Red Hat Security Advisory 2024-0832-03
Red Hat Security Advisory 2024-0832-03 - Red Hat OpenShift Container Platform release 4.12.50 is now available with updates to packages and images that fix several bugs. Issues addressed include denial...
View ArticleRed Hat Security Advisory 2024-0837-03
Red Hat Security Advisory 2024-0837-03 - Red Hat OpenShift Container Platform release 4.14.13 is now available with updates to packages and images that fix several bugs and add enhancements.
View ArticleWEBIGniter 28.7.23 Cross Site Scripting
WEBIGniter version 28.7.23 suffers from a persistent cross site scripting vulnerability.
View ArticleRed Hat Security Advisory 2024-0845-03
Red Hat Security Advisory 2024-0845-03 - Red Hat OpenShift Container Platform release 4.13.34 is now available with updates to packages and images that fix several bugs and add enhancements. Issues...
View ArticleRed Hat Security Advisory 2024-0930-03
Red Hat Security Advisory 2024-0930-03 - An update for kernel is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Issues addressed include integer overflow, null pointer, out of...
View ArticleNFC Relay Attack On Tesla Model Y
This paper will walk you through the proof-of-concept and technical details of exploitation for IOActive's recent NFC relay attack on the newest Tesla vehicle, the Model Y. To successfully carry out...
View ArticleITFlow Cross Site Request Forgery
ITFlow versions prior to commit 432488eca3998c5be6b6b9e8f8ba01f54bc12378 suffer from a cross site request forgery vulnerability.
View ArticleUbuntu Security Notice USN-6645-1
Ubuntu Security Notice 6645-1 - It was discovered that the netfilter connection tracker for netlink in the Linux kernel did not properly perform reference counting in some error conditions. A local...
View ArticleFuelflow 1.0 SQL Injection
Fuelflow version 1.0 suffers from a remote SQL injection vulnerability.
View ArticleWordPress 6.4.3 Username Disclosure
WordPress versions 6.4.3 and below appear to suffer from a REST API related username disclosure vulnerability.
View ArticleUbuntu Security Notice USN-6584-2
Ubuntu Security Notice 6584-2 - USN-6584-1 fixed several vulnerabilities in Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. This update provides the corresponding updates for CVE-2021-33912 andCVE-2021-33913 in...
View ArticleIvanti Connect Secure Unauthenticated Remote Code Execution
This Metasploit module chains a server side request forgery (SSRF) vulnerability (CVE-2024-21893) and a command injection vulnerability (CVE-2024-21887) to exploit vulnerable instances of either Ivanti...
View ArticleYealink Configuration Encrypt Tool Static AES Key
A single, vendorwide, hardcoded AES key in the Yealink Configuration Encrypt Tool used to encrypt provisioning documents was leaked leading to a compromise of confidentiality of provisioning documents.
View ArticleUbuntu Security Notice USN-6646-1
Ubuntu Security Notice 6646-1 - It was discovered that a race condition existed in the ATM subsystem of the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to...
View ArticleUbuntu Security Notice USN-6647-1
Ubuntu Security Notice 6647-1 - It was discovered that a race condition existed in the ATM subsystem of the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to...
View ArticleOpenOLAT 18.1.5 Cross Site Scripting / Privilege Escalation
OpenOLAT versions 18.1.4 and below and versions 18.1.5 and below suffer from multiple persistent cross site scripting vulnerabilities.
View ArticleBotan C++ Crypto Algorithms Library 2.19.4
Botan is a C++ library of cryptographic algorithms, including AES, DES, SHA-1, RSA, DSA, Diffie-Hellman, and many others. It also supports X.509 certificates and CRLs, and PKCS #10 certificate...
View ArticleBotan C++ Crypto Algorithms Library 3.3.0
Botan is a C++ library of cryptographic algorithms, including AES, DES, SHA-1, RSA, DSA, Diffie-Hellman, and many others. It also supports X.509 certificates and CRLs, and PKCS #10 certificate...
View Article
