[SECURITY] Fedora 39 Update: gdcm-3.0.23-5.fc39

Grassroots DiCoM GDCM is a C++ library for DICOM medical files. It supports ACR-NEMA version 1 and 2 huffman compression is not supported, RAW, JPEG, JPEG 2000, JPEG-LS, RLE and deflated transfer syntax. It comes with a super fast scanner implementation to quickly scan hundreds of DICOM files. It...

UBUNTU-CVE-2024-26735

In the Linux kernel, the following vulnerability has been resolved: ipv6: sr: fix possible use-after-free and null-ptr-deref The pernet operations structure for the subsystem must be registered before registering the generic netlink family...

PT-2024-14050 · Nagios Xi · Nagios Xi

Name of the Vulnerable Software and Affected Versions: Nagios XI versions up to and including 2024R1 Description: A stored cross-site scripting XSS vulnerability in the NOC component allows low-privileged users to execute malicious HTML or JavaScript code via the audio file upload functionality...

What Is Network Availability?

Within the sphere of IT, 'network accessibility' is a term frequently used. Yet, does everyone understand its connotation? Simplistically put, network accessibility alludes to how readily a network or system can be accessed by its users. It quantifies to what extent a system is functioning and...

The vulnerability of the XML.toJSONObject component in the file and network operations library hutool-json allows a attacker to cause a service failure.

The vulnerability of the XML.toJSONObject component in the library for file processing and network operations in hutool-json is related to writing beyond the buffer boundaries in memory. Exploiting this vulnerability could allow a malicious actor to cause service failures...

The vulnerability of the MyHandlerInterceptor class in the ProSafe Network Management NMS300 system’s management, diagnosis, and optimization of network device operations allows a perpetrator to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the MyHandlerInterceptor class in the ProSafe Network Management NMS300 system, which is used for management, diagnosis, and optimization of network device operations, is related to deficiencies in the authentication process. Exploiting this vulnerability could allow a...

Cadet Blizzard emerges as a novel and distinct Russian threat actor

As Russia’s invasion of Ukraine continues into its second year and Microsoft continues to collaborate with global partners in response, the exposure of destructive cyber capabilities and information operations provide greater clarity into the tools and techniques used by Russian state-sponsored...

The vulnerability of the server module gRPC Network Operations Interface (gNOI) in the operating system Juniper Networks Junos OS Evolved allows a attacker to execute arbitrary code.

The vulnerability of the server module gRPC Network Operations Interface gNOI in the Juniper Networks Junos OS Evolved operating system is related to the failure to take measures to neutralize specific elements. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

CVE-2023-28983

An OS Command Injection vulnerability in gRPC Network Operations Interface gNOI server module of Juniper Networks Junos OS Evolved allows an authenticated, low privileged, network based attacker to inject shell commands and execute code. This issue affects Juniper Networks Junos OS Evolved 21.4...

Command injection

An OS Command Injection vulnerability in gRPC Network Operations Interface gNOI server module of Juniper Networks Junos OS Evolved allows an authenticated, low privileged, network based attacker to inject shell commands and execute code. This issue affects Juniper Networks Junos OS Evolved 21.4...

CVE-2023-28983 Junos OS Evolved: Shell Injection vulnerability in the gNOI server

An OS Command Injection vulnerability in gRPC Network Operations Interface gNOI server module of Juniper Networks Junos OS Evolved allows an authenticated, low privileged, network based attacker to inject shell commands and execute code. This issue affects Juniper Networks Junos OS Evolved 21.4...

CVE-2023-28983

CVE-2023-28983 describes an OS command injection in the gRPC Network Operations Interface (gNOI) server module of Juniper Networks Junos OS Evolved. The vulnerability is triggered by an authenticated, low-privilege, network-based attacker who can inject shell commands and execute code due to the ...

PT-2023-3072 · Juniper Networks · Junos Evolved

Name of the Vulnerable Software and Affected Versions: Juniper Networks Junos OS Evolved versions 21.4R1-EVO through 22.1R1-EVO Description: The issue is related to an OS Command Injection vulnerability in the gRPC Network Operations Interface gNOI server module. This allows an authenticated,...

The art and science behind Microsoft threat hunting: Part 1

At Microsoft, we define threat hunting as the practice of actively looking for cyberthreats that have covertly or not so covertly penetrated an environment. This involves looking beyond the known alerts or malicious threats to discover new potential threats and vulnerabilities. Why do incident...

Align your security and network teams to Zero Trust security demands

The security community is continuously changing, growing, and learning from each other to better position the world against cyber threats. In the latest Voice of the Community blog series post, Microsoft Security Product Marketing Manager Natalia Godyla talks with Jennifer Minella, Founder and...

NOKIA NetAct 18A 代码问题漏洞

NOKIA NetAct 18A is an application system from Nokia Finland. It provides best-in-class applications to enable seamless day-to-day network operations, including configuration management, monitoring and software management. A security vulnerability exists in Nokia NetAct 18A, which can be exploite...

Google Android 资源管理错误漏洞

Google Android is a Linux-based open source operating system from Google and the Open Handset Alliance OHA. Google Android OS has a resource management error vulnerability, the vulnerability stems from the network system or product in the operation of the process of configuration and other errors...

Analyzing Solorigate, the compromised DLL file that started a sophisticated cyberattack, and how Microsoft Defender helps protect customers

We, along with the security industry and our partners, continue to investigate the extent of the Solorigate attack. While investigations are underway, we want to provide the defender community with intelligence to understand the scope, impact, remediation guidance, and product detections and...

Lustre ptlrpc module buffer overflow vulnerability (CNVD-2020-07303)

Lustre is a parallel distributed file system typically used in large computer clusters and supercomputers, of which Lustre ptlrpc is a module. A buffer overflow vulnerability exists in the Lustre ptlrpc module. The vulnerability stems from a networked system or product performing operations in...

cyrus-sasl buffer overflow vulnerability

cyrus-sasl is an implementation of the Cyrus SASL Simple Authentication Security Layer API capable of providing authentication authorization services on both the client and server side. A buffer overflow vulnerability exists in cyrus-sasl version 2.1.27. The vulnerability stems from a network...