SUSE SLED12 / SLES12 Security Update : evolution (SUSE-SU-2023:3375-1)

The remote SUSE Linux SLED12 / SLEDSAP12 / SLES12 / SLESSAP12 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2023:3375-1 advisory. - An issue was discovered in GNOME Evolution before 3.35.91. By using the proprietary non-RFC6068 mailto?attach=...

SUSE-SU-2023:3375-1 Security update for evolution

This update for evolution fixes the following issues: - CVE-2020-11879: Fixed issue where websites can attach local files to emails by using a proprietary parameter without warning the user bsc1169843. - Fix some warnings with newer WebKit - Handle frame flattening change in WebKitGTK 2.40...

This Week in Spring - August 15th, 2023

SpringOne, the first in-person SpringOne since the pandemic! - is next week!! I'm so excited I could spit. And I did spit. And then, I asked ChatGPT for some help writing a poem, and it did not disappoint! T'was a week before SpringOne, in Las Vegas so grand, Where devs from all corners would soo...

These 6 Questions Will Help You Choose the Best Attack Surface Management Platform

The hype around different security categories can make it difficult to discern features and capabilities from bias when researching new platforms. You want to advance your security measures, but what steps actually make sense for your business? For anyone ready to find an attack surface managemen...

Qualcomm Chipsets 安全漏洞

Qualcomm Chipsets are a family of chipsets from Qualcomm Incorporated USA. A security vulnerability exists in Qualcomm Chipsets that stems from improper input validation of the Modem when receiving LTE Safe Mode Command messages...

PT-2023-18294 · Modem · Modem

Name of the Vulnerable Software and Affected Versions: Modem affected versions not specified Description: The issue is related to a weak configuration in the Modem due to improper input validation when processing LTE security mode command messages received from the network. This can lead to...

CVE-2023-35800

Stormshield Endpoint Security Evolution 2.0.0 through 2.4.2 has Insecure Permissions. An ACL entry on the SES Evolution agent directory that contains the agent logs displayed in the GUI allows interactive users to read data, which could allow access to information reserved to administrators...

CVE-2023-35799

Stormshield Endpoint Security Evolution 2.0.0 through 2.3.2 has Insecure Permissions. An interactive user can use the SES Evolution agent to create arbitrary files with local system privileges...

CVE-2023-35799

Stormshield Endpoint Security Evolution 2.0.0 through 2.3.2 has Insecure Permissions. An interactive user can use the SES Evolution agent to create arbitrary files with local system privileges...

CVE-2023-35799

Stormshield Endpoint Security Evolution 2.0.0 through 2.3.2 has Insecure Permissions. An interactive user can use the SES Evolution agent to create arbitrary files with local system privileges...

Code injection

Stormshield Endpoint Security Evolution 2.0.0 through 2.3.2 has Insecure Permissions. An interactive user can use the SES Evolution agent to create arbitrary files with local system privileges...

UBUNTU-CVE-2023-35799

Stormshield Endpoint Security Evolution 2.0.0 through 2.3.2 has Insecure Permissions. An interactive user can use the SES Evolution agent to create arbitrary files with local system privileges...

CVE-2023-35799

Stormshield Endpoint Security Evolution 2.0.0 through 2.3.2 has Insecure Permissions. An interactive user can use the SES Evolution agent to create arbitrary files with local system privileges...

Stormshield Endpoint Security 安全漏洞

Stormshield Endpoint Security is a product line for enhancing workstation and server security from the French company Stormshield. A security vulnerability exists in Stormshield Endpoint Security Evolution versions 2.0.0 through 2.3.2, which can be exploited to create arbitrary files with local...

Stormshield Endpoint Security 安全漏洞

Stormshield Endpoint Security is a product line of enhanced workstation and server security from the French company Stormshield. A security vulnerability exists in Stormshield Endpoint Security Evolution versions 2.0.0 through 2.3.2, which stems from an ACL entry on the SES Evolution agent...

CVE-2023-35800

Stormshield Endpoint Security Evolution 2.0.0 through 2.4.2 has Insecure Permissions. An ACL entry on the SES Evolution agent directory that contains the agent logs displayed in the GUI allows interactive users to read data, which could allow access to information reserved to administrators...

CVE-2023-35799

Affected product: Stormshield Endpoint Security Evolution (SES Evolution) agent. Vulnerability: Insecure permissions allow an interactive user to use the SES Evolution agent to create arbitrary files with local system privileges. Versions affected: 2.0.0 through 2.3.2. Root cause/impact: Local pr...

CVE-2023-35799

Stormshield Endpoint Security Evolution 2.0.0 through 2.3.2 has Insecure Permissions. An interactive user can use the SES Evolution agent to create arbitrary files with local system privileges...

The vulnerability of PPMD in operating systems Juniper Networks Junos OS and Junos OS Evolved allows a attacker to cause a service failure.

The vulnerability of PPMD in Juniper Networks’ Junos OS and Junos OS Evolved operating systems is related to deficiencies in handling exceptional states. Exploiting this vulnerability can allow a malicious actor to cause service interruptions remotely...

Decrypting Cyber Risk Quantification

Discover the evolution of cyber risk quantification, criteria for an accurate risk score, and its benefits across the organization...