Security
Headlines
HeadlinesLatestCVEs

Tag

#linux

Red Hat Security Advisory 2023-7668-03

Red Hat Security Advisory 2023-7668-03 - An update for the squid:4 module is now available for Red Hat Enterprise Linux 8. Issues addressed include a denial of service vulnerability.

Packet Storm
Open in Source
#vulnerability#web#linux#red_hat#dos#js
Red Hat Security Advisory 2023-7667-03

Red Hat Security Advisory 2023-7667-03 - An update for the postgresql:12 module is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support, Red Hat Enterprise Linux 8.2 Telecommunications Update Service, and Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions. Issues addressed include integer overflow and remote SQL injection vulnerabilities.

Red Hat Security Advisory 2023-7666-03

Red Hat Security Advisory 2023-7666-03 - An update for the postgresql:12 module is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Issues addressed include integer overflow and remote SQL injection vulnerabilities.

Red Hat Security Advisory 2023-7665-03

Red Hat Security Advisory 2023-7665-03 - An update for linux-firmware is now available for Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions. Issues addressed include an information leakage vulnerability.

New Bluetooth Flaw Let Hackers Take Over Android, Linux, macOS, and iOS Devices

A critical Bluetooth security flaw could be exploited by threat actors to take control of Android, Linux, macOS and iOS devices. Tracked as CVE-2023-45866, the issue relates to a case of authentication bypass that enables attackers to connect to susceptible devices and inject keystrokes to achieve code execution as the victim. "Multiple Bluetooth stacks have authentication bypass

CVE-2023-48825: PHPJabbers Availability Booking Calendar 5.0 HTML Injection ≈ Packet Storm

Availability Booking Calendar 5.0 is vulnerable to Multiple HTML Injection issues via SMS API Key or Default Country Code.

CVE-2023-48208: PHPJabbers Availability Booking Calendar 5.0 Cross Site Scripting ≈ Packet Storm

A Cross Site Scripting vulnerability in Availability Booking Calendar 5.0 allows an attacker to inject JavaScript via the name, plugin_sms_api_key, plugin_sms_country_code, uuid, title, or country name parameter to index.php.

New Stealthy 'Krasue' Linux Trojan Targeting Telecom Firms in Thailand

A previously unknown Linux remote access trojan called Krasue has been observed targeting telecom companies in Thailand by threat actors to main covert access to victim networks at lease since 2021. Named after a nocturnal female spirit of Southeast Asian folklore, the malware is "able to conceal its own presence during the initialization phase," Group-IB said in a report

CVE-2023-41913: Releases · strongswan/strongswan

strongSwan before 5.9.12 has a buffer overflow and possible unauthenticated remote code execution via a DH public value that exceeds the internal buffer in charon-tkm's DH proxy. The earliest affected version is 5.3.0. An attack can occur via a crafted IKE_SA_INIT message.

Kali Linux 2023.4 is Out: Cloud ARM64, Hyper-V, Pi 5, & More!

By Waqas Kali Linux Unveils Feature Rich 2023.4 Release with Cloud ARM64, Vagrant Hyper-V, Raspberry Pi 5, and More! This is a post from HackRead.com Read the original post: Kali Linux 2023.4 is Out: Cloud ARM64, Hyper-V, Pi 5, & More!