[SECURITY] [DLA 4404-1] linux security update

Debian LTS Advisory DLA-4404-1 [email protected] https://www.debian.org/lts/security/ Ben Hutchings December 12, 2025 https://wiki.debian.org/LTS Package : linux Version : 5.10.247-1 CVE ID : CVE-2023-53498 CVE-2024-47666 CVE-2024-50143 CVE-2024-57947 CVE-2025-21861 CVE-2025-21887...

PT-2025-31956 · Undefined · Undefined

Hi, I run a following script for a vulnerability test for my home network; nmap 192.168.1.1/24 -n -sP |rg -o "192." scan.txt nmap -sV --script vulners --script-args mincvss=7.0 -iL scan.txt Then I get this Vulner output in port 80; Nmap scan report for 192.168.1.5 Host is up 0.00021s latency. Not...

Advisory ROSA-SA-2025-2804

Software: httpd 2.4.37 OS: ROSA Virtualization 3.0 packageevrstring: httpd-2.4.37-65.rv30.3 CVE-ID: CVE-2023-31122 BDU-ID: 2023-07124 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the modmacro module of the Apache HTTP Server web server involves reading beyond memory boundaries. Exploitation of th...

Advisory ROSA-SA-2025-2556

Software: cups-filters 1.0.35 OS: rosa-server79 packageevrstring: cups-filters-1.0.35-29.0.2.res7 CVE-ID: CVE-2024-47176 BDU-ID: 2024-07643 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the cups-browsed daemon of the CUPS print server is associated with the use of dangerous methods or functions...

Wordfence Intelligence Weekly WordPress Vulnerability Report (December 9, 2024 to December 15, 2024)

Time to wrap up this year and kick-off the new year with a bang! We’re wrapping up the year with ourEnd of Year Holiday Extravaganza , High-Risk Bonus Blitz Challenge , and Superhero Challenge for the Wordfence Bug Bounty Program. Through January 6th, 2025: All in-scope vulnerability types for...

Wordfence Intelligence Weekly WordPress Vulnerability Report (December 2, 2024 to December 8, 2024)

Time to wrap up this year and kick-off the new year with a bang! We’re wrapping up the year with ourEnd of Year Holiday Extravaganza , High-Risk Bonus Blitz Challenge , and Superhero Challenge for the Wordfence Bug Bounty Program. Through January 6th, 2025: All in-scope vulnerability types for...

Top MITRE ATT&CK Tactics and Techniques Leveraged in 2023

The Qualys Threat Research Unit has mapped vulnerabilities and misconfigurations to the MITRE ATT&CK framework tactics and techniques to help you get the attacker’s view. They have also analyzed vulnerabilities and misconfigurations across all our customers to find the top tactics and techniques...

Threat and vulnerability management - No time for complacency

There was some very good news in Coalfires 4th Annual Penetration Risk Report. Most notable was that high-risk vulnerabilities have been cut almost in half since 2018 when we first began reporting our pen testing research derived from thousands of direct client engagements. Also of note, the larg...

Keeping Up with Biden Administration Cybersecurity Mandates

With Wednesday’s sweeping cybersecurity mandates issued by the Biden administration, patching Common Vulnerabilities and Exposures CVEs are top of mind — for both federal and private-sector companies alike — to help prevent damaging intrusions. Intensifying the pressure surrounding the latest rou...

Stable Channel Update for Desktop

The stable channel has been updated to 86.0.4240.183 for Windows, Mac & Linux which will roll out over the coming days/weeks. A list of all changes is available in the log. Interested in switching release channels?Find out how. If you find a new issue, please let us know by filing a bug. The...

Apache Struts2 high-risk vulnerabilities cause the Enterprise Server is the invasion mounted KoiMiner mining Trojan-vulnerability warning-the black bar safety net

0×1 Overview Many business websites use the Apache open source project to build a http server, which is most of the use of the Apache sub-project of Struts in. But since the Apache Struts2 Product code there are more risks, beginning in 2007, Struts2 will frequently broke multiple high-risk...

Wages table actually into hacking weapons Flash emergency patch-bug warning-the black bar safety net

6 month 7 day night, the official Adobe announcement, announced the emergency release security patches fix latest be found the Flash of high-risk vulnerabilities, and the discovery of this vulnerability using the 360 core security advanced Threat Response Team public Acknowledgements. As the...

360 security browser to fix more Chrome kernel vulnerabilities and plugging the hacking of door-vulnerability warning-the black bar safety net

Recently, a new version of 360 browser first to fix the Google Chrome kernel exposed a number of security vulnerabilities, of which more than half of the vulnerabilities are high-risk vulnerability that could be used for arbitrary code execution or DoS attacks. Since the 360 browser uses IE and...

Cisco product experience serious vulnerability, resulting in a large number of devices is facing a remote risk of attack-vulnerability warning-the black bar safety net

! Cisco in their IOS software that patches over 30 vulnerabilities, including a serious remote code execution vulnerability, the vulnerability can be hundreds of thousands of even millions of devices exposed on the network device initiates a remote attack. A total of three vulnerabilities are rat...

Foxit PDF reader there 2 at high-risk vulnerabilities, the vendor has refused to fix? - Vulnerability warning-the black bar safety net

Use Foxit Foxit PDF reader's user to pay special attention to the security researchers which discovered two serious 0day vulnerability, such as not the reader is configured in the secure read mode open file, it would let the attacker on the target computer to execute arbitrary code. Foxit company...

Interpretation of the Lenovo preinstalled programs LSC of the three CVE high-risk vulnerabilities-vulnerability warning-the black bar safety net

! Lenovo PC comes with the program Lenovo Solution Center LSC once in the last year was broke serious security issues. Recently, the program of the plurality of security lead to a three CVE high-risk vulnerabilities three vulnerabilities allow the attacker to achieve providing the right to operat...

Hack, the leader of the” TK found vulnerabilities “Bad Tunnel” can hijack the network traffic, privilege escalation, affecting all versions of Windows-vulnerability warning-the black bar safety net

Did find last night the computer suddenly is the background to occupy a lot of bandwidth, causing the network speed to slow down. This is a Windows and on a massive bug fix update. Where there are two high-risk vulnerabilities for windows95 to Windows 10 will have an impact that can almost be...

Struts2 official re-aeration two high-risk vulnerabilities, there are currently no POC-the exploit-warning-the black bar safety net

! Struts2 some time ago before they broke up s2-0 3 2 high risk vulnerabilities, at the time led to the global use of the Struts2 architecture of the website, almost no one is immune to this security disaster. But in the 6 on 1 December, the global children's joy Festival, the Struts's official...

Through the NVD vulnerability database to see recent vulnerability trends-vulnerability warning-the black bar safety net

2 0 1 6 years has been in the past less than half it's time over the past few years, the vulnerability analysis. The present article will be on the NVD vulnerability database over the last 5 years vulnerability analysis, look at the vulnerability of the development trend is like. Why the choice o...

OpenSSL CVE-2 0 1 6-0 8 0 0 and CVE-2 0 1 6-0 7 0 3 bug fixes the details of pick-up fun-vulnerability warning-the black bar safety net

1. Primer Have been recently and 3 6 0 Nirvan Team DQ430 happy to participate in a encryption vendors of the annual General meeting, the results of openssl is also out of touch lively, maybe really in order to DH brother sent the gift, bitter us these security operations. Thanks to Shawn for...