SUSE: Security Advisory (SUSE-SU-2012:1155-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

HackerOne: Report Bulk endpoint "agree-on-going-public" action may reveal Report disclosure state for invite-only programs

Hello, Hope you are doing well, SUMMARY -In hackerone user doesn't have permission to do any action like "disclosing/undiclosing" in disclosed report. -Here user can send the "cancel-disclosure-request" request to the server and server accepts the request gave 200ok response with ""flash":"The...

Where Bug Bounty Programs Fall Flat

Eavesdropping on the chatter of 600+ cybercriminal forums shows that cybercriminals have specific preferences, shown by the flavors of exploits they requisition, and that the bug bounty programs either are too slow, don’t pay enough or are just the start of profit-making. A year-long study into t...

CVE-2021-31440

This vulnerability allows local attackers to escalate privileges on affected installations of Linux Kernel 5.11.15. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of...

CVE-2021-31440

This vulnerability allows local attackers to escalate privileges on affected installations of Linux Kernel 5.11.15. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of...

DEBIAN-CVE-2021-31440

This vulnerability allows local attackers to escalate privileges on affected installations of Linux Kernel 5.11.15. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of...

CVE-2021-31440

This vulnerability allows local attackers to escalate privileges on affected installations of Linux Kernel 5.11.15. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of...

Design/Logic Flaw

This vulnerability allows local attackers to escalate privileges on affected installations of Linux Kernel 5.11.15. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of...

CVE-2021-31440

This vulnerability allows local attackers to escalate privileges on affected installations of Linux Kernel 5.11.15. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of...

CVE-2021-31440

This vulnerability allows local attackers to escalate privileges on affected installations of Linux Kernel 5.11.15. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of...

Rapid7's 2021 ICER Takeaways: Vulnerability Disclosure Programs Among the Fortune 500

This blog post covers key takeaways from our 2021 Industry Cyber-Exposure Report ICER: Fortune 500. Every major corporation on Earth is a technology company. It is unthinkable that a business that generates billions of dollars in revenue and employs thousands of workers would not have a significa...

ALEA-2021:1755 new module: swig:4.0

The simplified wrapper and interface generator SWIG is a software development utility to connect C, C++, and Objective C programs with a variety of high-level programming languages. SWIG is used to create high-level interpreted programming environments, systems integration, and as a utility for...

[SECURITY] Fedora 34 Update: kernel-headers-5.11.20-300.fc34

Kernel-headers includes the C header files that specify the interface between the Linux kernel and userspace libraries and programs. The header files define structures and constants that are needed for building most standard programs and are also needed for rebuilding the glibc package...

How to Get into the Bug-Bounty Biz: The Good, Bad and Ugly

Zero-day disclosures, those known bugs without a fix, can have potentially catastrophic results. One of the best ways to combat them is by discovering them before the bad guys do. Some of the biggest tech brands on the planet have been pummeled by a rash of high-profile zero-day exploits. In the...

Big Cybersecurity Tips For Remote Workers Who Use Their Own Tech

As the total number of people working from home has grown dramatically in the last year or two, so has the number of individuals who use all of their own technology for their jobs. If you're a remote worker who relies on your own PC to get your work done, then you may be at a heightened risk for...

Ransomware Going for $4K on the Cyber-Underground

In the cybercriminal underground, ransomware samples and builders are going for anywhere between $300 to $4,000, with ransomware-as-a-service rentals costing $120 to $1,900 per year. That’s according to an analysis by Kaspersky of the three main underground forums where ransomware is circulated...

[SECURITY] Fedora 32 Update: kernel-headers-5.11.19-100.fc32

Kernel-headers includes the C header files that specify the interface between the Linux kernel and userspace libraries and programs. The header files define structures and constants that are needed for building most standard programs and are also needed for rebuilding the glibc package...

Earn up to $10K from the Opera Bug Bounty program

Security Earn up to $10K from the Opera Bug Bounty program Share April 30th, 2021 Join the Opera Bug Bounty program, find vulnerabilities in scope, tell us how you did it, and collect rewards. We pay up to $10K for confirmed high-value submissions. Opera has two bug bounty programs operated by...

EulerOS 2.0 SP3 : mariadb (EulerOS-SA-2021-1815)

According to the versions of the mariadb packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Vulnerability in the MySQL Client product of Oracle MySQL component: C API. Supported versions that are affected are 5.6.46 and prior, 5.7.28 a...

PT-2021-4226 · Linux +7 · Linux Kernel +7

Name of the Vulnerable Software and Affected Versions: Linux Kernel version 5.11.15 Description: This issue allows local attackers to escalate privileges on affected installations. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit th...