golang: net/netip: Unexpected behavior from Is methods for IPv4-mapped IPv6 addresses

A flaw was found in the Go language standard library net/netip. The method Is IsPrivate, IsPublic, etc doesn't behave properly when working with IPv6 mapped to IPv4 addresses. The unexpected behavior can lead to integrity and confidentiality issues, specifically when these methods are used to...

CVE-2024-33960 SQL injection in Janobe products

SQL injection vulnerability in PayPal, Credit Card and Debit Card Payment affecting version 1.0. An attacker could exploit this vulnerability by sending a specially crafted query to the server and retrieve all the information stored in it through the following 'end' in...

Magniber ransomware targets home users

If you’ve been following any news about ransomware, you may be under the impression that ransomware groups are only after organizations rather than individual people, and for the most part that’s true. However, Magniber is one ransomware that does target home users. And its back, with full force,...

Memory race condition in ssl.SSLContext certificate store methods

...

GHSA-55P7-V223-X366 IdentityServer Open Redirect vulnerability

Impact It is possible for an attacker to craft malicious Urls that certain functions in IdentityServer will incorrectly treat as local and trusted. If such a Url is returned as a redirect, some browsers will follow it to a third-party, untrusted site. Affected Methods - In the...

@75lb/deep-merge Prototype Pollution vulnerability

Prototype Pollution in 75lb deep-merge 1.1.1 allows attackers to execute arbitrary code or cause a Denial of Service DoS and cause other impacts via merge methods of lodash to merge objects...

CVE-2024-38986

Prototype Pollution in 75lb deep-merge 1.1.1 allows attackers to execute arbitrary code or cause a Denial of Service DoS and cause other impacts via merge methods of lodash to merge objects...

NI VeriStand ProjectServer OpenTool Exposed Dangerous Method Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of NI VeriStand. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of service requests in the ProjectServer component. The issue results from...

Moderate: Red Hat Security Advisory: security update Logging for Red Hat OpenShift - 5.6.21

Moderate -- Logging for Red Hat OpenShift - 5.6.21 Logging for Red Hat OpenShift - 5.6.21 golang: net/netip: Unexpected behavior from Is methods for IPv4-mapped IPv6 addresses CVE-2024-24790...

Joomla core 3.0.0-3.10.16-elts,4.0.0-4.4.6,5.0.0-5.1.2 - Unauthenticated XSS vectors in Outputfilter::strip* methods vulnerability

Unauthenticated XSS vectors in Outputfilter::strip methods vulnerability discovered by ? in WordPress Core Joomla versions 3.0.0-3.10.16-elts,4.0.0-4.4.6,5.0.0-5.1.2...

[20240805] - Core - XSS vectors in Outputfilter::strip* methods

Joomla! CMS versions 3.0.0-3.10.16-elts, 4.0.0-4.4.6, 5.0.0-5.1.2...

Moderate: Red Hat Security Advisory: security update Logging for Red Hat OpenShift - 5.8.9

Moderate -- Logging for Red Hat OpenShift - 5.8.9 Logging for Red Hat OpenShift - 5.8.9 golang: net/netip: Unexpected behavior from Is methods for IPv4-mapped IPv6 addresses CVE-2024-24790...

Citrix Virtual Apps and Desktops: Authentication

Introduction This article is a summary of the top support articles and Product Documents related to Citrix Virtual Apps and Desktops Authentication Methods. The most commonly used support articles and guides are below. It is recommended that all customers refer to the product documentation for...

Citrix Daas - Authentication

Introduction This article is a summary of the top support articles and Product Documents related to Citrix DaaS Authentication Methods. The most commonly used support articles and guides are below. It is recommended that all customers refer to the product documentation for configuration related...

Alternate Method to Reverse Image Provisioning Services vDisks (XenServer Direct VHD Boot)

This article describes an alternate method to Reverse Image Provisioning Services vDisks XenServer Direct VHD Boot. Note : Reverse imaging a Provisioning Services PVS vDisk is not the only way to get a vDisk back to your hypervisor for updates. This article explains the versatility associated wit...

XenServer - Overview of Disaster Recovery Options

This article provides an overview of different backup/restore methods available in XenServer for Virtual Machine Metadata. Background Backup/Restore or Site Recover/Disaster Recovery options in XenServer have evolved over recent product versions. This document briefly explains those options...

RADIUS Protocol Vulnerability Exposes Networks to MitM Attacks

Cybersecurity researchers have discovered a security vulnerability in the RADIUS network authentication protocol called BlastRADIUS that could be exploited by an attacker to stage Mallory-in-the-middle MitM attacks and bypass integrity checks under certain circumstances. "The RADIUS protocol allo...

The vulnerability of the web server used by the monitoring and network traffic analysis software in SINEC Traffic Analyzer allows a perpetrator to gain access to modify arbitrary files.

The vulnerability of the web server used by the monitoring and network traffic analysis software in SINEC Traffic Analyzer is related to the use of dangerous HTTP methods. Exploiting this vulnerability can allow a malicious actor to remotely access and modify arbitrary files...

3 New State-Backed Gangs Target Govt Sectors with HEAT Attack Methods

Global cyber gangs are evolving rapidly, wielding advanced techniques and enjoying state sponsorship. Menlo Security’s latest report exposes…...

Malicious code in auto-scaling_methods (RubyGems)

--- -= Per source details. Do not edit below this line.=-...