5 matches found
Imperva defends customers against recent vulnerabilities in Apache OFBiz
On December 26, researchers from SonicWall Capture Labs discovered an authentication bypass vulnerability in Apache OFBiz, tracked as CVE-2023-51467. This bug has a CVSS score of 9.8 and allows attackers to achieve server-side request forgery SSRF by bypassing the program’s authentication. This...
GSD-2023-1001292 x86/MCE/AMD: Clear DFR errors found in THR handler
x86/MCE/AMD: Clear DFR errors found in THR handler This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.163 by commit...
GSD-2023-1000944 x86/MCE/AMD: Clear DFR errors found in THR handler
x86/MCE/AMD: Clear DFR errors found in THR handler This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.87 by commit...
PT-2023-34369 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.10.163 Description: A potential security issue has been identified in the Linux Kernel related to the handling of DFR errors in the THR handler on x86/AMD systems. The actual impact and attack plausibility ha...
Twin zero-day attacks: PROMETHIUM and NEODYMIUM target individuals in Europe
Targeted attacks are typically carried out against individuals to obtain intellectual property and other valuable data from target organizations. These individuals are either directly in possession of the targeted information or are able to connect to networks where the information resides...