Aggregator

A vulnerability, which was classified as problematic, has been found in Microsoft Windows. This issue affects some unknown processing of the component Cleanup Manager. The manipulation leads to link following. The identification of this vulnerability is CVE-2022-21838. The attack may be initiated remotely. There is no exploit available. It is recommended to apply a patch to fix this issue.

A vulnerability, which was classified as critical, was found in Microsoft Windows 10 1809/Server 2019. Affected is an unknown function of the component Event Tracing Discretionary Access Control List. The manipulation leads to denial of service. This vulnerability is traded as CVE-2022-21839. It is possible to launch the attack remotely. There is no exploit available. It is recommended to apply a patch to fix this issue.

Frenos offers a zero-impact, continuous security assessment platform for operational technology environments.

Five months after reviving it in June, ​Microsoft has shut down the Windows 10 Beta Channel and will move all enrolled Windows Insiders to the Release Preview Channel. [...]

Five months after reviving it in June, ​Microsoft has shut down the Windows 10 Beta Channel and will move all enrolled Windows Insiders to the Release Preview Channel. [...]

The exploitation of the recently disclosed ‘won’t fix’ issue CVE-2024-10914 in legacy D-Link NAS devices began days after its disclosure.   Days after D-Link announced it wouldn’t patch a critical vulnerability, tracked as CVE-2024-10914 (CVSS score of 9.8), in legacy D-Link NAS devices, that threat actors started attempting to exploit. The vulnerability CVE-2024-10914 is a command […]

BluMed Health Has Allegedly Been Claimed a Victim to Kill Security Ransomware

Name: BlockCTF 2024 (Formerly SquareCTF) (an Block CTF event.)
Date: Nov. 13, 2024, 10 p.m. — 14 Nov. 2024, 22:00 UTC  [add to calendar]
Format: Jeopardy
On-line
Offical URL: https://2024.blockctf.com/
Rating weight: 52.43
Event organizers: Square

A Threat Actor is Allegedly Selling Shell Access of an Unidentified Magento Store in France

A financially motivated Chinese threat actor dubbed "SilkSpecter" is using thousands of fake online stores to steal the payment card details of online shoppers in the U.S. and Europe. [...]

One positive thing among many others at this version of the HTTP Worksh

A Threat Actor is Allegedly Selling the Source Code of Quad Miners' Network Blackbox

CISA warned today that two more critical security vulnerabilities in Palo Alto Networks' Expedition migration tool are now actively exploited in attacks. [...]

Read the official announcement on the PyPI blog as well!For the past year, we’v

Several versions of PostgreSQL are impacted, and customers will need to upgrade in order to patch.

Having visibility into endpoint act

A vulnerability, which was classified as problematic, has been found in Microsoft Edge. Affected by this issue is some unknown functionality. The manipulation leads to exposure of private personal information to an unauthorized actor. This vulnerability is handled as CVE-2024-49025. The attack may be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.11.2 and classified as problematic. This issue affects the function ext4_ind_migrate. The manipulation leads to uncontrolled file descriptor consumption. The identification of this vulnerability is CVE-2024-50006. The attack can only be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as problematic, was found in Linux Kernel up to 6.10.13/6.11.2. Affected is the function ext4_check_bdev_write_error. The manipulation leads to improper initialization. This vulnerability is traded as CVE-2024-50014. Access to the local network is required for this attack to succeed. There is no exploit available. It is recommended to upgrade the affected component.