Unisoc (Shanghai) Technologies Co., Ltd. Security Vulnerabilities

Scaling Security Operations with Automation

In an increasingly complex and fast-paced digital landscape, organizations strive to protect themselves from various security threats. However, limited resources often hinder security teams when combatting these threats, making it difficult to keep up with the growing number of security incidents.....

RedHat Update for tomcat RHSA-2017:3081-01

The remote host is missing an update for...

RedHat Update for tomcat6 RHSA-2015:0991-01

The remote host is missing an update for...

Powering the future of ThreatDown with AI

Nobody can deny the influence of AI today. In just a few years, we have observed AI's capacity to be as transformative as the internet and smartphones, especially for cybersecurity. Indeed, the potential of AI to radically simplify complex security environments is unmistakable, and aligns closely.....

RedHat Update for tomcat6 RHSA-2014:1038-01

The remote host is missing an update for...

RedHat Update for tomcat6 RHSA-2014:0429-01

The remote host is missing an update for...

RedHat Security Advisory RHSA-2009:1563

The remote host is missing updates announced in advisory RHSA-2009:1563. Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages (JSP) technologies. It was discovered that the Red Hat Security Advisory RHSA-2008:0195 did not address all possible flaws in the way Tomcat...

RedHat Update for tomcat6 RHSA-2014:0865-01

The remote host is missing an update for...

Arbitrary File Download Vulnerability in DSS of Zhejiang Dahua Technology Co.(CNVD-2024-10023)

Zhejiang Dahua Technology Co., Ltd. is a supplier of surveillance products and solution service provider. Zhejiang Dahua Technology Co., Ltd DSS has an arbitrary file download vulnerability that can be exploited by attackers to obtain sensitive...

RedHat Update for tomcat6 RHSA-2017:3080-01

The remote host is missing an update for...

RedHat Update for tomcat RHSA-2014:0827-01

The remote host is missing an update for...

DOJ Arrests Founders of Crypto Mixer Samourai for $2 Billion in Illegal Transactions

The U.S. Department of Justice (DoJ) on Wednesday announced the arrest of two co-founders of a cryptocurrency mixer called Samourai and seized the service for allegedly facilitating over $2 billion in illegal transactions and for laundering more than $100 million in criminal proceeds. To that end,....

Why CISA is Warning CISOs About a Breach at Sisense

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) said today it is investigating a breach at business intelligence company Sisense, whose products are designed to allow companies to view the status of multiple third-party online services in a single dashboard. CISA urged all Sisense....

RedHat Update for tomcat RHSA-2017:2247-01

The remote host is missing an update for...

RedHat Update for tomcat6 RHSA-2011:0791-01

The remote host is missing an update for...

RedHat Update for java-1.7.0-openjdk RHSA-2015:1230-01

The remote host is missing an update for...

RedHat Update for tomcat RHSA-2017:0935-01

The remote host is missing an update for...

RedHat Update for tomcat5 RHSA-2011:1845-01

The remote host is missing an update for...

Karaf v4.4.3 Console - Remote Code Execution Exploit

...

RedHat Update for tomcat6 RHSA-2017:0527-01

The remote host is missing an update for...

RedHat Update for tomcat5 RHSA-2012:0474-01

The remote host is missing an update for...

RedHat Update for tomcat RHSA-2014:0686-01

The remote host is missing an update for...

RedHat Update for tomcat5 RHSA-2013:0870-01

The remote host is missing an update for...

RedHat Update for tomcat6 RHSA-2011:1780-01

The remote host is missing an update for...

openSUSE Security Update : the Linux Kernel (openSUSE-2019-536) (Spectre)

The openSUSE Leap 15 kernel was updated to receive various security and bugfixes. The following security bugs were fixed : CVE-2018-13406: An integer overflow in the uvesafb_setcmap function could have result in local attackers being able to crash the kernel or potentially elevate...

CVE-2024-23823

vantage6 is an open source framework built to enable, manage and deploy privacy enhancing technologies like Federated Learning and Multi-Party Computation. The vantage6 server has no restrictions on CORS settings. It should be possible for people to set the allowed origins of the server. The...

CVE-2024-23823

vantage6 is an open source framework built to enable, manage and deploy privacy enhancing technologies like Federated Learning and Multi-Party Computation. The vantage6 server has no restrictions on CORS settings. It should be possible for people to set the allowed origins of the server. The...

Russian Hacker Dmitry Khoroshev Unmasked as LockBit Ransomware Administrator

The U.K. National Crime Agency (NCA) has unmasked the administrator and developer of the LockBit ransomware operation, revealing it to be a 31-year-old Russian national named Dmitry Yuryevich Khoroshev. In addition, Khoroshev has been sanctioned by the U.K. Foreign, Commonwealth and Development...

RedHat Update for tomcat RHSA-2016:2046-01

The remote host is missing an update for...

CVE-2024-23823 CORS settings overly permissive in vantage6

vantage6 is an open source framework built to enable, manage and deploy privacy enhancing technologies like Federated Learning and Multi-Party Computation. The vantage6 server has no restrictions on CORS settings. It should be possible for people to set the allowed origins of the server. The...

U.S. Government Releases New AI Security Guidelines for Critical Infrastructure

The U.S. government has unveiled new security guidelines aimed at bolstering critical infrastructure against artificial intelligence (AI)-related threats. "These guidelines are informed by the whole-of-government effort to assess AI risks across all sixteen critical infrastructure sectors, and...

Fortinet FortiOS and FortiProxy Null Pointer Dereference Vulnerability (CNVD-2024-13092)

Fortinet FortiOS is a dedicated security operating system on the FortiGate network security platform.Fortinet FortiProxy is a secure network proxy that protects employees from cyberattacks by combining a variety of detection technologies, such as Web filtering, DNS filtering, DLP, anti-virus,...

CVE-2024-24770

vantage6 is an open source framework built to enable, manage and deploy privacy enhancing technologies like Federated Learning and Multi-Party Computation. Much like GHSA-45gq-q4xh-cp53, it is possible to find which usernames exist in vantage6 by calling the API routes /recover/lost and /2fa/lost.....

Fedora: Security Advisory for jakarta-annotations (FEDORA-2024-129d8ca6fc)

The remote host is missing an update for...

Exploit for NULL Pointer Dereference in Gpac

...

How to protect yourself from online harassment

It takes a little to receive a lot of online hate today, from simply working as a school administrator to playing a role in a popular movie or video game. But these moments of personal crisis have few, immediate solutions, as the current proposals to curb and stem online harassment zero in on the.....

Fortinet FortiOS and FortiProxy Out-of-Bounds Write Vulnerability

Fortinet FortiOS is a dedicated security operating system on the FortiGate network security platform.Fortinet FortiProxy is a secure network proxy that protects employees from cyberattacks by combining a variety of detection technologies, such as Web filtering, DNS filtering, DLP, anti-virus,...

RedHat Security Advisory RHSA-2009:1164

The remote host is missing updates announced in advisory RHSA-2009:1164. Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages (JSP) technologies. It was discovered that the Red Hat Security Advisory RHSA-2007:0871 did not address all possible flaws in the way Tomcat...

Fedora: Security Advisory for forge-parent (FEDORA-2024-129d8ca6fc)

The remote host is missing an update for...

RedHat Update for tomcat RHSA-2016:2599-02

The remote host is missing an update for...

CVE-2023-6241

Use After Free vulnerability in Arm Ltd Midgard GPU Kernel Driver, Arm Ltd Bifrost GPU Kernel Driver, Arm Ltd Valhall GPU Kernel Driver, Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver allows a local non-privileged user to exploit a software race condition to perform improper memory processing.....

Red Hat JBoss Multiple Products Detection (HTTP)

HTTP based detection of multiple Red Hat JBoss...

CVE-2023-6241

Use After Free vulnerability in Arm Ltd Midgard GPU Kernel Driver, Arm Ltd Bifrost GPU Kernel Driver, Arm Ltd Valhall GPU Kernel Driver, Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver allows a local non-privileged user to exploit a software race condition to perform improper memory processing.....

CVE-2023-6241 Mali GPU Kernel Driver allows improper GPU memory processing operations

Use After Free vulnerability in Arm Ltd Midgard GPU Kernel Driver, Arm Ltd Bifrost GPU Kernel Driver, Arm Ltd Valhall GPU Kernel Driver, Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver allows a local non-privileged user to exploit a software race condition to perform improper memory processing.....

RedHat Security Advisory RHSA-2009:1562

The remote host is missing updates announced in advisory RHSA-2009:1562. Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages (JSP) technologies. It was discovered that the Red Hat Security Advisory RHSA-2007:0876 did not address all possible flaws in the way Tomcat...

CVE-2023-6143

Use After Free vulnerability in Arm Ltd Midgard GPU Kernel Driver, Arm Ltd Bifrost GPU Kernel Driver, Arm Ltd Valhall GPU Kernel Driver, Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver allows a local non-privileged user to exploit a software race condition to perform improper memory processing.....

CVE-2023-6143

Use After Free vulnerability in Arm Ltd Midgard GPU Kernel Driver, Arm Ltd Bifrost GPU Kernel Driver, Arm Ltd Valhall GPU Kernel Driver, Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver allows a local non-privileged user to exploit a software race condition to perform improper memory processing.....

CVE-2023-6143 Mali GPU Kernel Driver allows improper GPU memory processing operations

Use After Free vulnerability in Arm Ltd Midgard GPU Kernel Driver, Arm Ltd Bifrost GPU Kernel Driver, Arm Ltd Valhall GPU Kernel Driver, Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver allows a local non-privileged user to exploit a software race condition to perform improper memory processing.....

German Authorities Issue Arrest Warrants for Three Suspected Chinese Spies

German authorities said they have issued arrest warrants against three citizens on suspicion of spying for China. The full names of the defendants were not disclosed by the Office of the Federal Prosecutor (aka Generalbundesanwalt), but it includes Herwig F., Ina F., and Thomas R. "The suspects...

Design/Logic Flaw

lestrrat-go/jwx is a Go module implementing various JWx (JWA/JWE/JWK/JWS/JWT, otherwise known as JOSE) technologies. A p2c parameter set too high in JWE's algorithm PBES2-* could lead to a denial of service. The JWE key management algorithms based on PBKDF2 require a JOSE Header Parameter called...