Linux Distros Unpatched Vulnerability : CVE-2024-58036

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Net::Dropbox::API 1.9 and earlier for Perl uses the rand function as the default source of entropy, which is not cryptographically secure, for cryptographic...

CVE-2024-56370 Net::Xero 0.044 and earlier for Perl uses insecure rand() function for cryptographic functions

Net::Xero 0.044 and earlier for Perl uses the rand function as the default source of entropy, which is not cryptographically secure, for cryptographic functions. Specifically Net::Xero uses the Data::Random library which specifically states that it is "Useful mostly for test programs". Data::Rand...

DEBIAN-CVE-2024-58036

Net::Dropbox::API 1.9 and earlier for Perl uses the rand function as the default source of entropy, which is not cryptographically secure, for cryptographic functions. Specifically Net::Dropbox::API uses the Data::Random library which specifically states that it is "Useful mostly for test...

AZL-56333 CVE-2025-21683 affecting package kernel for versions less than 6.6.76.1-1

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix bpfskselectreuseport memory leak As pointed out in the original comment, lookup in sockmap can return a TCP ESTABLISHED socket. Such TCP socket may have had SOATTACHREUSEPORTEBPF set before it was ESTABLISHED. In other...

The joy of phishing your employees

Many companies set up phishing test programs for their employees, often as part of a compliance requirement involving ongoing employee education on security topics. The aim of these programs is to train employees on how to spot a malicious link, not click it, and forward it on to the appropriate...