8752 matches found
DOS Vulnerability discovered in SonicWall Next-Generation Firewall
THREAT LEVEL: Amber For a detailed advisory, download the pdf file here SonicWall, a manufacturer of security hardware discovered a flaw in their SonicOS security operating system that allows denial of service DoS attacks and could lead to remote code execution RCE. The identified vulnerability...
SUSE: Security Advisory (SUSE-SU-2022:1023-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Muhstik botnet adds another vulnerability exploit to its arsenal
THREAT LEVEL: Red. For a detailed advisory, download the pdf file here Muhstik malware has begun attacking Redis Servers by exploiting a recently reported vulnerability, CVE-2022-0543. This flaw can be found in several Redis Debian packages. The attack began on March 11, 2022, and was carried out...
Apple Xcode out-of-bounds read vulnerability (CNVD-2022-23933)
Apple Xcode is an integrated development environment provided to developers by Apple, Inc. and is primarily used to develop applications for Mac OS X and iOS. Apple Xcode suffers from an out-of-bounds read vulnerability, which stems from a boundary error when processing files in otool and can be...
Apple Xcode out-of-bounds read vulnerability (CNVD-2022-23935)
Apple Xcode is an integrated development environment provided to developers by Apple, Inc. and is primarily used to develop applications for Mac OS X and iOS. Apple Xcode suffers from an out-of-bounds read vulnerability, which stems from a boundary error when processing files in otool and can be...
Apple Xcode out-of-bounds read vulnerability (CNVD-2022-23934)
Apple Xcode is an integrated development environment provided to developers by Apple, Inc. and is primarily used to develop applications for Mac OS X and iOS. Apple Xcode suffers from an out-of-bounds read vulnerability, which stems from a boundary error when processing files in otool and can be...
Apple Xcode out-of-bounds read vulnerability (CNVD-2022-23936)
Apple Xcode is an integrated development environment provided to developers by Apple, Inc. and is primarily used to develop applications for Mac OS X and iOS. Apple Xcode suffers from an out-of-bounds read vulnerability, which stems from a boundary error when processing files in otool and can be...
[SECURITY] Fedora 36 Update: python-pillow-9.0.1-5.fc36
Python image processing library, fork of the Python Imaging Library PIL This library provides extensive file format support, an efficient internal representation, and powerful image processing capabilities. There are four subpackages: tk tk interface, qt PIL image wrapper for Qt, devel developmen...
[SECURITY] Fedora 36 Update: OpenSceneGraph-3.6.5-5.fc36
The OpenSceneGraph is an OpenSource, cross platform graphics toolkit for the development of high performance graphics applications such as flight simulators, games, virtual reality and scientific visualization. Based around the concept of a SceneGraph, it provides an object oriented framework on...
North Korean state-sponsored threat actor Lazarus Group exploiting Chrome Zero-day vulnerability
THREAT LEVEL: Red. For a detailed advisory, download the pdf file here For more than a month before a fix was available, North Korean state hackers known as Lazarus group exploited a zero-day, remote code execution vulnerability CVE-2022-0609 in Google Chromes web browser. The attack mainly targe...
How a leading Microsoft engineer extends culture to service resiliency
It’s hard to underestimate the impact that people can have on us in our formative years. Huiwen Ru, who spent several years working in identity and access management and is now a Principal Software Engineering Manager on the Singularity team at Microsoft, is a living example of how important...
Apple Xcode out-of-bounds read vulnerability (CNVD-2022-23939)
Apple Xcode is an integrated development environment provided to developers to develop applications for Mac OS X and iOS. Apple Xcode is vulnerable to an out-of-bounds read vulnerability that could be exploited by remote attackers to submit special application requests and trick users into parsin...
OpenSSL exposed to Denial-of-service vulnerability causing Infinite Loop
THREAT LEVEL: Amber. For a detailed advisory, download the pdf file here. A security flaw exists in OpenSSL software library that could lead to a denial-of-service DoS condition when parsing certificates. The vulnerability, identified as CVE-2022-0778, arises from parsing a malformed certificate...
Attackers Escape Kubernetes Containers using “cr8escape” Vulnerability in CRI-O
THREAT LEVEL: Red. For a detailed advisory, download the pdf file here. A flaw in CRI-O, an open-source Linux implementation of Kubernetes Container Runtime Interface CRI, was discovered that may allow an attacker to gain remote control of servers and potentially poison the container with attack...
Exploit for Cross-Site Request Forgery (CSRF) in Irz Ru21_Firmware
ez-iRZ Exploit for CVE-2022-27226 Cross Site Request Forgery...
Apple Xcode out-of-bounds read vulnerability
Apple Xcode is an integrated development environment provided by Apple, Inc. for developers to develop applications for Mac OS X and iOS. A remote attacker could use this vulnerability to cause an application to terminate unexpectedly or execute arbitrary code via a maliciously crafted file...
SUSE: Security Advisory (SUSE-SU-2022:0860-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Moderate: libxml2 security update
The libxml2 library is a development toolbox providing the implementation of various XML standards. Security Fixes: libxml2: Use-after-free of ID and IDREF attributes CVE-2022-23308 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related...
java-11-openjdk bug fix and enhancement update
The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Bug Fixes: The previous OpenJDK 11 release, 11.0.14, was found to contain a regression introduced by improvements to the HTTP client. It caused both the :authority' and...
SUSE: Security Advisory (SUSE-SU-2022:0828-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...