Security Pop Quiz! q434.mp3

News

Packet Storm Security

Security Affairs Looking Glass Cyber
    securingtomorrow.mcafee.com
      Quick Heal Threat Post Naked Security
        ESET CIS
        • CIS Benchmarks November 2024 Update Thu, 07 Nov 2024 09:20:00 -0500
          Here is an overview of the CIS Benchmarks that the Center for Internet Security updated or released for November 2024.
        Malware Patrol SecList MySonicWall

        Critical Infrastructure

        Case Studies

        Tools

        Exploits

        Last 20 Website Defacements - Zone-h

          Press Play to hear the answer!

          Advisories

          • Debian Security Advisory 5804-1 Fri, 08 Nov 2024 17:01:48 GMT
            Debian Linux Security Advisory 5804-1 - The following vulnerabilities have been discovered in the WebKitGTK web engine. An anonymous researcher, Q1IQ (@q1iqF) and P1umer discovered that processing maliciously crafted web content may lead to an unexpected process crash. Narendra Bhati discovered that processing maliciously crafted web content may prevent Content Security Policy from being enforced.
          • Ubuntu Security Notice USN-6882-2 Fri, 08 Nov 2024 17:01:35 GMT
            Ubuntu Security Notice 6882-2 - USN-6882-1 fixed vulnerabilities in Cinder. The update caused a regression in certain environments due to incorrect privilege handling. This update fixes the problem. Martin Kaesberger discovered that Cinder incorrectly handled QCOW2 image processing. An authenticated user could use this issue to access arbitrary files on the server, possibly exposing sensitive information.
          • Kernel Live Patch Security Notice LSN-0107-1 Fri, 08 Nov 2024 16:58:45 GMT
            A significant amount of vulnerabilities in the Linux kernel have been resolved that include use-after-free and race conditions.
          • Red Hat Security Advisory 2024-9019-03 Fri, 08 Nov 2024 16:55:21 GMT
            Red Hat Security Advisory 2024-9019-03 - An update for thunderbird is now available for Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions. Issues addressed include cross site scripting, denial of service, spoofing, and use-after-free vulnerabilities.
          • Red Hat Security Advisory 2024-9018-03 Fri, 08 Nov 2024 16:55:13 GMT
            Red Hat Security Advisory 2024-9018-03 - An update for thunderbird is now available for Red Hat Enterprise Linux 8.8 Extended Update Support. Issues addressed include cross site scripting, denial of service, spoofing, and use-after-free vulnerabilities.
          • Red Hat Security Advisory 2024-9017-03 Fri, 08 Nov 2024 16:55:06 GMT
            Red Hat Security Advisory 2024-9017-03 - An update for thunderbird is now available for Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.6 Telecommunications Update Service. Issues addressed include cross site scripting, denial of service, spoofing, and use-after-free vulnerabilities.
          • Red Hat Security Advisory 2024-9016-03 Fri, 08 Nov 2024 16:54:57 GMT
            Red Hat Security Advisory 2024-9016-03 - An update for thunderbird is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support. Issues addressed include cross site scripting, denial of service, spoofing, and use-after-free vulnerabilities.
          • Red Hat Security Advisory 2024-9015-03 Fri, 08 Nov 2024 16:54:48 GMT
            Red Hat Security Advisory 2024-9015-03 - An update for thunderbird is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.4 Telecommunications Update Service. Issues addressed include cross site scripting, denial of service, spoofing, and use-after-free vulnerabilities.
          • Red Hat Security Advisory 2024-8690-03 Thu, 07 Nov 2024 15:45:41 GMT
            Red Hat Security Advisory 2024-8690-03 - Red Hat OpenShift Container Platform release 4.13.53 is now available with updates to packages and images that fix several bugs and add enhancements. Issues addressed include denial of service and traversal vulnerabilities.
          • Ubuntu Security Notice USN-7088-4 Thu, 07 Nov 2024 15:20:15 GMT
            Ubuntu Security Notice 7088-4 - Ziming Zhang discovered that the VMware Virtual GPU DRM driver in the Linux kernel contained an integer overflow vulnerability. A local attacker could use this to cause a denial of service. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system.
          • Ubuntu Security Notice USN-7095-1 Thu, 07 Nov 2024 15:19:59 GMT
            Ubuntu Security Notice 7095-1 - Chenyuan Yang discovered that the USB Gadget subsystem in the Linux kernel did not properly check for the device to be enabled before writing. A local attacker could possibly use this to cause a denial of service. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system.
          • Ubuntu Security Notice USN-7089-3 Thu, 07 Nov 2024 15:19:44 GMT
            Ubuntu Security Notice 7089-3 - Chenyuan Yang discovered that the USB Gadget subsystem in the Linux kernel did not properly check for the device to be enabled before writing. A local attacker could possibly use this to cause a denial of service. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system.
          • Red Hat Security Advisory 2024-8977-03 Thu, 07 Nov 2024 15:17:42 GMT
            Red Hat Security Advisory 2024-8977-03 - An update for the python39:3.9 module is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.4 Telecommunications Update Service.
          • Red Hat Security Advisory 2024-8694-03 Thu, 07 Nov 2024 15:17:34 GMT
            Red Hat Security Advisory 2024-8694-03 - Red Hat OpenShift Container Platform release 4.12.68 is now available with updates to packages and images that fix several bugs and add enhancements. Issues addressed include denial of service and traversal vulnerabilities.
          • Gentoo Linux Security Advisory 202411-05 Wed, 06 Nov 2024 19:24:41 GMT
            Gentoo Linux Security Advisory 202411-5 - Multiple vulnerabilities have been discovered in libgit2, the worst of which could lead to arbitrary code execution. Versions greater than or equal to 1.7.2 are affected.
          • Gentoo Linux Security Advisory 202411-04 Wed, 06 Nov 2024 19:24:26 GMT
            Gentoo Linux Security Advisory 202411-4 - A vulnerability has been discovered in EditorConfig Core C library, which may lead to arbitrary code execution. Versions greater than or equal to 0.12.6 are affected.
          • Gentoo Linux Security Advisory 202411-03 Wed, 06 Nov 2024 19:24:11 GMT
            Gentoo Linux Security Advisory 202411-3 - A vulnerability has been discovered in Ubiquiti UniFi, which can lead to local privilege escalation. Versions greater than or equal to 8.5.6 are affected.
          • Gentoo Linux Security Advisory 202411-02 Wed, 06 Nov 2024 19:23:56 GMT
            Gentoo Linux Security Advisory 202411-2 - A vulnerability has been discovered in Flatpak, which can lead to a sandbox escape. Versions greater than or equal to 1.4.10 are affected.
          • Ubuntu Security Notice USN-7088-3 Wed, 06 Nov 2024 19:21:54 GMT
            Ubuntu Security Notice 7088-3 - Ziming Zhang discovered that the VMware Virtual GPU DRM driver in the Linux kernel contained an integer overflow vulnerability. A local attacker could use this to cause a denial of service. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system.
          • Gentoo Linux Security Advisory 202411-01 Wed, 06 Nov 2024 19:21:30 GMT
            Gentoo Linux Security Advisory 202411-1 - A vulnerability has been discovered in Neat VNC, which can lead to authentication bypass. Versions greater than or equal to 0.8.1 are affected.
          • Ubuntu Security Notice USN-7093-1 Wed, 06 Nov 2024 19:21:16 GMT
            Ubuntu Security Notice 7093-1 - It was discovered that Werkzeug incorrectly handled multiple form submission requests. A remote attacker could possibly use this issue to cause Werkzeug to consume resources, leading to a denial of service.
          • Debian Security Advisory 5803-1 Wed, 06 Nov 2024 19:19:44 GMT
            Debian Linux Security Advisory 5803-1 - Multiple security issues were discovered in Thunderbird, which could result in denial of service or the execution of arbitrary code.
          • Red Hat Security Advisory 2024-8935-03 Wed, 06 Nov 2024 19:15:15 GMT
            Red Hat Security Advisory 2024-8935-03 - An update for edk2 is now available for Red Hat Enterprise Linux 9. Issues addressed include a denial of service vulnerability.
          • Red Hat Security Advisory 2024-8929-03 Wed, 06 Nov 2024 19:15:06 GMT
            Red Hat Security Advisory 2024-8929-03 - An update for mod_jk is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Issues addressed include denial of service and information leakage vulnerabilities.
          • Red Hat Security Advisory 2024-8928-03 Wed, 06 Nov 2024 19:14:54 GMT
            Red Hat Security Advisory 2024-8928-03 - An update for mod_jk is now available for Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions. Issues addressed include denial of service and information leakage vulnerabilities.