Debian dsa-5803 : thunderbird - security update

The remote Debian 12 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5803 advisory. - ------------------------------------------------------------------------- Debian Security Advisory DSA-5803-1 [email protected] https://www.debian.org/securit...

CVE-2024-10758

A vulnerability, which was classified as critical, was found in code-projects/anirbandutta9 Content Management System and News-Buzz 1.0. This affects an unknown part of the file /index.php. The manipulation of the argument username leads to sql injection. It is possible to initiate the attack...

Lumma/Amadey: fake CAPTCHAs want to know if you’re human

Attackers are increasingly distributing malware through a rather unusual method: a fake CAPTCHA as the initial infection vector. Researchers from various companies reported this campaign in August and September. The attackers, primarily targeting gamers, initially delivered the Lumma stealer to...

U.S. Government Issues New TLP Guidance for Cross-Sector Threat Intelligence Sharing

The U.S. government USG has issued new guidance governing the use of the Traffic Light Protocol TLP to handle threat intelligence information shared between the private sector, individual researchers, and Federal Departments and Agencies. "The USG follows TLP markings on cybersecurity information...

The vulnerability of the Dovecot mail server, which relies on unconstrained resource distribution without any restrictions or regulations, allows attackers to cause service failures.

The vulnerability of the Dovecot mail server is related to the distribution of resources without any restrictions or regulations. Exploiting this vulnerability allows a malicious actor to cause service failures...

Important: Red Hat Security Advisory: Multicluster Engine for Kubernetes 2.4.6 security updates and bug fixes

Multicluster Engine for Kubernetes 2.4.6 General Availability release images, which fix bugs and update container images. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

[SECURITY] [DSA 5799-1] chromium security update

------------------------------------------------------------------------- Debian Security Advisory DSA-5799-1 [email protected] https://www.debian.org/security/ Andres Salomon October 28, 2024 https://www.debian.org/security/faq -...

Debian dsa-5798 : activemq - security update

The remote Debian 12 host has packages installed that are affected by a vulnerability as referenced in the dsa-5798 advisory. - ------------------------------------------------------------------------- Debian Security Advisory DSA-5798-1 [email protected] https://www.debian.org/security/ Moritz...

[SECURITY] [DSA 5798-1] activemq security update

------------------------------------------------------------------------- Debian Security Advisory DSA-5798-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff October 26, 2024 https://www.debian.org/security/faq -...

[SECURITY] [DSA 5795-1] python-sql security update

------------------------------------------------------------------------- Debian Security Advisory DSA-5795-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff October 21, 2024 https://www.debian.org/security/faq -...

Admidio Vulnerable to HTML Injection In The Messages Section

Summary An unsafe deserialization vulnerability allows any unauthenticated user to execute arbitrary code on the server. PoC 1. Go to https://www.admidio.org/demoen/admprogram/modules/messages/messages.php 2. Click on Send Private Message 3. In the Message field, enter the following payload...

GHSA-7C4C-749J-PFP2 Admidio Vulnerable to HTML Injection In The Messages Section

Summary An unsafe deserialization vulnerability allows any unauthenticated user to execute arbitrary code on the server. PoC 1. Go to https://www.admidio.org/demoen/admprogram/modules/messages/messages.php 2. Click on Send Private Message 3. In the Message field, enter the following payload...

MAL-2024-9571 Malicious code in core-linux-x64-musl (npm)

--- -= Per source details. Do not edit below this line.=-...

PT-2024-32844 · Admidio · Admidio

Name of the Vulnerable Software and Affected Versions: Admidio versions prior to 4.3.12 Description: An unsafe deserialization vulnerability allows any unauthenticated user to execute arbitrary code on the server. This issue can lead to various impacts, including data theft, session hijacking,...

CVE-2022-2031

...

CVE-2022-32744

...

The vulnerability of the Hyper-V hardware virtualization system for Windows operating systems allows a perpetrator to trigger a service failure.

The vulnerability of the Hyper-V hardware virtualization technology for Windows operating systems relates to the unrestricted and unregulated distribution of resources. Exploiting this vulnerability can allow a malicious actor to cause service interruptions...

[SECURITY] [DSA 5790-1] node-dompurify security update

------------------------------------------------------------------------- Debian Security Advisory DSA-5790-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff October 13, 2024 https://www.debian.org/security/faq -...

[SECURITY] [DSA 5789-1] thunderbird security update

------------------------------------------------------------------------- Debian Security Advisory DSA-5789-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff October 12, 2024 https://www.debian.org/security/faq -...

CVE-2024-5005

An issue has been discovered discovered in GitLab EE/CE affecting all versions starting from 11.4 before 17.2.9, all versions starting from 17.3 before 17.3.5, all versions starting from 17.4 before 17.4.2 It was possible for guest users to disclose project templates using the API...