ROS-20241211-02

CREATE POLICY row-protected table security policy vulnerability in the PostgreSQL database management system PostgreSQL is related to a lack of consistency between independent views of shared state. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary...

FIN7 Group Advertises Security-Bypassing Tool on Dark Web Forums

The financially motivated threat actor known as FIN7 has been observed using multiple pseudonyms across several underground forums to likely advertise a tool known to be used by ransomware groups like Black Basta. "AvNeutralizer aka AuKill, a highly specialized tool developed by FIN7 to tamper wi...

Exploit for Improper Ownership Management in Debian Debian_Linux

README gcc -Wall exp.c pkg-config fuse --cflags --libs...

Security Bulletin: IBM Java SDK and IBM Java Runtime for IBM i are vulnerable to bypassing security restrictions, denial of service attacks, and data integrity impacts due to multiple vulnerabilities.

Summary IBM® SDK Java™ Technology Edition and IBM® Runtime Environment Java™ used by IBM i are vulnerable to bypassing security restrictions, denial of service attacks, and allowing an unauthenticated attacker to modify data as seen in the vulnerability details section CVE-2022-3676,...

Microsoft Translation Bugs Open Edge Browser to Trivial UXSS Attacks

Microsoft patched two bugs in its Chromium-based Edge browser last week, one of which could be used by an attacker to bypass security and to remotely inject and execute arbitrary code on any website just by sending a message. That security-bypassing bug, CVE-2021-34506, is rated CVSS 5.4, or...