Aggregator

A vulnerability classified as problematic was found in Mozilla Firefox up to 124 on 32-bit. Affected by this vulnerability is an unknown functionality of the component OpenType Font Parser. The manipulation leads to out-of-bounds read. This vulnerability is known as CVE-2024-3859. The attack can be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as critical, was found in Mozilla Firefox up to 124. This affects an unknown part of the component AlignedBuffer. The manipulation leads to use after free. This vulnerability is uniquely identified as CVE-2024-3861. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Mozilla Firefox up to 124. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the component Garbage Collection Handler. The manipulation leads to use after free. This vulnerability is known as CVE-2024-3856. The attack can be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Mozilla Firefox up to 124. It has been rated as problematic. Affected by this issue is some unknown functionality of the component JIT Handler. The manipulation leads to denial of service. This vulnerability is handled as CVE-2024-3858. The attack may be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Mozilla Firefox up to 124 and classified as critical. This issue affects some unknown processing of the component Garbage Collection Handler. The manipulation leads to use after free. The identification of this vulnerability is CVE-2024-3853. The attack may be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Mozilla Firefox up to 124. It has been classified as problematic. Affected is an unknown function of the component JIT Handler. The manipulation leads to out-of-bounds read. This vulnerability is traded as CVE-2024-3854. It is possible to launch the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

Name: Moscow CTF School 2025 (an Moscow CTF School event.)
Date: April 5, 2025, 10 a.m. — 05 April 2025, 18:00 UTC  [add to calendar]
Format: Jeopardy
On-line
Offical URL: http://ctf.cs.msu.ru/
Rating weight: 0.00
Event organizers: Bushwhackers

Name: Auvergn'Hack (an Auvergn'hack event.)
Date: April 5, 2025, 12:45 p.m. — 05 April 2025, 19:00 UTC  [add to calendar]
Format: Jeopardy
On-line
Offical URL: https://ctf.zitf.fr/
Rating weight: 0
Event organizers: ZiTF

Why is Smart Machine Identity Management Crucial? What comes to your mind when you think about cybersecurity? Most often, we conceptualize cybersecurity as a measure to protect user data, financial information, and other forms of human-associated identities. While these are certainly significant, there is an underlying and often underestimated area of cybersecurity – the management […]

The post Smart Strategies for Managing Machine Identities appeared first on Entro.

The post Smart Strategies for Managing Machine Identities appeared first on Security Boulevard.

Why the Buzz about Impenetrable NHIs? You might have heard quite the buzz around impenetrable Non-Human Identities (NHIs). It’s the cornerstone of next-generation cybersecurity. So, is this truly the game-changing approach toward secure defenses we have been looking for? Mastering the Art of Securing Non-Human Identities Seamlessly managing Non-Human Identities is akin to playing a […]

The post Crafting Impenetrable Defenses for Your NHIs appeared first on Entro.

The post Crafting Impenetrable Defenses for Your NHIs appeared first on Security Boulevard.

Are You Ready to Embrace the Future of Secrets Vaulting? I often get asked: “What does the future hold for secrets vaulting?” It’s a valid question. With organizations continuously transitioning to the cloud and the prevalence of digital identities growing, secrets management is becoming the cornerstone of any robust cybersecurity strategy. But why should we […]

The post Optimistic About the Future of Secrets Vaulting? appeared first on Entro.

The post Optimistic About the Future of Secrets Vaulting? appeared first on Security Boulevard.

A vulnerability has been found in Apple tvOS up to 12.3 and classified as critical. This vulnerability affects unknown code of the component WebKit. The manipulation leads to memory corruption. This vulnerability was named CVE-2019-8689. The attack can be initiated remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as problematic was found in LiteSpeed Technologies LiteSpeed Cache Plugin up to 5.7 on WordPress. Affected by this vulnerability is an unknown functionality. The manipulation leads to cross site scripting. This vulnerability is known as CVE-2023-40000. The attack can be launched remotely. There is no exploit available.

A vulnerability has been found in Keycloak and classified as problematic. This vulnerability affects unknown code of the component URL Handler. The manipulation leads to open redirect. This vulnerability was named CVE-2024-1132. The attack can be initiated remotely. There is no exploit available.

A vulnerability classified as problematic was found in Mozilla Firefox up to 124. This vulnerability affects unknown code of the component JIT Handler. The manipulation leads to out-of-bounds read. This vulnerability was named CVE-2024-3855. The attack can be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Mozilla Firefox up to 124. It has been declared as critical. This vulnerability affects unknown code of the component MarkStack Handler. The manipulation leads to uninitialized pointer. This vulnerability was named CVE-2024-3862. The attack can be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Keycloak. It has been classified as problematic. Affected is an unknown function of the component SAML Handler. The manipulation leads to cross site scripting. This vulnerability is traded as CVE-2023-6717. It is possible to launch the attack remotely. There is no exploit available.

A vulnerability, which was classified as problematic, was found in EleForms Plugin up to 2.9.9.7 on WordPress. Affected is an unknown function. The manipulation leads to cross site scripting. This vulnerability is traded as CVE-2024-2082. It is possible to launch the attack remotely. There is no exploit available.