Aggregator

A vulnerability was found in Mozilla Firefox up to 111. It has been rated as critical. This issue affects some unknown processing of the component Garbage Collector. The manipulation leads to memory corruption. The identification of this vulnerability is CVE-2023-29535. The attack may be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as critical, was found in Mozilla Firefox up to 111. This affects an unknown part of the component Content-Disposition Header Handler. The manipulation leads to Remote Code Execution. This vulnerability is uniquely identified as CVE-2023-29539. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Mozilla Thunderbird up to 102.9 and classified as critical. This issue affects some unknown processing of the component Content-Disposition Header Handler. The manipulation leads to Remote Code Execution. The identification of this vulnerability is CVE-2023-29539. The attack may be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Mozilla Thunderbird up to 102.11. It has been classified as critical. Affected is an unknown function of the component Certificate Error Handler. The manipulation leads to improper restriction of rendered ui layers. This vulnerability is traded as CVE-2023-34414. It is possible to launch the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Mozilla Firefox up to 113. It has been rated as problematic. This issue affects some unknown processing of the component Certificate Exception Handler. The manipulation leads to improper restriction of rendered ui layers. The identification of this vulnerability is CVE-2023-34414. The attack may be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical was found in Mozilla Firefox up to 113. Affected by this vulnerability is an unknown functionality. The manipulation leads to memory corruption. This vulnerability is known as CVE-2023-34416. The attack can be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Mozilla Thunderbird up to 102.11 and classified as critical. Affected by this issue is some unknown functionality. The manipulation leads to memory corruption. This vulnerability is handled as CVE-2023-34416. The attack may be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as problematic, has been found in Mozilla Thunderbird up to 102.12. Affected by this issue is some unknown functionality of the component Diagcab File Handler. The manipulation leads to an unknown weakness. This vulnerability is handled as CVE-2023-37208. The attack may be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as problematic, was found in Mozilla Firefox up to 114. Affected is an unknown function of the component Diagcab File Handler. The manipulation leads to an unknown weakness. This vulnerability is traded as CVE-2023-37208. It is possible to launch the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability has been found in Mozilla Firefox and classified as critical. This vulnerability affects unknown code. The manipulation leads to memory corruption. This vulnerability was named CVE-2023-4056. The attack can be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Mozilla Thunderbird and classified as critical. This issue affects some unknown processing. The manipulation leads to memory corruption. The identification of this vulnerability is CVE-2023-4056. The attack may be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Red Hat OpenShift AI. It has been rated as critical. Affected by this issue is some unknown functionality of the component TrustyAI Explainability Toolkit. The manipulation leads to os command injection. This vulnerability is handled as CVE-2025-6193. The attack may be launched remotely. There is no exploit available.

A vulnerability, which was classified as critical, has been found in SEMCMS 4.8. This issue affects some unknown processing of the file /web_inc.php. The manipulation of the argument languageID leads to sql injection. The identification of this vulnerability is CVE-2023-48864. The attack needs to be approached within the local network. There is no exploit available.

A vulnerability was found in PublicCMS up to 4.0. It has been classified as problematic. Affected is an unknown function of the component Online Preview. The manipulation leads to cross site scripting. This vulnerability is traded as CVE-2023-51252. It is possible to launch the attack remotely. There is no exploit available.

A vulnerability, which was classified as critical, has been found in Tenda AX1803 1.0.0.1. Affected by this issue is the function formSetIptv. The manipulation of the argument stbpvid leads to stack-based buffer overflow. This vulnerability is handled as CVE-2023-51952. The attack needs to be approached within the local network. There is no exploit available.

A new and alarming phishing campaign has surfaced, leveraging the credibility of a .gov domain to deceive employees into believing they owe unpaid tolls. Identified by the Cofense Phishing Defense Center (PDC), this campaign manipulates the GovDelivery system a legitimate communication tool used by several government agencies to lend an air of authenticity to its […]

The post TxTag Phishing Campaign Exploits .gov Domain to Deceive Employees appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Хакинг систем видеонаблюдения выходит из-под контроля.

Tonic Validate is a free, open-source library for evaluating RAG and LLM based applications. We recently announced a new listing on GitHub Marketplace that provides a GitHub Actions template to run Tonic Validate against code changes on every commit. Today, we’re following up with an additional listing that allows you to establish integration tests each time a branch is merged into your main branch.

The post Tonic Validate is now on GitHub Marketplace! (Part 2) appeared first on Security Boulevard.

We are proud to announce that we have successfully completed our HIPAA certification, marking a significant milestone in our commitment to data security and privacy. This achievement underscores our dedication to providing secure data environments for our clients, particularly those in the healthcare industry handling protected health information (PHI).

The post Tonic.ai Achieves HIPAA Compliance Certification, Ensuring Enhanced Security for Protected Health Information appeared first on Security Boulevard.

Tonic Validate, our free, open-source library for evaluating RAG and LLM-based applications, can be run entirely as a GitHub Action. And it's now available for quick deployment on GitHub Marketplace!

The post Tonic Validate is now available on GitHub Marketplace! appeared first on Security Boulevard.