EUVD-2016-1788

Malware in sbrugna...

ROS-20241015-13

A vulnerability in the libceph component of the Linux kernel is related to incorrect input validation of the in the getreply and prepnextsparseread functions in net/ceph/osdclient.c, in the decrypttail and preparereadtailplain in net/ceph/messengerv2.c, in sizeoffooter, readpartialsparsemsgdata,...

ROS-20240329-04

ASP.NET Core software platform vulnerability is due to security configuration errors. Exploitation The exploitation of the vulnerability may allow an intruder to disclose protected information...

Advisory ROSA-SA-2023-2232

Software: firefox 102.14.0 OS: rosa-server79 packageevrstring: firefox-102.14.0-3.res7.x8664.rpm CVE-ID: CVE-2023-3417 BDU-ID: 2023-03965 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the Thunderbird email client exists due to improper handling of the Unicode character for overriding text directio...

The vulnerability of the BitLocker data protection function of the Microsoft Windows operating system, which allows a hacker to bypass the authentication process

The vulnerability of the BitLocker data protection function in the Microsoft Windows operating system is related to security configuration errors. Exploiting this vulnerability can allow an attacker to bypass the authentication process...

The vulnerabilities of NETGEAR Wi-Fi router software models D7800, EX6250, EX7700, LBR20, RBS50Y, R8900, R9000, XR450, XR500, XR700, EX7320, RAX120, EX7300v2, RAX120v2, EX6410, RBR10, RBR20, RBR40, RBR50, and EX6420, RBS10, RBS20, RBS40, RBS50, EX6400v2, RBK12, RBK20, RBK40, RBK50 stem from security configuration errors. These errors allow attackers to compromise the integrity, accessibility, and confidentiality of protected information.

The vulnerabilities of NETGEAR Wi-Fi router software models D7800, EX6250, EX7700, LBR20, RBS50Y, R8900, R9000, XR450, XR500, XR700, EX7320, RAX120, EX7300v2, RAX120v2, EX6410, RBR10, RBR20, RBR40, RBR50, and EX6420, RBS10, RBS20, RBS40, RBS50, EX6400v2, RBK12, RBK20, RBK40, RBK50 are related to...

CLSA-2021-1632262221 Fix of CVE: CVE-2020-8517, CVE-2021-28651, CVE-2020-15049, CVE-2020-8449, CVE-2020-8450, CVE-2020-24606, CVE-2020-25097, CVE-2020-11945, CVE-2020-14058

CVE-2020-15049: fix incorrect validation of Content-Length field leading to Http smuggling and Poisoning attack - CVE-2020-14058: fix handling of unknown SSL errors which resulted in denial of service - CVE-2020-25097: fix improper input validation allowing HTTP smuggling from trusted client -...

The vulnerability of Huawei’s mobile phone microprogramming software, related to security mechanism errors, allows a perpetrator to gain unauthorized access to protected data.

The vulnerability of Huawei’s mobile phone microprogramming software is related to security mechanism errors. Exploiting this vulnerability can allow a hacker to gain unauthorized access to protected data...

Verizon DBIR: Web App Attacks and Security Errors Surge

Verizon’s 2020 Data Breach Investigations Report DBIR, released Tuesday, analyzed 32,002 security incidents and 3,950 data breaches to sniff out the top causes of data breaches over the past year. While cyber-espionage attacks and malware decreased, other trends, such as security “errors” cloud...

Navigating an Uncharted Future, Bug Bounty Hunters Seek Safe Harbors

When researcher Kevin Finisterre found a security error in drone-maker DJI’s systems enabling him to access flight log data and images of customers, he thought he had hit the $30,000 jackpot as part of the drone company’s newly announced bug bounty program. Instead, when the incident occurred in...

opera to 12.01 (important)

Opera was updated to version 12.1, fixing various bugs and security issues. http://www.opera.com/docs/changelogs/unix/1201/ Fixes and Stability Enhancements since Opera 12.00 General and User Interface Several general fixes and stability improvements Website thumbnail memory usage improvements...