59 matches found
EUVD-2009-4181
Malware in sbrugna...
EUVD-2018-7748
Malware in sbrugna...
CVE-2018-15892
FreePBX 13 and 14 has SQL Injection in the DISA module via the hangup variable on the /admin/config.php?display=disa=form page...
Erased but Not Forgotten: How Backdoors Compromise Concept Erasure
The expansion of large-scale text-to-image diffusion models has raised growing concerns about their potential to generate undesirable or harmful content, ranging from fabricated depictions of public figures to sexually explicit images. To mitigate these risks, prior work has devised machine...
US Background Check Firm Data Breach Exposes 3.3M Records
A data breach at DISA Global Solutions, a firm providing background checks, and drugs and alcohol testing services,…...
Background check provider data breach affects 3 million people who may not have heard of the company
Employment screening company DISA Global Solutions has filed a data breach notification after a cyber incident on their network. DISA says a third party had access to its environment between February 9, 2024, and April 22, 2024. The attacker may have accessed over three million files containing...
How to Reset Account Lockout for 'Managed Hardened Repository ISO by Veeam'
Purpose This article documents how to unlock the accounts used with the Managed Hardened Repository ISO by Veeam, veeamsvc or vhradmin, when they become locked out. The Managed Hardened Repository ISO by Veeam deploys Rocky Linux with the DISA STIG security profile, which utilizes faillock to loc...
disa-one.de Improper Access Control vulnerability OBB-3816399
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
disa-one.de Improper Access Control vulnerability OBB-3766146
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
disa-shop.com Cross Site Scripting vulnerability OBB-3485340
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
scap-security-guide bug fix and enhancement update
An update is available for scap-security-guide. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The scap-security-guide project provides a guide for configuratio...
Year in Review: Rapid7 Vulnerability Management
2022 began on a solemn note — many organizations across the globe were recovering from the Log4Shell zero-day vulnerability. For the InsightVM and Nexpose team, 2022 began with a lot of introspection on how we can add more value and keep meeting our customer needs in the best possible ways. This...
Moderate: Red Hat Security Advisory: RHV Appliance (rhvm-appliance) security update [ovirt-4.5.0]
Updated RHV-M Appliance packages that fix several bugs and add various enhancements are now available. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is availabl...
Low: Red Hat Security Advisory: RHV RHEL Host (ovirt-host) [ovirt-4.5.0] security update
Updated host packages that fix several bugs and add various enhancements are now available. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...
How to Add RHEL 8/9 Using NIST 800-171 or DISA STIG Security Profile to Veeam Backup & Replication
Product Enhancement Starting in Veeam Backup & Replication 12.1.2, both DISA STIG and NIST profiles are now natively supported without any need to perform the manual tasks documented in this article. Purpose This article documents the additional procedures required to add a Linux machine to Veeam...
openscap bug fix and enhancement update
The OpenSCAP suite enables integration of the Security Content Automation Protocol SCAP line of standards. The openscap packages provide the OpenSCAP library and the oscap utility that provides various SCAP capabilities. Bug Fixes and Enhancements: Error when scanning DISA-STIG OpenSCAP profile o...
openscap bug fix and enhancement update
An update is available for openscap. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The OpenSCAP suite enables integration of the Security Content Automation...
Important: fapolicyd bug fix update
The fapolicyd software framework introduces a form of file access control based on a user-defined policy. The application file access control feature provides one of the most efficient ways to prevent running untrusted and possibly malicious applications on the system. Bug Fixes: When an update...
(RHSA-2020:5607) Important: fapolicyd bug fix update
The fapolicyd software framework introduces a form of file access control based on a user-defined policy. The application file access control feature provides one of the most efficient ways to prevent running untrusted and possibly malicious applications on the system. Bug Fixes: When an update...
fapolicyd bug fix update
1.0-3.0.1.4 - Increase dbmaxsize to 100M 1.0-3.4 RHEL 8.3.Z ERRATUM - Adding DISA STIG during OS installation causes 'ipa-server-install' to fail rhel-8.3.0.z - fixed java detection Resolves: rhbz1905895 - Erratum RHBA-2020:4969 is of no help when upgrading partially RHEL 8.2 systems rhel-8.3.0.z...