CVE-2024-30258

FastDDS is a C++ implementation of the DDS Data Distribution Service standard of the OMG Object Management Group. Prior to versions 2.14.1, 2.13.5, 2.10.4, and 2.6.8, when a publisher serves a malformed RTPS packet, the subscriber crashes when creating pthread. This can remotely crash any Fast-DD...

The vulnerability of Xenstore information storage in Xen hypervisors allows a attacker to cause a service failure.

The vulnerability of Xenstore information storage system in Xen hypervisors is related to the unlimited distribution of resources. Exploiting this vulnerability can allow attackers to cause service failures...

The vulnerability of Xenstore information storage in Xen hypervisors allows a attacker to cause a service failure.

The vulnerability of Xenstore information storage system in Xen hypervisors is related to the unlimited distribution of resources. Exploiting this vulnerability can allow attackers to cause service failures...

The vulnerability of Xenstore information storage in Xen hypervisors allows a attacker to cause a service failure.

The vulnerability of Xenstore information storage system in Xen hypervisors is related to the unlimited distribution of resources. Exploiting this vulnerability can allow attackers to cause service failures...

The vulnerability of Xenstore information storage in Xen hypervisors allows a attacker to cause a service failure.

The vulnerability of Xenstore information storage system in Xen hypervisors is related to the unlimited distribution of resources. Exploiting this vulnerability can allow attackers to cause service failures...

The vulnerability of the RDP client FreeRDP, related to unlimited resource distribution, allows attackers to trigger a service failure.

The vulnerability of the RDP client FreeRDP is related to the unlimited distribution of resources. Exploiting this vulnerability can allow a malicious actor to cause service failures remotely...

Managed Detection and Response in 2023

Managed Detection and Response in 2023 PDF Alongside other security solutions, we provide Kaspersky Managed Detection and Response MDR to organizations worldwide, delivering expert monitoring and incident response 24/7. The task involves collecting telemetry for analysis by both machine-learning ...

PT-2024-40491 · Cg · Cg

Name of the Vulnerable Software and Affected Versions: cg affected versions not specified Description: A vulnerability has been discovered in the handling of the referrer header in the application, which could allow an attacker to conduct open redirects. The issue arises from improper validation ...

[SECURITY] [DSA 5671-1] openjdk-11 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-5671-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff April 22, 2024 https://www.debian.org/security/faq -...

The vulnerability of the QUIC protocol implementation in the Go programming language library quic-go, related to the unlimited distribution of resources, allows a attacker to cause service failures.

The vulnerability of the QUIC protocol implementation in the quic-go library written in the Go programming language is related to the unlimited distribution of resources. Exploiting this vulnerability can allow a malicious actor to cause service failures remotely...

The vulnerability of Parasolid’s 3D geometric modeling tool, which involves unlimited distribution of resources, allows a hacker to cause a service failure.

The vulnerability of Parasolid’s 3D geometric modeling tool is related to the unlimited distribution of resources. Exploiting this vulnerability can allow attackers to cause service failures by using specially created XT files...

[SECURITY] [DSA 5668-1] chromium security update

------------------------------------------------------------------------- Debian Security Advisory DSA-5668-1 [email protected] https://www.debian.org/security/ Andres Salomon April 20, 2024 https://www.debian.org/security/faq -...

Cannabis investment scam JuicyFields ends in 9 arrests

Europol and its associates have arrested 9 people in conjunction with a cannabis investment scam known as "JuicyFields". The suspects used social media to lure investors to their website. There they found information about a “golden opportunity” to invest in the cultivation, harvesting and...

Malicious Google Ads Pushing Fake IP Scanner Software with Hidden Backdoor

A new Google malvertising campaign is leveraging a cluster of domains mimicking a legitimate IP scanner software to deliver a previously unknown backdoor dubbed MadMxShell. "The threat actor registered multiple look-alike domains using a typosquatting technique and leveraged Google Ads to push...

firefox security update

115.10.0-1.0.1 - Remove upstream references Orabug: 30143292 - Update distribution for Oracle Linux Orabug: 30143292 - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file 115.10.0-1 - Update to 115.10.0 build1...

Medium: flatpak

Issue Overview: Flatpak is a Linux application sandboxing and distribution framework. Prior to versions 1.12.3 and 1.10.6, Flatpak doesn't properly validate that the permissions displayed to the user for an app at install time match the actual permissions granted to the app at runtime, in the cas...

eProsima Fast DDS 安全漏洞

eProsima Fast DDS is the C++ implementation of eProsima's OMG Object Management Group DDS Data Distribution Service standard. A security vulnerability exists in eProsima Fast DDS v.2.14.0 and earlier versions that originated from allowing a local attacker to cause a denial of service DoS and obta...

CVE-2024-31454

PsiTransfer is an open source, self-hosted file sharing solution. Prior to version 2.2.0, the absence of restrictions on the endpoint, which is designed for uploading files, allows an attacker who received the id of a file distribution to change the files that are in this distribution. The...

CVE-2024-31454 PsiTransfer file integrity violation vulnerability

PsiTransfer is an open source, self-hosted file sharing solution. Prior to version 2.2.0, the absence of restrictions on the endpoint, which is designed for uploading files, allows an attacker who received the id of a file distribution to change the files that are in this distribution. The...

CVE-2024-31454 PsiTransfer file integrity violation vulnerability

PsiTransfer is an open source, self-hosted file sharing solution. Prior to version 2.2.0, the absence of restrictions on the endpoint, which is designed for uploading files, allows an attacker who received the id of a file distribution to change the files that are in this distribution. The...