Security
Headlines
HeadlinesLatestCVEs

Tag

#microsoft

Flashpoint Uncovers 100,000+ Hidden Vulnerabilities, Including Zero-Days

By Deeba Ahmed 100,000+ Reasons to Rethink Vulnerability Management. This is a post from HackRead.com Read the original post: Flashpoint Uncovers 100,000+ Hidden Vulnerabilities, Including Zero-Days

HackRead
Open in Source
#vulnerability#apple#google#microsoft#intel#zero_day
Governments May Spy on You by Requesting Push Notifications from Apple and Google

Unspecified governments have demanded mobile push notification records from Apple and Google users to pursue people of interest, according to U.S. Senator Ron Wyden. "Push notifications are alerts sent by phone apps to users' smartphones," Wyden said. "These alerts pass through a digital post office run by the phone operating system provider -- overwhelmingly Apple or Google. Because of

CVE-2023-36880: Microsoft Edge (Chromium-based) Information Disclosure Vulnerability

**According to the CVSS metric, successful exploitation of this vulnerability could lead to some loss of confidentiality (C:L)? What does that mean for this vulnerability?** Exploitation of this vulnerability only discloses limited information, no sensitive information can be obtained.

CVE-2023-38174: Microsoft Edge (Chromium-based) Information Disclosure Vulnerability

**According to the CVSS metric, user interaction is required (UI:R). What interaction would the user have to do?** The user would have to click on a specially crafted URL to be compromised by the attacker.

CVE-2023-35618: Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability

**According to the CVSS metric, a successful exploitation could lead to a scope change (S:C). What does this mean for this vulnerability?** This vulnerability could lead to a browser sandbox escape.

Kali Linux 2023.4 is Out: Cloud ARM64, Hyper-V, Pi 5, & More!

By Waqas Kali Linux Unveils Feature Rich 2023.4 Release with Cloud ARM64, Vagrant Hyper-V, Raspberry Pi 5, and More! This is a post from HackRead.com Read the original post: Kali Linux 2023.4 is Out: Cloud ARM64, Hyper-V, Pi 5, & More!

Remote code execution vulnerabilities found in Buildroot, Foxit PDF Reader

Cisco Talos has disclosed 10 vulnerabilities over the past two weeks, including nine that exist in a popular online PDF reader that offers a browser plugin.

Ubuntu Security Notice USN-6534-1

Ubuntu Security Notice 6534-1 - It was discovered that the USB subsystem in the Linux kernel contained a race condition while handling device descriptors in certain situations, leading to a out-of-bounds read vulnerability. A local attacker could possibly use this to cause a denial of service. Lin Ma discovered that the Netlink Transformation subsystem in the Linux kernel did not properly initialize a policy data structure, leading to an out-of-bounds vulnerability. A local privileged attacker could use this to cause a denial of service or possibly expose sensitive information.

Windows 10 gets its own extended security updates program

Microsoft announced it will offer a similar extended security updates program for Windows 10 as it did for Windows 7

Cryptocurrency losses reach $1.75 Billion in 2023; CeFi and Hacks Blamed

By Waqas November 2023 has emerged as the most devastating year for crypto users and the most lucrative for cybercriminals and malicious hackers, as the majority of crypto hacks occurred during that month. This is a post from HackRead.com Read the original post: Cryptocurrency losses reach $1.75 Billion in 2023; CeFi and Hacks Blamed