lighttpd – security update
An invalid HTTP request (websocket handshake) may cause a `NULL` pointer dereference in the wstunnel module. For Debian 10 buster, this problem has been fixed in version 1.4.53-4+deb10u3. We recommend ...
Continue Reading
October 03, 2022
[SECURITY] [DLA 3133-1] lighttpd security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-3133-1 [email protected] https://www.debian.org/lts/security/ ...
Continue Reading
October 03, 2022
CVE-2022-41082
Microsoft Exchange Server Remote Code Execution Vulnerability.Read More ...
Continue Reading
October 02, 2022
CVE-2022-41040
Microsoft Exchange Server Elevation of Privilege Vulnerability.Read More ...
Continue Reading
October 02, 2022
[SECURITY] Fedora 36 Update: knot-resolver-5.5.3-1.fc36
The Knot Resolver is a DNSSEC-enabled caching full resolver implementation written in C and LuaJIT, including both a resolver library and a daemon. Modular architecture of the library keeps the core t ...
Continue Reading
October 01, 2022
[SECURITY] Fedora 35 Update: knot-resolver-5.5.3-1.fc35
The Knot Resolver is a DNSSEC-enabled caching full resolver implementation written in C and LuaJIT, including both a resolver library and a daemon. Modular architecture of the library keeps the core t ...
Continue Reading
October 01, 2022
Security Bulletin: Vulnerability in Apache Tomcat affects IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products
## Summary A vulnerability in Apache Tomcat affects the product's management GUI. The Command Line Interface is unaffected. ## Vulnerability Details **CVEID: **[CVE-2022-25762]() **DESCRIPTION: **Apac ...
Continue Reading
September 30, 2022
Atlassian Bitbucket Server and Data Center Command Injection Vulnerability
Multiple API endpoints of Atlassian Bitbucket Server and Data Center contain a command injection vulnerability where an attacker with access to a public Bitbucket repository, or with read permissions ...
Continue Reading
September 30, 2022
Denial Of Service (DOS)
Consul is vulnerable to authorization denial of service. Due to incorrectly validating JWT characters, an attacker can continually request TLS certificates and ACL tokens. This unnecessary information ...
Continue Reading
September 29, 2022
Security Bulletin: Potential Security Vulnerabilities fixed in IBM WebSphere Application Server 8.5.5
## Abstract Cross reference list for security vulnernabilities fixed in IBM WebSphere Appplication Server Fix Pack 8.5.5 ## Content **VULNERABILITY DETAILS: ** **CVE ID: ****_CVE-2013-0482 (PM76582)_* ...
Continue Reading
September 29, 2022
