Terrapin SSH Connection Weakening
In this paper, the authors show that as new encryption algorithms and mitigations were added to SSH, the SSH Binary Packet Protocol is no longer a secure channel: SSH channel integrity (INT-PST) is...
View ArticleRed Hat Security Advisory 2023-7872-03
Red Hat Security Advisory 2023-7872-03 - An update for gstreamer1-plugins-bad-free is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Issues addressed include a use-after-free...
View ArticleRed Hat Security Advisory 2023-7873-03
Red Hat Security Advisory 2023-7873-03 - An update for gstreamer1-plugins-bad-free is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Issues addressed include buffer overflow...
View ArticleRed Hat Security Advisory 2023-7874-03
Red Hat Security Advisory 2023-7874-03 - An update for gstreamer1-plugins-bad-free is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux...
View ArticleRed Hat Security Advisory 2023-7875-03
Red Hat Security Advisory 2023-7875-03 - An update for gstreamer1-plugins-bad-free is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support, Red Hat Enterprise Linux 8.2...
View ArticleRed Hat Security Advisory 2023-7876-03
Red Hat Security Advisory 2023-7876-03 - An update for opensc is now available for Red Hat Enterprise Linux 8. Issues addressed include a bypass vulnerability.
View ArticleRed Hat Security Advisory 2023-7877-03
Red Hat Security Advisory 2023-7877-03 - An update for openssl is now available for Red Hat Enterprise Linux 8.
View ArticleRed Hat Security Advisory 2023-7879-03
Red Hat Security Advisory 2023-7879-03 - An update for opensc is now available for Red Hat Enterprise Linux 9. Issues addressed include bypass and out of bounds read vulnerabilities.
View ArticleApple Security Advisory 12-19-2023-1
Apple Security Advisory 12-19-2023-1 - macOS Sonoma 14.2.1 addresses a session tracking issue.
View ArticleMajorDoMo Remote Code Execution
MajorDoMo versions prior to 0662e5e suffer from an unauthenticated remote code execution vulnerability.
View ArticleTYPO3 11.5.24 Path Traversal
TYPO3 version 11.5.24 suffers from a path traversal vulnerability.
View ArticleUbuntu Security Notice USN-6560-1
Ubuntu Security Notice 6560-1 - Fabian Bäumer, Marcus Brinkmann, Joerg Schwenk discovered that the SSH protocol was vulnerable to a prefix truncation attack. If a remote attacker was able to intercept...
View ArticleGentoo Linux Security Advisory 202312-02
Gentoo Linux Security Advisory 202312-2 - A vulnerability has been found in Minecraft Server which leads to remote code execution. Versions greater than or equal to 1.18.1 are affected.
View ArticleMOKOSmart MKGW1 Gateway Improper Session Management
MOKOSmart MKGW1 Gateway devices with firmware version 1.1.1 or below do not provide an adequate session management for the administrative web interface. This allows adjacent attackers with access to...
View ArticleUbuntu Security Notice USN-6561-1
Ubuntu Security Notice 6561-1 - Fabian Bäumer, Marcus Brinkmann, Joerg Schwenk discovered that the SSH protocol was vulnerable to a prefix truncation attack. If a remote attacker was able to intercept...
View ArticleGentoo Linux Security Advisory 202312-03
Gentoo Linux Security Advisory 202312-3 - Multiple vulnerabilities have been found in Mozilla Thunderbird, the worst of which could lead to remote code execution. Versions greater than or equal to...
View Article