The code in UEK6 U3 was missing an appropiate file descriptor count to be missing. This resulted in a use count error that allowed a file descriptor to a socket to be closed and freed while it was sti ...

Continue Reading

June 14, 2022

[![Azure Vulnerability](https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEguoPxH6UrsFGceLRt5gQGN-lvkRywJIQ2iWH3QV4JtbyMHdNHcIyd1aImzm-JEY-jJzCJ045NHjRM3UwW7ZlhwxMVc4ubPytx9TQOZpJvR18dHRQEiNV-6 ...

Continue Reading

June 14, 2022

This advisory contains the following OpenShift Virtualization 4.10.2 images: RHEL-8-CNV-4.10 =============== virt-artifacts-server-container-v4.10.2-1 kubevirt-template-validator-container-v4.10.2-1 v ...

Continue Reading

June 14, 2022

Hello everyone! In this short episode, I want to talk about the new feature in Vulners Linux API. Alternative video link (for Russia): Linux security bulletin publication dates are now included in sc ...

Continue Reading

June 13, 2022

In Festo Controller CECC-X-M1 product family in multiple versions, the http-endpoint "cecc-x-web-viewer-request-off" POST request doesn’t check for port syntax. This can result in unauthorized ex ...

Continue Reading

June 13, 2022

In Festo Controller CECC-X-M1 product family in multiple versions, the http-endpoint "cecc-x-web-viewer-request-on" POST request doesn’t check for port syntax. This can result in unauthorized exe ...

Continue Reading

June 13, 2022

In Festo Controller CECC-X-M1 product family in multiple versions, the http-endpoint "cecc-x-refresh-request" POST request doesn’t check for port syntax. This can result in unauthorized execution ...

Continue Reading

June 13, 2022

The vulnerability is that IDToken verifier does not verify if token is properly signed. Signature verification makes sure that the token's payload comes from valid provider, not from someone else. An ...

Continue Reading

June 13, 2022