Security
Headlines
HeadlinesLatestCVEs

Tag

#linux

Gentoo Linux Security Advisory 202407-02

Gentoo Linux Security Advisory 202407-2 - A vulnerability has been discovered in SDL_ttf, which can lead to arbitrary memory writes. Versions greater than or equal to 2.20.0 are affected.

Packet Storm
#vulnerability#web#mac#linux
Gentoo Linux Security Advisory 202407-04

Gentoo Linux Security Advisory 202407-4 - A vulnerability has been discovered in Pixman, which can lead to a heap buffer overflow. Versions greater than or equal to 0.42.2 are affected.

Gentoo Linux Security Advisory 202407-03

Gentoo Linux Security Advisory 202407-3 - A vulnerability has been discovered in Liferea, which can lead to remote code execution. Versions greater than or equal to 1.12.10 are affected.

Xhibiter NFT Marketplace 1.10.2 SQL Injection

Xhibiter NFT Marketplace version 1.10.2 suffers from a remote SQL injection vulnerability.

Gentoo Linux Security Advisory 202407-01

Gentoo Linux Security Advisory 202407-1 - A vulnerability has been discovered in Zsh, which can lead to execution of arbitrary code. Versions greater than or equal to 5.8.1 are affected.

Red Hat Security Advisory 2024-4200-03

Red Hat Security Advisory 2024-4200-03 - An update for libreswan is now available for Red Hat Enterprise Linux 8.8 Extended Update Support.

Red Hat Security Advisory 2024-4197-03

Red Hat Security Advisory 2024-4197-03 - An update for the httpd:2.4 module is now available for Red Hat Enterprise Linux 8. Issues addressed include a HTTP response splitting vulnerability.

Red Hat Security Advisory 2024-4179-03

Red Hat Security Advisory 2024-4179-03 - An update for pki-core is now available for Red Hat Enterprise Linux 8.8 Extended Update Support. Issues addressed include a bypass vulnerability.

New OpenSSH Vulnerability Could Lead to RCE as Root on Linux Systems

OpenSSH maintainers have released security updates to contain a critical security flaw that could result in unauthenticated remote code execution with root privileges in glibc-based Linux systems. The vulnerability has been assigned the CVE identifier CVE-2024-6387. It resides in the OpenSSH server component, also known as sshd, which is designed to listen for connections from any of the client

Google to Block Entrust Certificates in Chrome Starting November 2024

Google has announced that it's going to start blocking websites that use certificates from Entrust starting around November 1, 2024, in its Chrome browser, citing compliance failures and the certificate authority's inability to address security issues in a timely manner. "Over the past several years, publicly disclosed incident reports highlighted a pattern of concerning behaviors by Entrust