Security Pop Quiz! q347.mp3

News

Packet Storm Security

Security Affairs Looking Glass Cyber
    securingtomorrow.mcafee.com
      Quick Heal Threat Post Naked Security
        ESET CIS
        • CIS Benchmarks April 2024 Update Mon, 15 Apr 2024 18:23:00 Z
          Here is an overview of the CIS Benchmarks that the Center for Internet Security updated or released for April 2024.
        Malware Patrol SecList MySonicWall

        Critical Infrastructure

        Case Studies

        Tools

        Exploits

        Last 20 Website Defacements - Zone-h

          Press Play to hear the answer!

          Advisories

          • Debian Security Advisory 5673-1 Tue, 23 Apr 2024 16:10:55 GMT
            Debian Linux Security Advisory 5673-1 - Charles Fol discovered that the iconv() function in the GNU C library is prone to a buffer overflow vulnerability when converting strings to the ISO-2022-CN-EXT character set, which may lead to denial of service (application crash) or the execution of arbitrary code.
          • Ubuntu Security Notice USN-6746-1 Tue, 23 Apr 2024 16:02:22 GMT
            Ubuntu Security Notice 6746-1 - It was discovered that Google Guest Agent and Google OS Config Agent incorrectly handled certain JSON files. An attacker could possibly use this issue to cause a denial of service.
          • Debian Security Advisory 5672-1 Tue, 23 Apr 2024 15:59:51 GMT
            Debian Linux Security Advisory 5672-1 - Several vulnerabilities have been discovered in the OpenJDK Java runtime, which may result in denial of service or information disclosure.
          • Ubuntu Security Notice USN-6728-3 Tue, 23 Apr 2024 15:54:52 GMT
            Ubuntu Security Notice 6728-3 - USN-6728-1 fixed vulnerabilities in Squid. The fix for CVE-2023-5824 caused Squid to crash in certain environments on Ubuntu 20.04 LTS and was disabled in USN-6728-2. The problematic fix for CVE-2023-5824 has now been corrected and reinstated in this update.
          • Ubuntu Security Notice USN-6743-2 Tue, 23 Apr 2024 15:53:59 GMT
            Ubuntu Security Notice 6743-2 - Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system.
          • Debian Security Advisory 5671-1 Tue, 23 Apr 2024 15:51:03 GMT
            Debian Linux Security Advisory 5671-1 - Several vulnerabilities have been discovered in the OpenJDK Java runtime, which may result in denial of service or information disclosure.
          • Debian Security Advisory 5670-1 Tue, 23 Apr 2024 15:48:29 GMT
            Debian Linux Security Advisory 5670-1 - Multiple security issues were discovered in Thunderbird, which could result in denial of service or the execution of arbitrary code.
          • Ubuntu Security Notice USN-6744-2 Tue, 23 Apr 2024 15:43:09 GMT
            Ubuntu Security Notice 6744-2 - USN-6744-1 fixed a vulnerability in Pillow. This update provides the corresponding updates for Pillow in Ubuntu 20.04 LTS. Hugo van Kemenade discovered that Pillow was not properly performing bounds checks when processing an ICC file, which could lead to a buffer overflow. If a user or automated system were tricked into processing a specially crafted ICC file, an attacker could possibly use this issue to cause a denial of service or execute arbitrary code.
          • Ubuntu Security Notice USN-6744-1 Tue, 23 Apr 2024 15:36:09 GMT
            Ubuntu Security Notice 6744-1 - Hugo van Kemenade discovered that Pillow was not properly performing bounds checks when processing an ICC file, which could lead to a buffer overflow. If a user or automated system were tricked into processing a specially crafted ICC file, an attacker could possibly use this issue to cause a denial of service or execute arbitrary code.
          • Ubuntu Security Notice USN-6745-1 Tue, 23 Apr 2024 15:35:50 GMT
            Ubuntu Security Notice 6745-1 - It was discovered that in Percona XtraBackup, a local crafted filename could trigger arbitrary code execution.
          • Ubuntu Security Notice USN-6738-1 Tue, 23 Apr 2024 15:35:37 GMT
            Ubuntu Security Notice 6738-1 - Fabian Bäumer, Marcus Brinkmann, and Joerg Schwenk discovered that LXD incorrectly handled the handshake phase and the use of sequence numbers in SSH Binary Packet Protocol. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to bypass integrity checks.
          • Red Hat Security Advisory 2024-1963-03 Tue, 23 Apr 2024 15:00:35 GMT
            Red Hat Security Advisory 2024-1963-03 - An update for golang is now available for Red Hat Enterprise Linux 9. Issues addressed include a denial of service vulnerability.
          • Red Hat Security Advisory 2024-1962-03 Tue, 23 Apr 2024 15:00:26 GMT
            Red Hat Security Advisory 2024-1962-03 - An update for the go-toolset:rhel8 module is now available for Red Hat Enterprise Linux 8. Issues addressed include a denial of service vulnerability.
          • Red Hat Security Advisory 2024-1961-03 Tue, 23 Apr 2024 15:00:09 GMT
            Red Hat Security Advisory 2024-1961-03 - An update for kpatch-patch is now available for Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions.
          • Red Hat Security Advisory 2024-1960-03 Tue, 23 Apr 2024 15:00:01 GMT
            Red Hat Security Advisory 2024-1960-03 - An update for kpatch-patch is now available for Red Hat Enterprise Linux 7. Issues addressed include a use-after-free vulnerability.
          • Red Hat Security Advisory 2024-1959-03 Tue, 23 Apr 2024 14:59:49 GMT
            Red Hat Security Advisory 2024-1959-03 - An update for shim is now available for Red Hat Enterprise Linux 7. Issues addressed include buffer overflow, bypass, integer overflow, and out of bounds read vulnerabilities.
          • Red Hat Security Advisory 2024-1948-03 Tue, 23 Apr 2024 14:59:37 GMT
            Red Hat Security Advisory 2024-1948-03 - An update for Red Hat Build of Apache Camel 3.18 for Quarkus 2.13 is now available. The purpose of this text-only errata is to inform you about the enhancements that improve your developer experience and ensure the security and stability of your products. Red Hat Product Security has rated this update as having a security impact of Important. Issues addressed include denial of service and server-side request forgery vulnerabilities.
          • Red Hat Security Advisory 2024-1946-03 Tue, 23 Apr 2024 14:59:25 GMT
            Red Hat Security Advisory 2024-1946-03 - Red Hat OpenShift Service Mesh Containers for 2.5.1. Issues addressed include a password leak vulnerability.
          • Red Hat Security Advisory 2024-1941-03 Tue, 23 Apr 2024 14:59:08 GMT
            Red Hat Security Advisory 2024-1941-03 - An update for thunderbird is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Issues addressed include a denial of service vulnerability.
          • Red Hat Security Advisory 2024-1940-03 Tue, 23 Apr 2024 14:58:59 GMT
            Red Hat Security Advisory 2024-1940-03 - An update for thunderbird is now available for Red Hat Enterprise Linux 9. Issues addressed include a denial of service vulnerability.
          • Red Hat Security Advisory 2024-1939-03 Tue, 23 Apr 2024 14:58:50 GMT
            Red Hat Security Advisory 2024-1939-03 - An update for thunderbird is now available for Red Hat Enterprise Linux 8. Issues addressed include a denial of service vulnerability.
          • Red Hat Security Advisory 2024-1938-03 Tue, 23 Apr 2024 14:58:41 GMT
            Red Hat Security Advisory 2024-1938-03 - An update for thunderbird is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Issues addressed include a denial of service vulnerability.
          • Red Hat Security Advisory 2024-1937-03 Tue, 23 Apr 2024 14:58:32 GMT
            Red Hat Security Advisory 2024-1937-03 - An update for thunderbird is now available for Red Hat Enterprise Linux 8.8 Extended Update Support. Issues addressed include a denial of service vulnerability.
          • Red Hat Security Advisory 2024-1936-03 Tue, 23 Apr 2024 14:58:23 GMT
            Red Hat Security Advisory 2024-1936-03 - An update for thunderbird is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Issues addressed include a denial of service vulnerability.
          • Red Hat Security Advisory 2024-1935-03 Tue, 23 Apr 2024 14:58:13 GMT
            Red Hat Security Advisory 2024-1935-03 - An update for thunderbird is now available for Red Hat Enterprise Linux 7. Issues addressed include a denial of service vulnerability.