[SECURITY] Fedora 40 Update: pgadmin4-8.6-1.fc40

pgAdmin is the most popular and feature rich Open Source administration and d evelopment platform for PostgreSQL, the most advanced Open Source database in the world...

electron28 -- multiple vulnerabilities

Electron developers report: This update fixes the following vulnerabilities: Security: backported fix for CVE-2024-4948. Security: backported fix for CVE-2024-3914. Security: backported fix for CVE-2024-4060. Security: backported fix for CVE-2024-4058. Security: backported fix for CVE-2024-4558...

CVE-2024-35986

A vulnerability was found in the Linux kernel's phy: ti: tusb1210 driver, where unregistering a powersupply device while other code holds a reference to it causes a crash. This issue happens due to a dangling reference in the tusb1210getonline function after the power supply is removed and its...

CVE-2024-35986

CVE-2024-35986 affects Linux kernel code for TI/TUSB1210 charger-detect. Unregistering a power_supply while a reference remains can trigger a WARN in power_supply_unregister and leave a dangling pointer, causing a crash on tusb1210_get_online() next use. The fix limits the power_supply reference ...

Latrodectus Malware Loader Emerges as IcedID's Successor in Phishing Campaigns

Cybersecurity researchers have observed a spike in email phishing campaigns starting early March 2024 that delivers Latrodectus, a nascent malware loader believed to be the successor to the IcedID malware. "These campaigns typically involve a recognizable infection chain involving oversized...

SUSE: Security Advisory (SUSE-SU-2024:1676-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2024:1675-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Grandoreiro Banking Trojan Resurfaces, Targeting Over 1,500 Banks Worldwide

The threat actors behind the Windows-based Grandoreiro banking trojan have returned in a global campaign since March 2024 following a law enforcement takedown in January. The large-scale phishing attacks, likely facilitated by other cybercriminals via a malware-as-a-service MaaS model, target ove...

The vulnerability of the Hotspot component in the Java SE software platform and Oracle GraalVM Enterprise Edition and Oracle GraalVM for JDK virtual machines allows attackers to gain access to and modify data.

The vulnerability of the Hotspot component in the Java SE software platform and the Oracle GraalVM Enterprise Edition and Oracle GraalVM for JDK virtual machines is related to errors in processing input data. Exploiting this vulnerability can allow an attacker to gain access to and modify/add dat...

Intel Media SDK 安全漏洞

Intel Media SDK is a multimedia SDK Software Development Kit from Intel Corporation USA. The product is primarily used for video encoding, decoding and processing in Windows and embedded Linux applications. A security vulnerability exists in Intel Media SDK that stems from the presence of incorre...

CVE-2024-27243

Buffer overflow in some Zoom Workplace Apps and SDK’s may allow an authenticated user to conduct a denial of service via network access...

PT-2024-40057 · Ez Systems +3 · Ez Platform +4

Name of the Vulnerable Software and Affected Versions: eZ Platform and eZ Publish Legacy affected versions not specified Description: The issue concerns the handling of file uploads in eZ Platform and eZ Publish Legacy, potentially leading to remote code execution RCE if exploited. An attacker...

UBUNTU-CVE-2024-30268

Cacti provides an operational monitoring and fault management framework. A reflected cross-site scripting vulnerability on the 1.3.x DEV branch allows attackers to obtain cookies of administrator and other users and fake their login using obtained cookies. This issue is fixed in commit...

CVE-2024-0151

Arm is aware of a potential software security issue in code that uses Cortex-M Security Extensions CMSE and has been compiled with tools that implement Arm v8-M Security Extensions Requirements on Development Tools before version 1.4. This issue potentially allows an attacker who can pass...

ESP-IDF Security Vulnerability

ESP-IDF is an open source development framework for Espressif SoCs supported on Windows, Linux and macOS by Espressif Systems. A security vulnerability exists in ESP-IDF version v.5.1, which stems from the presence of a buffer overflow vulnerability that could allow a remote attacker to execute...

PT-2024-5177 · Zoom · Zoom

Name of the Vulnerable Software and Affected Versions: Zoom Workplace Apps and SDKs affected versions not specified Description: The issue is related to a buffer overflow in Zoom's software for conducting video conferences, which may allow an authenticated user to cause a denial of service via...

[SECURITY] Fedora 40 Update: php-wikimedia-utfnormal-4.0.0-1.fc40

utfnormal is a library that contains unicode normalization functions. It was split out of MediaWiki core during the 1.25 development cycle...

RLSA-2024:1438 Important: nodejs security update

Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Security Fixes: nodejs: reading unprocessed HTTP request with unbounded chunk extension allows DoS attacks CVE-2024-22019 For more details about the security...

SUSE: Security Advisory (SUSE-SU-2024:1568-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2024:1148-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...