[SECURITY] Fedora 37 Update: clamav-0.103.9-1.fc37

Clam AntiVirus is an anti-virus toolkit for UNIX. The main purpose of this software is the integration with mail servers attachment scanning. The package provides a flexible and scalable multi-threaded daemon, a command line scanner, and a tool for automatic updating via Internet. The programs ar...

[SECURITY] Fedora 37 Update: caddy-2.6.4-1.fc37

Caddy is the web server with automatic HTTPS...

[SECURITY] Fedora 38 Update: caddy-2.6.4-1.fc38

Caddy is the web server with automatic HTTPS...

Fedora: Security Advisory for caddy (FEDORA-2023-4926525509)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Applying AI to License Plate Surveillance

License plate scanners arent new. Neither is using them for bulk surveillance. Whats new is that AI is being used on the data, identifying "suspicious" vehicle behavior: Typically, Automatic License Plate Recognition ALPR technology is used to search for plates linked to specific crimes. But in...

Citrix indirect display adapter is installed along with Workspace app in Win10

After installingCitrix Workspace 1809 or above version in Windows 10,Citrix indirect display adapter is installed automatically...

LibreNMS Cross-Site Scripting Vulnerability (CNVD-2023-64109)

LibreNMS is an open source network monitoring system based on PHP and MySQL from the LibreNMS community. The system features customizable alerts, auto-discovery of the network environment and automatic updates. A cross-site scripting vulnerability exists in LibreNMS versions prior to 23.8.0. The...

CVE-2023-4387

A use-after-free flaw was found in vmxnet3rqallocrxbuf in drivers/net/vmxnet3/vmxnet3drv.c in VMware's vmxnet3 ethernet NIC driver in the Linux Kernel. This issue could allow a local attacker to crash the system due to a double-free while cleaning up vmxnet3rqcleanupall, which could also lead to ...

Columbus-Server - API first subdomain discovery service, blazingly fast subdomain enumeration service with advanced features

Columbus Project is an API first subdomain discovery service, blazingly fast subdomain enumeration service with advanced features. Columbus returned 638subdomains of tesla.com in 0.231 sec. Usage By default Columbus returns only the subdomains in a JSON string array: curl...

How to configure VMs to be powered on automatically after XenServer boot up

This article describes how to configure VMs on XenServer to be powered on automatically after XenServer boot up. Note : This capability is deprecated and will be removed in a future release...

Exploit for CVE-2023-38646

CVE-2023-38646 Automatic Tools For Metabase RCE Exploit Known...

CVE-2023-38409

A memory corruption flaw was found in setcon2fbmap in drivers/video/fbdev/core/fbcon.c in the Framebuffer Console in the Linux kernel. This flaw allows a local attacker to crash the system, leading to a denial of service. Mitigation Mitigation for this issue is to skip loading the affected module...

How to Automatically Delete Passcode Texts on Android and iOS

Here’s one simple way to reduce your security risk while logging in...

Hacking AI Resume Screening with Text in a White Font

The Washington Post is reporting on a hack to fool automatic resume sorting programs: putting text in a white font. The idea is that the programs rely primarily on simple pattern matching, and the trick is to copy a list of relevant keywords--or the published job description--into the resume in a...

CVE-2023-30577

AMANDA (backup system) is affected by CVE-2023-30577: the SUID binary runtar mishandles arguments, allowing certain GNU tar options (e.g., starting with --exclude) to be accepted and potentially cause root-level execution. This is a local privilege-escalation path tied to runtar’s argument handli...

CVE-2023-2626

There exists an authentication bypass vulnerability in OpenThread border router devices and implementations. This issue allows unauthenticated nodes to craft radio frames using “Key ID Mode 2”: a special mode using a static encryption key to bypass security checks, resulting in arbitrary IP packe...

CVE-2023-2626

There exists an authentication bypass vulnerability in OpenThread border router devices and implementations. This issue allows unauthenticated nodes to craft radio frames using “Key ID Mode 2”: a special mode using a static encryption key to bypass security checks, resulting in arbitrary IP packe...

Authentication flaw

There exists an authentication bypass vulnerability in OpenThread border router devices and implementations. This issue allows unauthenticated nodes to craft radio frames using “Key ID Mode 2”: a special mode using a static encryption key to bypass security checks, resulting in arbitrary IP packe...

CVE-2023-2626 Authentication Bypass in OpenThread Boarder Router devices

There exists an authentication bypass vulnerability in OpenThread border router devices and implementations. This issue allows unauthenticated nodes to craft radio frames using “Key ID Mode 2”: a special mode using a static encryption key to bypass security checks, resulting in arbitrary IP packe...

WordPress Tranzly: Automatic Translation Plugin <= 2.0.0 is vulnerable to Cross Site Scripting (XSS)

Software Tranzly: Automatic Translation Type Plugin Vulnerable versions = 2.0.0 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 1e66b5ef5eee Credits Rafie Muhammad...