17 matches found
GHSA-FCVX-5CXC-V5P8 OpenClaw: Slack reaction events could ignore reaction notification settings
Summary Slack reaction events could ignore reaction notification settings. In affected versions, a Slack reaction event delivered to the configured app could enter the agent pipeline even when reaction notifications were disabled. This advisory is scoped to the named feature and configuration. It...
net/rsync -- multiple vulnerabilities
The rsync project reports: Six CVEs are fixed in this release. All six are assigned by VulnCheck as CNA. Affected versions are 3.4.2 and earlier in every case. In addition to the six CVE fixes, this release adds defence-in-depth hardening on several adjacent paths: bounded wire-supplied counts an...
EUVD-2025-27294
Malicious code in bioql PyPI...
CVE-2025-55234
SMB Server might be susceptible to relay attacks depending on the configuration. An attacker who successfully exploited these vulnerabilities could perform relay attacks and make the users subject to elevation of privilege attacks. The SMB Server already supports mechanisms for hardening against...
CVE-2025-55234
SMB Server might be susceptible to relay attacks depending on the configuration. An attacker who successfully exploited these vulnerabilities could perform relay attacks and make the users subject to elevation of privilege attacks. The SMB Server already supports mechanisms for hardening against...
Windows SMB Elevation of Privilege Vulnerability
SMB Server might be susceptible to relay attacks depending on the configuration. An attacker who successfully exploited these vulnerabilities could perform relay attacks and make the users subject to elevation of privilege attacks. The SMB Server already supports mechanisms for hardening against...
PT-2025-36891
Name of the Vulnerable Software and Affected Versions Windows Server Message Block SMB versions prior to September 2025 Patch Tuesday Description The SMB Server may be susceptible to relay attacks depending on the configuration. Successful exploitation of this issue could allow an attacker to...
KB5065509: Windows Server 2012 Security Update (September 2025)
The remote Windows host is missing security update 5065509. It is, therefore, affected by multiple vulnerabilities - SMB Server might be susceptible to relay attacks depending on the configuration. An attacker who successfully exploited these vulnerabilities could perform relay attacks and make t...
SUSE-SU-2025:02248-1 Security update for python-Django
This update for python-Django fixes the following issues: - CVE-2025-48432: Add an additional hardening for CVE-2025-48432 bsc1244095...
About Remote Code Execution – 7-Zip (BDU:2025-01793) vulnerability
About Remote Code Execution - 7-Zip BDU:2025-01793 vulnerability. It's about the fact that files unpacked using 7-Zip don't get the Mark-of-the-Web. As a result, Windows security mechanisms don't block the execution of the unpacked malware. If you remember, there was a similar vulnerability in...
Cisco Issues Urgent Fix for ASA and FTD Software Vulnerability Under Active Attack
Cisco on Wednesday said it has released updates to address an actively exploited security flaw in its Adaptive Security Appliance ASA that could lead to a denial-of-service DoS condition. The vulnerability, tracked as CVE-2024-20481 CVSS score: 5.8, affects the Remote Access VPN RAVPN service of...
How to Mitigate Microsoft Windows 10, 11 SeriousSAM Vulnerability
Microsoft Windows 10 and Windows 11 users are at risk of a new unpatched vulnerability that was recently disclosed publicly. As we reported last week, the vulnerability — SeriousSAM — allows attackers with low-level permissions to access Windows system files to perform a Pass-the-Hash and...
openSUSE Security Update : openvpn (openSUSE-2017-717) (SWEET32)
This update for openvpn fixes the following issues : - CVE-2016-6329: Show which ciphers should no longer be used in openvpn --show-ciphers bsc995374 - CVE-2017-7478: openvpn: Authenticated user can DoS server by using a big payload in PCONTROL bsc1038709 - CVE-2017-7479: openvpn: Denial of Servi...
[SECURITY] [DSA 3035-1] bash security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3035-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso September 25, 2014 http://www.debian.org/security/faq -...
[SECURITY] [DSA 3035-1] bash security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3035-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso September 25, 2014 http://www.debian.org/security/faq -...
Lynis 1.5.9 - Security auditing tool for Unix/Linux systems
Lynis is an open source security auditing tool. Primary goal is to help users with auditing and hardening of Unix and Linux based systems. The software is very flexible and runs on almost every Unix based system including Mac. Even the installation of the software itself is optional! How it works...
Google Fixes Second Set of Chrome Bugs Used in Pwnium Contest
Google has pushed out a patch for the second full sandbox escape exploit used in the Pwnium contest at CanSecWest. The Chrome vulnerabilities that the exploit targeted were discovered by an anonymous researcher who used the name PinkiePie and claimed a $60,000 reward from Google. The attack that...