Aggregator

CVE-2024-3219 | Python Software CPython up to 3.13.0b4 Socket Module socket.socketpair race condition (ID 122133 / Nessus ID 212649)

Vuldb Updates
9 months 1 week ago
A vulnerability, which was classified as problematic, has been found in Python Software CPython up to 3.13.0b4. Affected by this issue is the function socket.socketpair of the component Socket Module. The manipulation leads to race condition. This vulnerability is handled as CVE-2024-3219. Attacking locally is a requirement. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

CVE-2023-5574 | X.org X11 Server up to 21.1.8/23.2.1 Screen Cleanup memory leak (Nessus ID 212648)

Vuldb Updates
9 months 1 week ago
A vulnerability, which was classified as problematic, has been found in X.org X11 Server up to 21.1.8/23.2.1. Affected by this issue is some unknown functionality of the component Screen Cleanup. The manipulation leads to memory leak. This vulnerability is handled as CVE-2023-5574. The attack needs to be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

CVE-2023-4232 | oFono SMS Decoder stack-based overflow (ZDI-23-1860 / Nessus ID 212663)

Vuldb Updates
9 months 1 week ago
A vulnerability was found in oFono. It has been rated as critical. This issue affects some unknown processing of the component SMS Decoder. The manipulation leads to stack-based buffer overflow. The identification of this vulnerability is CVE-2023-4232. The attack may be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

CVE-2024-11858 | radare2 up to 5.9.8 on 64-bit Pebble Application File command injection (Nessus ID 212665)

Vuldb Updates
9 months 1 week ago
A vulnerability was found in radare2 up to 5.9.8 on 64-bit and classified as critical. This issue affects some unknown processing of the component Pebble Application File Handler. The manipulation leads to command injection. The identification of this vulnerability is CVE-2024-11858. The attack can only be done within the local network. There is no exploit available.
vuldb.com

Google Gemini 2.0 Introduced With Advanced AI for Developers

DataBreachToday.com
9 months 1 week ago
Multimodal Agentic AI Delivers Speed, Tools and Research Prototypes
Google's latest AI model can natively process and output text, images and audio in the search giant's push toward more autonomous reasoning, planning and action. The company said Gemini 2.0 is designed for applications ranging from development and gaming to research and everyday assistance.

Russia’s Secret Blizzard APT targets Ukraine with Kazuar backdoor

Security Affairs
9 months 1 week ago
Russia-linked APT group Secret Blizzard is using Amadey Malware-as-a-Service to infect systems in Ukraine with the Kazuar backdoor. The Russia-linked APT group Secret Blizzard (aka Turla, Snake, Uroburos, Waterbug, Venomous Bear and KRYPTON) was spotted using the Amadey malware to deploy the KazuarV2 backdoor on devices in Ukraine. The experts observed threat actors using the Amadey bot malware between March and April 2024. Microsoft highlights […]
Pierluigi Paganini

Managed ad