Aggregator

主站 分类 漏洞 工具 极客

A vulnerability classified as critical has been found in Dmv.ca.gov CA DMV 2.0. This affects an unknown part of the component X.509 Certificate Handler. The manipulation leads to cryptographic issues. This vulnerability is uniquely identified as CVE-2014-5866. Access to the local network is required for this attack. There is no exploit available.

速修复

速修复

产品已达生命周期

Cyberint claims that initial access brokers target companies with average revenue of nearly $2bn

Первые признаки взлома появляются лишь спустя месяцы после атаки.

A vulnerability was found in Hiox India Guest Book up to 4.0 and classified as critical. Affected by this issue is some unknown functionality of the file gb.php. The manipulation leads to memory corruption. This vulnerability is handled as CVE-2007-1998. The attack may be launched remotely. Furthermore, there is an exploit available.

A vulnerability was found in Ask.com 2.2.5. It has been rated as critical. Affected by this issue is some unknown functionality of the component X.509 Certificate Handler. The manipulation leads to cryptographic issues. This vulnerability is handled as CVE-2014-5865. The attack needs to be initiated within the local network. There is no exploit available.

A recent discovery has exposed critical vulnerabilities in the Dovecot mail server, potentially allowing attackers to exploit the IMAP implementation and disrupt service. These vulnerabilities, identified as CVE-2024-23184 and CVE-2024-23185, can lead to denial-of-service (DoS) attacks by overwhelming the server with excessive address headers or very large headers. Dovecot is a popular open-source IMAP and […]

The post Debian Patches Two Dovecot Vulnerabilities appeared first on TuxCare.

The post Debian Patches Two Dovecot Vulnerabilities appeared first on Security Boulevard.

Singapore, Singapore, September 4th, 2024, CyberNewsWireBlackwired, the leading cyber observatory

Would a more robust cybersecurity posture impact premium costs? Does the policy offer legal cover? These are some of the questions organizations should consider when reviewing their cyber insurance options

Samba is the standard suite of programs that enables seamless interoperability between Linux/Unix and Windows systems. Version 4.21 has been officially released. Hardening In previous versions of Samba, if a user or group name in either option could not be resolved to a valid SID, the user (or group) would be skipped without any notification. This could result in unexpected and insecure behavior. Starting with this version of Samba, if any user or group name … More →

The post Samba 4.21 comes with upgraded security features appeared first on Help Net Security.

США ужесточат условия безопасности цепочек поставок ПО.

A vulnerability, which was classified as problematic, was found in LinuxOSsk Shakal-NG up to 1.3.3. Affected is an unknown function of the file comments/views.py. The manipulation of the argument next leads to open redirect. This vulnerability is traded as CVE-2024-8412. It is possible to launch the attack remotely. There is no exploit available. It is recommended to apply a patch to fix this issue.

Submit #401770 / VDB-276224

A vulnerability, which was classified as problematic, has been found in ABCD ABCD2 up to 2.2.0-beta-1. This issue affects some unknown processing of the file /buscar_integrada.php. The manipulation of the argument Sub_Expresion leads to cross site scripting. The identification of this vulnerability is CVE-2024-8411. The attack may be initiated remotely. Furthermore, there is an exploit available. The vendor was contacted early about this disclosure but did not respond in any way.

A vulnerability classified as problematic was found in ABCD ABCD2 up to 2.2.0-beta-1. This vulnerability affects unknown code of the file /abcd/opac/php/otros_sitios.php. The manipulation of the argument sitio leads to path traversal. This vulnerability was named CVE-2024-8410. The attack can be initiated remotely. Furthermore, there is an exploit available. The vendor was contacted early about this disclosure but did not respond in any way.

A vulnerability classified as problematic has been found in ABCD ABCD2 up to 2.2.0-beta-1. This affects an unknown part of the file /common/show_image.php. The manipulation of the argument image leads to path traversal: '../filedir'. This vulnerability is uniquely identified as CVE-2024-8409. It is possible to initiate the attack remotely. Furthermore, there is an exploit available. The vendor was contacted early about this disclosure but did not respond in any way.

Submit #400792 / VDB-276492