2474 matches found
xorg-x11-server: heap buffer overflow in DisableDevice
A heap buffer overflow flaw was found in the DisableDevice function in the X.Org server. This issue may lead to an application crash or, in some circumstances, remote code execution in SSH X11 forwarding environments...
xorg-x11-server: heap buffer overflow in DisableDevice
A heap buffer overflow flaw was found in the DisableDevice function in the X.Org server. This issue may lead to an application crash or, in some circumstances, remote code execution in SSH X11 forwarding environments...
[SECURITY] Fedora 39 Update: prometheus-podman-exporter-1.7.0-1.fc39
Prometheus exporter for podman environments exposing containers, pods, images, volumes and networks information...
Prevent BEC with AI-Powered Email and Collaboration
Latest Trend Vision One™ platform integration addresses growing need for streamlined IT and security operations across email and messaging environments...
Announcing the Release of "Kubernetes Security for Dummies"
We're excited to announce the release of a comprehensive guide to mastering Kubernetes security: "Kubernetes Security for Dummies." Wiz collaborated with Wiley publications to create this essential resource, which covers various aspects of securing Kubernetes environments...
Announcing the Newest Game-Changing Upgrades of Qualys Cloud Agent
Qualys Cloud Agent Gets Powerful Enhancements for Boosting User Flexibility, Improved Control & Efficiency in VDI Environments, Seamless Updates, and More! We are excited to unveil a major upgrade to the Qualys Cloud Agent, marking a significant stride in cybersecurity management. The four update...
Support for machine profile in VMware
This article describes theSupport for machine profile feature in VMwareenvironments...
OpenJDK: logging of digital signature private keys (8316976)
Difficult to exploit vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition executes to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks o...
CVE-2023-4566
Vulnerability of trust relationships being inaccurate in distributed scenarios. Successful exploitation of this vulnerability may affect service confidentiality...
IBM Db2 Denial of Service Vulnerability (CNVD-2025-03030)
IBM Db2 is a relational database management system from International Business Machines IBM. The system's execution environments are mainly UNIX, Linux, IBMi, z/OS, and Windows server versions. A denial of service vulnerability exists in IBM Db2, which can be exploited by an attacker to cause a...
IBM Db2 Denial of Service Vulnerability (CNVD-2025-03032)
IBM Db2 is a relational database management system from International Business Machines IBM. The system's execution environments are mainly UNIX, Linux, IBMi, z/OS, and Windows server versions. IBM Db2 suffers from a denial of service vulnerability that originates when a specially crafted cursor ...
Moderate: Red Hat Security Advisory: ipa security update
An update for ipa is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CV...
Moderate: Red Hat Security Advisory: idm:DL1 security update
An update for the idm:DL1 module is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Telecommunications Update Service, and Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions. Red Hat Product Security has rated this...
CVE-2023-52137
The tj-actions/verify-changed-files action allows for command injection in changed filenames, allowing an attacker to execute arbitrary code and potentially leak secrets. The verify-changed-files workflow returns the list of files changed within a workflow execution. This could potentially allow...
Apache Pulsar WebSocket Proxy Denial of Service Vulnerability
Apache Pulsar is a U.S. Apache Apache Foundation for cloud environments, set of messages, storage, lightweight functional computing as a distributed message flow platform. A denial of service vulnerability exists in Apache Pulsar WebSocket Proxy, which can be exploited by an attacker to cause a...
How to choose a free vulnerability scanner: Insights from an industry veteran
The cybersecurity market is awash with expensive, high-end solutions for detecting vulnerabilities in third-party applications. However, for smaller security teams, free vulnerability scanners offer a practical alternative. But of course, free doesn’t always mean better—it’s crucial to thoroughly...
USN-6534-2: Linux kernel vulnerabilities
It was discovered that the USB subsystem in the Linux kernel contained a race condition while handling device descriptors in certain situations, leading to a out-of-bounds read vulnerability. A local attacker could possibly use this to cause a denial of service system crash. CVE-2023-37453 Lin Ma...
CVE-2023-49247
Permission verification vulnerability in distributed scenarios. Successful exploitation of this vulnerability may affect service confidentiality...
Buildroot BR_NO_CHECK_HASH_FOR data integrity vulnerability
Talos Vulnerability Report TALOS-2023-1845 Buildroot BRNOCHECKHASHFOR data integrity vulnerability December 5, 2023 CVE Number CVE-2023-43608 SUMMARY A data integrity vulnerability exists in the BRNOCHECKHASHFOR functionality of Buildroot 2023.08.1 and dev commit 622698d7847. A specially crafted...
Wiz at Re:Invent 2023
See what’s new with Wiz at Re:Invent 2023 and learn about how Wiz and AWS continue to strengthen their strategic partnership, keeping AWS customers’ environments secure...