPSS
(RHSA-2024:1473) Important: libreoffice security update
LibreOffice is an open source, community-developed office productivity suite. It includes key desktop applications, such as a word processor, a spreadsheet, a presentation manager, a formula editor, and a drawing program. LibreOffice replaces OpenOffice and provides a similar but enhanced and...
7.3AI Score
0.001EPSS
Debian dsa-5643 : firefox-esr - security update
The remote Debian 11 / 12 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5643 advisory. NSS was susceptible to a timing side-channel attack when performing RSA decryption. This attack could potentially allow an attacker to recover the...
7.5CVSS
8.6AI Score
0.001EPSS
RHEL 8 : libreoffice (RHSA-2024:1473)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:1473 advisory. LibreOffice is an open source, community-developed office productivity suite. It includes key desktop applications, such as a word...
8.8CVSS
9.2AI Score
0.001EPSS
Android malware, Android malware and more Android malware
Introduction Malware for mobile devices is something we come across very often. In 2023, our technologies blocked 33.8 million malware, adware, and riskware attacks on mobile devices. One of 2023's most resonant attacks was Operation Triangulation, targeting iOS, but that was rather a unique case.....
7.1AI Score
Ubuntu 20.04 LTS : Firefox vulnerabilities (USN-6703-1)
The remote Ubuntu 20.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6703-1 advisory. NSS was susceptible to a timing side-channel attack when performing RSA decryption. This attack could potentially allow an attacker to recover the...
8.8AI Score
0.0004EPSS
Releases Ubuntu 20.04 LTS Packages firefox - Mozilla Open Source web browser Details Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive...
8.6AI Score
0.0004EPSS
Oracle Linux 9 : libreoffice (ELSA-2024-1427)
The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-1427 advisory. Insufficient macro permission validation of The Document Foundation LibreOffice allows an attacker to execute built-in macros without warning. In...
8.8CVSS
9.3AI Score
0.001EPSS
[1:7.1.8.1-12.0.1] - Replace colors with Oracle colors [Orabug: 32120093] - Added the --with-hamcrest option to configure. [1:7.1.8.1-12] - Fix CVE-2023-6185 escape url passed to gstreamer - Fix CVE-2023-6186 check link target...
8.8CVSS
6.6AI Score
0.001EPSS
(RHSA-2024:1427) Important: libreoffice security update
LibreOffice is an open source, community-developed office productivity suite. It includes key desktop applications, such as a word processor, a spreadsheet, a presentation manager, a formula editor, and a drawing program. LibreOffice replaces OpenOffice and provides a similar but enhanced and...
7.3AI Score
0.001EPSS
(RHSA-2024:1425) Important: libreoffice security update
LibreOffice is an open source, community-developed office productivity suite. It includes key desktop applications, such as a word processor, a spreadsheet, a presentation manager, a formula editor, and a drawing program. LibreOffice replaces OpenOffice and provides a similar but enhanced and...
7.3AI Score
0.001EPSS
(RHSA-2024:1423) Important: libreoffice security update
LibreOffice is an open source, community-developed office productivity suite. It includes key desktop applications, such as a word processor, a spreadsheet, a presentation manager, a formula editor, and a drawing program. LibreOffice replaces OpenOffice and provides a similar but enhanced and...
7.3AI Score
0.001EPSS
Threat landscape for industrial automation systems. H2 2023
Global statistics across all threats In the second half of 2023, the percentage of ICS computers on which malicious objects were blocked decreased by 2.1 pp to 31.9%. Percentage of ICS computers on which malicious objects were blocked, by half year Selected industries In H2 2023, building...
7.2AI Score
Important: libreoffice security update
LibreOffice is an open source, community-developed office productivity suite. It includes key desktop applications, such as a word processor, a spreadsheet, a presentation manager, a formula editor, and a drawing program. LibreOffice replaces OpenOffice and provides a similar but enhanced and...
8.8CVSS
7.3AI Score
0.001EPSS
RHEL 9 : libreoffice (RHSA-2024:1423)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:1423 advisory. LibreOffice is an open source, community-developed office productivity suite. It includes key desktop applications, such as a word...
8.8CVSS
9.1AI Score
0.001EPSS
RHEL 9 : libreoffice (RHSA-2024:1425)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:1425 advisory. LibreOffice is an open source, community-developed office productivity suite. It includes key desktop applications, such as a word...
8.8CVSS
9.2AI Score
0.001EPSS
RHEL 9 : libreoffice (RHSA-2024:1427)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:1427 advisory. LibreOffice is an open source, community-developed office productivity suite. It includes key desktop applications, such as a word...
8.8CVSS
9.1AI Score
0.001EPSS
Summary Yq is used by IBM Cloud Pak for Data Scheduling as part of the Ansible operator used for installation of the Scheduler. This bulletin identifies the steps to take to address the below vulnerabilities. Vulnerability Details ** CVEID: CVE-2023-39320 DESCRIPTION: **Golang Go could allow a...
9.8CVSS
8.7AI Score
0.001EPSS
Summary Ansible-operator and opm are used by IBM Cloud Pak for Data Scheduling as part of the ibm-cpd-scheduling-operator and ibm-cpd-scheduler-operator-catalog image used for installation of the Scheduler. This bulletin identifies the steps to take to address the below vulnerabilities....
9.8CVSS
9.5AI Score
0.005EPSS
A patched Windows attack surface is still exploitable
On August 8, 2023, Microsoft finally released a kernel patch for a class of vulnerabilities affecting Microsoft Windows since 2015. The vulnerabilities lead to elevation of privilege (EoP), which allows an account with user rights to gain SYSTEM privileges on a vulnerable host. The root cause of...
7.8CVSS
7.3AI Score
0.059EPSS
What’s in your notepad? Infected text editors target Chinese users
"Malvertising" is a popular way of attracting victims to malicious sites: an advertisement block is placed at the top of the search results, increasing the likelihood of users clicking the link. Sites at the top of search results also tend to be more trusted by users. A year ago, our experts...
7AI Score
The State of Stalkerware in 2023–2024
The State of Stalkerware in 2023 (PDF) The annual Kaspersky State of Stalkerware report aims to contribute to awareness and a better understanding of how people around the world are impacted by digital stalking. Stalkerware is commercially available software that can be discreetly installed on...
6.8AI Score
Top 10 web application vulnerabilities in 2021–2023
To help companies with navigating the world of web application vulnerabilities and securing their own web applications, the Open Web Application Security Project (OWASP) online community created the OWASP Top Ten. As we followed their rankings, we noticed that the way we ranked major...
8.2AI Score
7.8AI Score
0.0004EPSS
Huawei EulerOS: Security Advisory for glibc (EulerOS-SA-2024-1268)
The remote host is missing an update for the Huawei...
7.5CVSS
7AI Score
0.001EPSS
EulerOS 2.0 SP8 : glibc (EulerOS-SA-2024-1268)
According to the versions of the glibc packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A flaw was found in glibc. In an extremely rare situation, the getaddrinfo function may access memory that has been freed, resulting in an...
7.5CVSS
7.3AI Score
0.001EPSS
[SECURITY] [DLA 3757-1] nss security update
Debian LTS Advisory DLA-3757-1 [email protected] https://www.debian.org/lts/security/ Tobias Frost March 10, 2024 https://wiki.debian.org/LTS Package : nss Version : 2:3.42.1-1+deb10u8 CVE ID :...
7.5CVSS
8.4AI Score
0.001EPSS
Bootiful Spring Boot in 2024 (part 1)
NB: the code is here on my Github account: github.com/joshlong/bootiful-spring-boot-2024-blog. Hi, Spring fans! I'm Josh Long, and I work on the Spring team. I'm excited to be keynoting and giving a talk at Microsoft's JDConf this year. I'm a Kotlin GDE and a Java Champion, and I'm of the opinion.....
6.9AI Score
Releases Ubuntu 20.04 LTS Packages firefox - Mozilla Open Source web browser Details USN-6649-1 fixed vulnerabilities in Firefox. The update introduced several minor regressions. This update fixes the problem. Original advisory details: Multiple security issues were discovered in Firefox. If a...
8.6AI Score
0.0004EPSS
Ubuntu 20.04 LTS : Firefox regressions (USN-6649-2)
The remote Ubuntu 20.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-6649-2 advisory. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version...
7.3AI Score
Cyberattackers tend to give preference to legitimate tools when taking various attack steps, as these help them evade detection systems while keeping malware development costs down to a minimum. Network scanning, capturing a process memory dump, exfiltrating data, running files remotely, and even.....
7.8AI Score
[SECURITY] [DLA 3748-1] thunderbird security update
Debian LTS Advisory DLA-3748-1 [email protected] https://www.debian.org/lts/security/ Emilio Pozuelo Monfort March 04, 2024 https://wiki.debian.org/LTS Package : thunderbird Version : 1:115.8.0-1~deb10u1 CVE...
9.3AI Score
0.0004EPSS
[SECURITY] [DLA 3747-1] firefox-esr security update
Debian LTS Advisory DLA-3747-1 [email protected] https://www.debian.org/lts/security/ Emilio Pozuelo Monfort March 04, 2024 https://wiki.debian.org/LTS Package : firefox-esr Version : 115.8.0esr-1~deb10u1 CVE...
9.1AI Score
0.0004EPSS
Ubuntu 20.04 LTS / 22.04 LTS / 23.10 : Thunderbird vulnerabilities (USN-6669-1)
The remote Ubuntu 20.04 LTS / 22.04 LTS / 23.10 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6669-1 advisory. An out of bounds write in ANGLE could have allowed an attacker to corrupt memory leading to a potentially exploitable crash....
8.8CVSS
8.3AI Score
0.001EPSS
Debian dla-3747 : firefox-esr - security update
The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3747 advisory. When storing and re-accessing data on a networking channel, the length of buffers may have been confused, resulting in an out-of-bounds memory read. This...
8AI Score
0.0004EPSS
Debian dla-3748 : thunderbird - security update
The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3748 advisory. When storing and re-accessing data on a networking channel, the length of buffers may have been confused, resulting in an out-of-bounds memory read. This...
9.7AI Score
0.0004EPSS