How to better protect your growing business in an AI-powered world

AI is rapidly reshaping how work gets done in companies and organizations. In celebrating National Small Business Month, we want to acknowledge the unique challenges that growing business leaders face as AI creates both opportunity and risk. They face constant tradeoffs between moving fast,...

Security update for openjpeg2

This update for openjpeg2 fixes the following issues: CVE-2023-39327: Fixed malicious files can cause a large loop that continuously prints warning messages on the terminal bsc1227412. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST...

eopkg 安全漏洞

eopkg is an open source package manager from GetSolus. A security vulnerability exists in eopkg versions prior to 4.4.0, which stems from the possibility that a malware package may contain files that are not tracked by eopkg, resulting in the relevant tools being unable to display these files...

Embedded Malicious Code

Overview Affected versions of this package are vulnerable to Embedded Malicious Code. Compromised versions of this package contain a file called bundle.js that exfiltrates secrets from the user's accounts, including credentials and API tokens. It also downloads malicious files and repackages them...

Embedded Malicious Code

Overview Affected versions of this package are vulnerable to Embedded Malicious Code. Compromised versions of this package contain a file called bundle.js that exfiltrates secrets from the user's accounts, including credentials and API tokens. It also downloads malicious files and repackages them...

Embedded Malicious Code

Overview Affected versions of this package are vulnerable to Embedded Malicious Code. Compromised versions of this package contain a file called bundle.js that exfiltrates secrets from the user's accounts, including credentials and API tokens. It also downloads malicious files and repackages them...

The vulnerability of the MySQL Data Source Handler component of the Apache Linkis application connection, management, and orchestration software allows a attacker to execute arbitrary code.

The vulnerability of the MySQL Data Source Handler component of the Apache Linkis connection management and orchestration software lies in defects in the deserialization mechanism. Exploiting this vulnerability allows a malicious actor to execute arbitrary code by introducing specially crafted...

The vulnerability of the CI/CD pipeline editor of a Git-based software platform for collaborative code development on GitLab allows a hacker to trigger a service failure.

The vulnerability of the CI/CD pipeline editor of a Git-based software platform for collaborative code development on GitLab is related to an uncontrolled resource consumption. Exploiting this vulnerability can allow a malicious actor to cause service interruptions using specially created malware...

The vulnerabilities of PDF viewing and editing programs like Adobe Acrobat Document Cloud, Adobe Acrobat Reader Document Cloud, Adobe Acrobat 2020, and Adobe Acrobat Reader 2020 are related to the issue of operations occurring outside the buffer in memory. This allows attackers to gain unauthorized access to protected information.

The vulnerability of PDF viewing and editing programs such as Adobe Acrobat Document Cloud, Adobe Acrobat Reader Document Cloud, Adobe Acrobat 2020, and Adobe Acrobat Reader 2020 is related to the issue of operations going beyond the buffer in memory when processing embedded fonts. Exploiting thi...

The vulnerability of Microsoft Edge and Google Chrome browsers, related to the lack of measures taken to protect the structure of web pages, allows attackers to perform spear-phishing attacks.

The vulnerability of Microsoft Edge and Google Chrome lies in the lack of measures taken to protect the structure of web pages. Exploiting this vulnerability allows a malicious actor to carry out spear-phishing attacks by opening specially created malware files or specially created malicious link...

The vulnerability of Huawei FLMG-10 Bluetooth speakers’ microprogramming software, related to authentication mechanisms that lack sufficient protection, allows attackers to gain full control over the device.

The vulnerability of Huawei FLMG-10 Bluetooth speakers’ microprogramming software is related to deficiencies in the authentication mechanism. Exploiting this vulnerability could allow attackers to gain full control over the device by loading specially created malware files...

The vulnerability of the software package for creating human-machine interfaces, Advantech WebAccess HMI Designer, relates to writing beyond the buffer memory boundaries, allowing an attacker to execute arbitrary code.

The vulnerability of the software package for creating human-machine interfaces, Advantech WebAccess HMI Designer, is related to writing code beyond the buffer memory boundaries. Exploiting this vulnerability allows a malicious actor to execute arbitrary code on the target system using specially...

maltran - Tool To Download Malware Exercises From MALware-TRaffic-ANalysis.net

This tool was developed with the purpose of furthering and organizing access to traffic analysis exercises and malware files captured and published almost daily. Maltran makes the views and downloads exercises and malspams easier in an extremely simple and organized way. Visit website...

Malware Can Bypass Chrome Extension Security Feature Easily

Researchers have uncovered a new social engineering trick that leads users to a malicious extension from Google Chrome impersonating to deliver Adobe’s Flash Player in order to lure victims in a click fraud campaign. Security experts at TrendMicro believe that the malware is triggered by opening...

openSUSE Security Update : chromium (openSUSE-SU-2014:0243-1)

Chromium was updated to version 32.0.1700.102: Stable channel update : - Security Fixes : - CVE-2013-6649: Use-after-free in SVG images - CVE-2013-6650: Memory corruption in V8 - and 12 other fixes - Other : - Mouse Pointer disappears after exiting full-screen mode - Drag and drop files into...

SuSE Update for chromium openSUSE-SU-2014:0243-1 (chromium)

Check for the Version of chromium OpenVAS Vulnerability Test $Id: gbsuse201402431.nasl 8044 2017-12-08 08:32:49Z santu $ SuSE Update for chromium openSUSE-SU-2014:0243-1 chromium Authors: System Generated Check Copyright: Copyright C 2014 Greenbone Networks GmbH, http://www.greenbone.net This...

chromium to 32.0.1700.102 (important)

Chromium was updated to version 32.0.1700.102: Stable channel update: - Security Fixes: CVE-2013-6649: Use-after-free in SVG images CVE-2013-6650: Memory corruption in V8 and 12 other fixes - Other: Mouse Pointer disappears after exiting full-screen mode Drag and drop files into Chromium may not...

CVE-2006-3830

The Languages selection in the admin interface in Kailash Nadh boastMachine formerly bMachine 3.1 and earlier allows remote authenticated administrators to upload files with arbitrary extensions to the bmc/Inc/Lang directory. NOTE: because the uploaded files cannot be accessed through HTTP, this...