[![](data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAQAAAC1HAwCAAAAC0lEQVR42mP8Xw8AAoMBgDTD2qgAAAAASUVORK5CYII=)]() While the use of Infrastructure as Code (IaC) has gained significant popular ...
Continue ReadingJune 19, 2023
[![Sophisticated Cyber Espionage](data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAQAAAC1HAwCAAAAC0lEQVR42mP8Xw8AAoMBgDTD2qgAAAAASUVORK5CYII=)]() Governmental entities in the Middle East and Af ...
Continue ReadingJune 19, 2023
The c-ares C library defines asynchronous DNS (Domain Name System) requests and provides name resolving API. Security Fix(es): * c-ares: 0-byte UDP payload Denial of Service (CVE-2023-32067) For more ...
Continue ReadingJune 19, 2023
### Context Content Security Policies (CSP) are a defense-in-depth strategy against XSS attacks. Improper application of CSP isn't itself a vulnerability, but it does fail to prevent XSS in the event ...
Continue ReadingJune 16, 2023
### Context Content Security Policies (CSP) are a defense-in-depth strategy against XSS attacks. Improper application of CSP isn't itself a vulnerability, but it does fail to prevent XSS in the event ...
Continue ReadingJune 16, 2023
### Impact When the [Gateway API](https://docs.cilium.io/en/v1.13/network/servicemesh/gateway-api/gateway-api/) is enabled in Cilium, the absence of a check on the namespace in which a [ReferenceGrant ...
Continue ReadingJune 16, 2023
[![Linux Backdoor](data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAQAAAC1HAwCAAAAC0lEQVR42mP8Xw8AAoMBgDTD2qgAAAAASUVORK5CYII=)]() The threat actor known as **ChamelGang** has been observed usi ...
Continue ReadingJune 16, 2023
When creating a playbook run via the /dialog API, Mattermost fails to validate all parameters, allowing an authenticated attacker to edit an arbitrary channel post.Read More ...
Continue ReadingJune 16, 2023
Back to Main