Hot Topics

CVE

Ubuntu Fixed High-Severity QEMU Vulnerabilities

| | CVE, Linux & Open Source News, linux live patching, linux systems, QEMU, QEMU Hypervisors, QEMU in Virtualization, QEMU security, QEMU vulnerabilities, qemucare, security patches, security vulnerabilites, Ubuntu, Ubuntu Security Fixes, Ubuntu Security Updates
QEMU is a widely used open-source emulator for running multiple operating systems within a virtual machine. However, recent discoveries by the Ubuntu security team have shed light on issues within QEMU, addressing ...
TuxCare

Debian and Ubuntu Fixed OpenSSH Vulnerabilities

| | CVE, Debian, KernelCare Enterprise, Linux & Open Source News, linux live patching, live patching, openssh, OpenSSH security, OpenSSH Vulnerabilities, security patches, security vulnerabilites, Ubuntu Security Fixes, Ubuntu Security Updates
Debian and Ubuntu have released security updates for their respective OS versions, addressing five flaws discovered in the openssh package. In this article, we will delve into the intricacies of these vulnerabilities, ...
TuxCare

Security Vulnerabilities Addressed in Firefox 121

| | CVE, Firefox, Firefox 121, Firefox Security, Firefox Security Updates, Firefox vulnerabilities, High-Severity Vulnerability, Linux & Open Source News, Mozilla, open source, security patches, security updates, security vulnerabilites
In its latest stride towards user security, Mozilla has rolled out Firefox 121, bringing along a slew of crucial updates to address 18 vulnerabilities, five of which carry a ‘high‘ severity rating ...
TuxCare
HTTP/2 Rapid Reset Mitigation With Imperva WAF

HTTP/2 Rapid Reset Mitigation With Imperva WAF

| | Application Security, cloud WAF, CVE, ddos, DDoS attack, DDoS Protection, layer 7 attack, waf
In the modern application landscape, where businesses are constantly under the threat of cyber attacks, one of the most recent to emerge is HTTP/2 Rapid Reset (CVE-2023-44487), a type of Distributed Denial-of-Service ...
Blog

Ubuntu Security Updates Fixed Vim Vulnerabilities

| | CVE, Extended Lifecycle Support, Linux & Open Source News, security patches, security vulnerabilites, Ubuntu 18.04 End of Life, Ubuntu 20.04, Ubuntu 22.04, Ubuntu Security Fixes, Ubuntu Security Updates, Ubuntu16.04 ELS, Vim, Vim vulnerabilities
Vim, a powerful and widely used text editor, has recently come under scrutiny due to several vulnerabilities that could potentially compromise system security. In this article, we will delve into the intricacies ...
TuxCare

CVE-2023-50164: A Critical Vulnerability in Apache Struts

| | Apache Struts, application vulnerability, CVE, Imperva Threat Research, Path Traversal Attacks, Threat Research, vulnerability
On December 7, 2023, Apache released a security advisory regarding CVE-2023-50164, a critical vulnerability in Apache Struts with CVSS score 9.8. Versions from 2.5.0 to 2.5.32 and 6.0.0 to 6.3.0 were affected.  ...
Blog
CVE-2023-22524: RCE Vulnerability in Atlassian Companion for macOS

CVE-2023-22524: RCE Vulnerability in Atlassian Companion for macOS

| | application vulnerability, atlassian, CVE, Imperva Threat Research, RCE vulnerability, Threat Research, vulnerability
TL;DR This blog unveils a remote code execution vulnerability, identified as CVE-2023-22524, in Atlassian Companion for macOS, which has recently been patched. This critical vulnerability stemmed from an ability to bypass both ...
Blog

New Ubuntu Security Fixes for Linux Kernel Vulnerabilities

| | CVE, Linux & Open Source News, Linux kernel, linux kernel patching, Linux Kernel Security Patches, linux kernel vulnerabilities, linux live patching, Ubuntu Security Fixes, Ubuntu Security Updates
Ubuntu has recently released security fixes for Ubuntu 22.04 LTS and Ubuntu 23.04, addressing several vulnerabilities found in the Linux kernel. Exploiting these vulnerabilities could lead to a denial of service (system ...
TuxCare
Discovering MLflow Framework Zero-day Vulnerability | Machine Language Model Security | Contrast Security

Discovering MLflow Framework Zero-day Vulnerability | Machine Language Model Security | Contrast Security

| | APIs, CVE, machine learning, MLflow
Most Machine Language (ML) tools — including the development frameworks used for managing ML life cycles — are relatively new, which means they could well  have security vulnerabilities.  ...
AppSec Observer

Several Cobbler Vulnerabilities Fixed in Ubuntu 16.04

| | Cobbler, Cobbler Vulnerabilities, CVE, Extended Lifecycle Support, Linux & Open Source News, linux live patching, linux systems, security patches, security vulnerabilites, Ubuntu, Ubuntu Security Updates, Ubuntu16.04 ELS
A series of Cobbler vulnerabilities have been addressed in Ubuntu 16.04 ESM in the recent security updates. Ubuntu 16.04 ESM (Expanded Security Maintenance) is the extended version of end-of-life Ubuntu 16.04 LTS ...
TuxCare
Load more