Twitter’s Clumsy Pivot to X.com Is a Gift to Phishers
On April 9, Twitter/X began automatically modifying links that mention "twitter.com" to read "x.com" instead. But over the past 48 hours, dozens of new domain names have been registered that demonstrate how this change could be used to craft convincing phishing links -- such as fedetwitter[.]com,.....
6.9AI Score
Researchers Uncover First Native Spectre v2 Exploit Against Linux Kernel
Cybersecurity researchers have disclosed what they say is the "first native Spectre v2 exploit" against the Linux kernel on Intel systems that could be exploited to read sensitive data from the memory. The exploit, called Native Branch History Injection (BHI), can be used to leak arbitrary kernel.....
7.1AI Score
EPSS
bd-designs.co.uk Cross Site Scripting vulnerability OBB-3903407
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
(RHSA-2024:1648) Important: bind9.16 security update
The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly. Security....
8.3AI Score
0.05EPSS
(RHSA-2024:1647) Important: bind9.16 security update
The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly. Security....
8.3AI Score
0.05EPSS
bd-auto.com Cross Site Scripting vulnerability OBB-3896554
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
RHEL 8 : bind9.16 (RHSA-2024:1647)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:1647 advisory. The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named);.....
7.5CVSS
8.5AI Score
0.05EPSS
RHEL 8 : bind9.16 (RHSA-2024:1648)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:1648 advisory. The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named);.....
7.5CVSS
8.5AI Score
0.05EPSS
7.4AI Score
bd-products.com Cross Site Scripting vulnerability OBB-3888071
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
Releases Ubuntu 23.10 Ubuntu 22.04 LTS Ubuntu 20.04 LTS Packages thunderbird - Mozilla Open Source mail and newsgroup client Details Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a browsing context, an attacker...
7.5CVSS
8.9AI Score
0.001EPSS
Ubuntu 20.04 LTS / 22.04 LTS / 23.10 : Thunderbird vulnerabilities (USN-6717-1)
The remote Ubuntu 20.04 LTS / 22.04 LTS / 23.10 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6717-1 advisory. An unchecked return value in TLS handshake code could have caused a potentially exploitable crash. This vulnerability affects...
7.5CVSS
9.1AI Score
0.001EPSS
Radamsa - A General-Purpose Fuzzer
Radamsa is a test case generator for robustness testing, a.k.a. a fuzzer. It is typically used to test how well a program can withstand malformed and potentially malicious inputs. It works by reading sample files of valid data and generating interestringly different outputs from them. The main...
9.8CVSS
7.5AI Score
EPSS
New "GoFetch" Vulnerability in Apple M-Series Chips Leaks Secret Encryption Keys
A new security shortcoming discovered in Apple M-series chips could be exploited to extract secret keys used during cryptographic operations. Dubbed GoFetch, the vulnerability relates to a microarchitectural side-channel attack that takes advantage of a feature known as data memory-dependent...
6.2AI Score
[SECURITY] Fedora 40 Update: libuev-2.4.1-1.fc40
libuEv is a small event loop that wraps the Linux epoll() family of APIs. It is similar to the more established libevent, libev and the venerable Xt(3) event loop. The =EF=BF=BD=EF=BF=BD in the name refers to both its limited feature set and the size impact of the...
9.8CVSS
9.3AI Score
0.001EPSS
File Upload vulnerability in magicflue v.7.0 and before allows a remote attacker to execute arbitrary code via a crafted request to the messageid parameter of the mail/mailupdate.jsp...
7.5AI Score
0.0004EPSS
File Upload vulnerability in magicflue v.7.0 and before allows a remote attacker to execute arbitrary code via a crafted request to the messageid parameter of the mail/mailupdate.jsp...
7.8AI Score
0.0004EPSS
File Upload vulnerability in magicflue v.7.0 and before allows a remote attacker to execute arbitrary code via a crafted request to the messageid parameter of the mail/mailupdate.jsp...
7.7AI Score
0.0004EPSS
[SECURITY] Fedora 38 Update: libuev-2.4.1-1.fc38
libuEv is a small event loop that wraps the Linux epoll() family of APIs. It is similar to the more established libevent, libev and the venerable Xt(3) event loop. The =EF=BF=BD=EF=BF=BD in the name refers to both its limited feature set and the size impact of the...
9.8CVSS
9.3AI Score
0.001EPSS
[SECURITY] Fedora 39 Update: libuev-2.4.1-1.fc39
libuEv is a small event loop that wraps the Linux epoll() family of APIs. It is similar to the more established libevent, libev and the venerable Xt(3) event loop. The =EF=BF=BD=EF=BF=BD in the name refers to both its limited feature set and the size impact of the...
9.8CVSS
9.3AI Score
0.001EPSS
(RHSA-2024:1406) Moderate: bind security update
The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly. Security....
7AI Score
0.001EPSS
RHEL 8 : bind (RHSA-2024:1406)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:1406 advisory. The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a...
7.5CVSS
7.8AI Score
0.001EPSS
In the Linux kernel, the following vulnerability has been resolved: net/sched: act_ct: fix skb leak and crash on ooo frags act_ct adds skb->users before defragmentation. If frags arrive in order, the last frag's reference is reset in: inet_frag_reasm_prepare skb_morph which is not...
6.5AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: net/sched: act_ct: fix skb leak and crash on ooo frags act_ct adds skb->users before defragmentation. If frags arrive in order, the last frag's reference is reset in: inet_frag_reasm_prepare skb_morph which is not...
7.2AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: net/sched: act_ct: fix skb leak and crash on ooo frags act_ct adds skb->users before defragmentation. If frags arrive in order, the last frag's reference is reset in: inet_frag_reasm_prepare skb_morph which is not...
6.1AI Score
0.0004EPSS
CVE-2023-52610 net/sched: act_ct: fix skb leak and crash on ooo frags
In the Linux kernel, the following vulnerability has been resolved: net/sched: act_ct: fix skb leak and crash on ooo frags act_ct adds skb->users before defragmentation. If frags arrive in order, the last frag's reference is reset in: inet_frag_reasm_prepare skb_morph which is not...
7.5AI Score
0.0004EPSS
CVE-2023-52610 net/sched: act_ct: fix skb leak and crash on ooo frags
In the Linux kernel, the following vulnerability has been resolved: net/sched: act_ct: fix skb leak and crash on ooo frags act_ct adds skb->users before defragmentation. If frags arrive in order, the last frag's reference is reset in: inet_frag_reasm_prepare skb_morph which is not...
6.6AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: net/sched: act_ct: fix skb leak and crash on ooo frags act_ct adds skb->users before defragmentation. If frags arrive in order, the last frag's reference is reset in: inet_frag_reasm_prepare skb_morph which is not straightforwar...
6.2AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: ipv6: Fix KASAN: slab-out-of-bounds Read in fib6_nh_flush_exceptions Reported by syzbot: HEAD commit: 90c911ad Merge tag 'fixes' of git://git.kernel.org/pub/scm.. git tree: ...
6.6AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: ipv6: Fix KASAN: slab-out-of-bounds Read in fib6_nh_flush_exceptions Reported by syzbot: HEAD commit: 90c911ad Merge tag 'fixes' of git://git.kernel.org/pub/scm.. git tree: ...
7.2AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: ipv6: Fix KASAN: slab-out-of-bounds Read in fib6_nh_flush_exceptions Reported by syzbot: HEAD commit: 90c911ad Merge tag 'fixes' of git://git.kernel.org/pub/scm.. git tree: ...
6.4AI Score
0.0004EPSS
CVE-2021-47126 ipv6: Fix KASAN: slab-out-of-bounds Read in fib6_nh_flush_exceptions
In the Linux kernel, the following vulnerability has been resolved: ipv6: Fix KASAN: slab-out-of-bounds Read in fib6_nh_flush_exceptions Reported by syzbot: HEAD commit: 90c911ad Merge tag 'fixes' of git://git.kernel.org/pub/scm.. git tree: ...
6.7AI Score
0.0004EPSS
CVE-2021-47126 ipv6: Fix KASAN: slab-out-of-bounds Read in fib6_nh_flush_exceptions
In the Linux kernel, the following vulnerability has been resolved: ipv6: Fix KASAN: slab-out-of-bounds Read in fib6_nh_flush_exceptions Reported by syzbot: HEAD commit: 90c911ad Merge tag 'fixes' of git://git.kernel.org/pub/scm.. git tree: ...
6.8AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: ipv6: Fix KASAN: slab-out-of-bounds Read in fib6_nh_flush_exceptions Reported by syzbot: HEAD commit: 90c911ad Merge tag 'fixes' of git://git.kernel.org/pub/scm.. git tree:...
6.7AI Score
0.0004EPSS
[SECURITY] Fedora 38 Update: python-fastapi-0.99.0-7.fc38
FastAPI is a modern, fast (high-performance), web framework for building APIs with Python 3.7+ based on standard Python type hints. The key features are: =EF=BF=BD=EF=BF=BD=EF=BF=BD Fast: Very high performance, on par with NodeJS and Go (thanks to Starlette and Pydantic). One of the...
7.4AI Score
[SECURITY] Fedora 39 Update: python-fastapi-0.103.0-10.fc39
FastAPI is a modern, fast (high-performance), web framework for building APIs with Python 3.7+ based on standard Python type hints. The key features are: =EF=BF=BD=EF=BF=BD=EF=BF=BD Fast: Very high performance, on par with NodeJS and Go (thanks to Starlette and Pydantic). One of the...
7.4AI Score
Fedora: Security Advisory for jflex (FEDORA-2024-129d8ca6fc)
The remote host is missing an update for...
7AI Score
0.0004EPSS
[SECURITY] Fedora 40 Update: jflex-1.7.0-18.fc40
JFlex is a lexical analyzer generator (also known as scanner generator) for Java, written in Java. It is also a rewrite of the very useful tool JLex which was developed by Elliot Berk at Princeton University. As Vern Paxson states for his C/C++ tool flex: They do not share any code though. ...
7AI Score
0.0004EPSS
[SECURITY] Fedora 40 Update: jctools-4.0.2-3.fc40
This project aims to offer some concurrent data structures currently missing from the JDK: =EF=BF=BD=EF=BF=BD SPSC/MPSC/SPMC/MPMC Bounded lock free queues =EF=BF=BD=EF=BF=BD SPSC/MPSC Unbounded lock free queues =EF=BF=BD=EF=BF=BD Alternative interfaces for queues =EF=BF=BD=EF=BF=BD Offheap...
7AI Score
0.0004EPSS
[SECURITY] Fedora 40 Update: jakarta-interceptors-2.0.0-12.fc40
Jakarta Interceptors defines a means of interposing on business method invocations and specific events=EF=BF=BD=EF=BF=BD=EF=BF=BDsuch as lifecycle e vents and timeout events=EF=BF=BD=EF=BF=BD=EF=BF=BDthat occur on instances of Jakarta EE compon ents and other managed...
9.1AI Score
0.0004EPSS
[SECURITY] Fedora 40 Update: guava-32.1.3-5.fc40
Guava is a suite of core and expanded libraries that include utility classes, Google=EF=BF=BD=EF=BF=BD=EF=BF=BDs collections, io classes, and much much more. This project is a complete packaging of all the Guava libraries into a single jar. Individual portions of Guava can be used by downloading...
9.1AI Score
0.0004EPSS
CentOS: Security Advisory for bind (CESA-2023:5691)
The remote host is missing an update for...
7.5CVSS
7.9AI Score
0.002EPSS
[SECURITY] Fedora 38 Update: bind-9.18.24-1.fc38
BIND (Berkeley Internet Name Domain) is an implementation of the DNS (Domain Name System) protocols. BIND includes a DNS server (named), which resolves host names to IP addresses; a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS.....
7.5CVSS
7.2AI Score
0.05EPSS
Ubuntu 20.04 LTS / 22.04 LTS / 23.10 : Thunderbird vulnerabilities (USN-6669-1)
The remote Ubuntu 20.04 LTS / 22.04 LTS / 23.10 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6669-1 advisory. An out of bounds write in ANGLE could have allowed an attacker to corrupt memory leading to a potentially exploitable crash....
8.8CVSS
8.3AI Score
0.001EPSS
Releases Ubuntu 23.10 Ubuntu 22.04 LTS Ubuntu 20.04 LTS Packages thunderbird - Mozilla Open Source mail and newsgroup client Details Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a browsing context, an attacker...
8.8CVSS
9.1AI Score
0.001EPSS
openSUSE: Security Advisory for exim (openSUSE-SU-2024:0007-1)
The remote host is missing an update for...
7.5CVSS
6.9AI Score
0.007EPSS
Fedora: Security Advisory for bind (FEDORA-2024-fae88b73eb)
The remote host is missing an update for...
7.5CVSS
8AI Score
0.05EPSS
In the Linux kernel, the following vulnerability has been resolved: RDMA/core: Prevent divide-by-zero error triggered by the user The user_entry_size is supplied by the user and later used as a denominator to calculate number of entries. The zero supplied by the user will trigger the following...
6.1AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: RDMA/core: Prevent divide-by-zero error triggered by the user The user_entry_size is supplied by the user and later used as a denominator to calculate number of entries. The zero supplied by the user will trigger the following...
6.5AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: RDMA/core: Prevent divide-by-zero error triggered by the user The user_entry_size is supplied by the user and later used as a denominator to calculate number of entries. The zero supplied by the user will trigger the following...
6.2AI Score
0.0004EPSS