96 matches found
CVE-2021-47129
In the Linux kernel, the following vulnerability has been resolved: netfilter: nftct: skip expectations for confirmed conntrack nftctexpectobjeval calls nfctextadd for a confirmed conntrack entry. However, nfctextadd can only be called for !nfctisconfirmed. 1825.349056 WARNING: CPU: 0 PID: 1279 a...
CVE-2021-47129
In the Linux kernel, the following vulnerability has been resolved: netfilter: nftct: skip expectations for confirmed conntrack nftctexpectobjeval calls nfctextadd for a confirmed conntrack entry. However, nfctextadd can only be called for !nfctisconfirmed. 1825.349056 WARNING: CPU: 0 PID: 1279 a...
UBUNTU-CVE-2021-47129
In the Linux kernel, the following vulnerability has been resolved: netfilter: nftct: skip expectations for confirmed conntrack nftctexpectobjeval calls nfctextadd for a confirmed conntrack entry. However, nfctextadd can only be called for !nfctisconfirmed. 1825.349056 WARNING: CPU: 0 PID: 1279 a...
CVE-2021-47129
In the Linux kernel, the following vulnerability has been resolved: netfilter: nftct: skip expectations for confirmed conntrack nftctexpectobjeval calls nfctextadd for a confirmed conntrack entry. However, nfctextadd can only be called for !nfctisconfirmed. 1825.349056 WARNING: CPU: 0 PID: 1279 a...
Achieving NIST CSF 2.0 Top Tier Adaptable Status
An Overview of NIST CSF 2.0 The National Institute of Standards and Technology NIST recently updated its popular Cybersecurity Framework CSF to version 2.0 to help organizations reduce cybersecurity risks. Designed for virtually all industry sectors, from small to medium businesses SMBs to larger...
When the returnNative parameter is set to true in the _params provided to MoneyMarketHook.execute, it is not handled properly and could disrupt user expectations
Lines of code Vulnerability details Impact When param.returnNative is set to true while calling MoneyMarketHook.execute, users expect the returned token from the withdraw operation to be in native form and sent to the caller. However, in the current implementation, this is not considered and coul...
mariadb: MariaDB through 10.5.9 allows a sql_parse.cc application crash because of incorrect used_tables expectations
MariaDB through 10.5.9 allows a sqlparse.cc application crash because of incorrect usedtables expectations...
CVE-2023-21262
In startInput of AudioPolicyInterfaceImpl.cpp, there is a possible way of erroneously displaying the microphone privacy indicator due to a race condition. This could lead to false user expectations. User interaction is needed for exploitation...
Race condition
In startInput of AudioPolicyInterfaceImpl.cpp, there is a possible way of erroneously displaying the microphone privacy indicator due to a race condition. This could lead to false user expectations. User interaction is needed for exploitation...
CVE-2023-21262
In startInput of AudioPolicyInterfaceImpl.cpp, there is a possible way of erroneously displaying the microphone privacy indicator due to a race condition. This could lead to false user expectations. User interaction is needed for exploitation...
Why Now? The Rise of Attack Surface Management
The term "attack surface management" ASM went from unknown to ubiquitous in the cybersecurity space over the past few years. Gartner and Forrester have both highlighted the importance of ASM recently, multiple solution providers have emerged in the space, and investment and acquisition activity...
abi-ds-utils (=1.0.1), acryl-datahub-airflow-plugin (>=0.8.44.4 <=0.9.2.1rc2) +139 more potentially affected by CVE-2023-29005 via flask-appbuilder (>=1.10.0 <=4.1.4)
flask-appbuilder PYPI version =1.10.0, =0.8.44.4, =0.1.0rc3, =0.1.0, =2022.9.19, =0.2.9b1, =1.0.7, =0.5.1, =0.2.0, =0.1.0, =1.0.0, =0.0.7, =0.0.1, =0.0.3, =0.0.6, =0.0.8 and more Source cves: CVE-2023-29005 Source advisory: OSV:GHSA-9HCR-9HCV-X6PV...
Everything you need to know about HITRUST v11
HITRUST v11 is finally here. In this blog post, Coalfire HITRUST experts provide guidance to address the key details surrounding the transition timelines and what organizations can expect with the latest version...
mariadb: MariaDB through 10.5.9 allows a sql_parse.cc application crash because of incorrect used_tables expectations
MariaDB through 10.5.9 allows a sqlparse.cc application crash because of incorrect usedtables expectations...
mariadb: MariaDB through 10.5.9 allows a sql_parse.cc application crash because of incorrect used_tables expectations
MariaDB through 10.5.9 allows a sqlparse.cc application crash because of incorrect usedtables expectations...
Private 5G Network Security Expectations Part 2
The importance of proof of “security” concepts in private 5G networks: Are verifications of system operations and new functions sufficient for your proof of concept in private wireless networks?...
The Myths of Ransomware Attacks and How To Mitigate Risk
Today's modern companies are built on data, which now resides across countless cloud apps. Therefore preventing data loss is essential to your success. This is especially critical for mitigating against rising ransomware attacks — a threat that 57% of security leaders expect to be compromised by...
Locust Stored Cross-site Scripting Vulnerability
A stored cross-site scripting XSS vulnerability affects the Web UI in Locust before 1.3.2, if the installation violates the usage expectations by exposing this UI to outside users...
What Generation Z can teach us about cybersecurity
Girl Security National Security Fellows Program fellow Amulya, a 17-year-old interested in countering online disinformation, said she feels her sense of personal privacy has been largely nonexistent “growing up in a media-saturated world.” She believes her sense of privacy was stolen by a...
What Generation Z can teach us about cybersecurity
Girl Security National Security Fellows Program fellow Amulya, a 17-year-old interested in countering online disinformation, said she feels her sense of personal privacy has been largely nonexistent “growing up in a media-saturated world.” She believes her sense of privacy was stolen by a...