RST Threat feed. IOC: appsync-api.eu-west-1.avsvmcloud.com

Found **appsync-api[.]eu-west-1.avsvmcloud.com** in [RST Threat...Read More ...

Continue Reading
Is 3rd Party App Access the New Executable File?

[![](https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEi8lCxJ_L3Qa8em9C7Sl8lGPrFtiFd6H-aLwXGn5NptdVaxTRmUaNInmIYpjK28RludpEo_9DB2moUk9ypuDFqQEKiVavr32-ez_Cc1_JfH0s4sOuAfEAuM9O-MvBxfxQSCnT71pfj ...

Continue Reading
(RHSA-2022:4880) Moderate: ACS 3.70 enhancement and security update

New features and enhancements 1. Verifying image signatures against Cosign public keys: You can use RHACS to ensure the integrity of the container images in your clusters by verifying image signatures ...

Continue Reading
Privilege Escalation

chromium is vulnerable to privilege escalation. The vulnerability exists through the file system api componentRead More ...

Continue Reading
Improper Validation

chromium is vulnerable to improper validation. The vulnerability exists due to insufficient policy enforcement in File System API which allows an attacker to gain access to the system.Read More ...

Continue Reading
Path Traversal in XWiki Platform

### Impact One can ask for any file located in the classloader using the template API and a path with ".." in it. For example ``` {{template name="../xwiki.hbm.xml"/}} ``` To our knownledge none of t ...

Continue Reading
Weak private key generation in SSH.NET

During an **X25519** key exchange, the clientÂ’s private is generated with [**System.Random**](https://docs.microsoft.com/en-us/dotnet/api/system.random): ```cs var rnd = new Random(); _privateKey = n ...

Continue Reading
Security Updates for Microsoft PowerPoint Products C2R (March 2021)

The Microsoft PowerPoint Products are missing a security update. It is, therefore, affected by the following vulnerability: - A remote code execution vulnerability. An attacker can exploit this ...

Continue Reading

Back to Main

Subscribe for the latest news: