Please turn on your JavaScript for this page to function normally.
Curl
Curl project squashes high-severity bug in omnipresent libcurl library (CVE-2023-38545)

Curl v8.4.0 is out, and fixes – among other things – a high-severity SOCKS5 heap buffer overflow vulnerability (CVE-2023-38545). Appropriate patches for some older …

Linux
GNOME users at risk of RCE attack (CVE-2023-43641)

If you’re running GNOME on you Linux system(s), you are probably open to remote code execution attacks via a booby-trapped file, thanks to a memory corruption …

Linux
“Looney Tunables” bug allows root access on Linux distros (CVE-2023-4911)

A vulnerability (CVE-2023-4911) in the GNU C Library (aka “glibc”) can be exploited by attackers to gain root privileges on many popular Linux distributions, …

danger
Google “confirms” that exploited Chrome zero-day is actually in libwebp (CVE-2023-5129)

UPDATE (September 28, 2023, 03:15 a.m. ET): The CVE-2023-5129 ID has been either rejected or withdrawn by the CVE Numbering Authority (Google), since it’s a duplicate of …

Ubuntu
Ubuntu Core now compatible with the Arm SystemReady IR systems specification

Canonical announced its Ubuntu Core OS is now compatible with the Arm SystemReady IR system specification, enabling security best practices across connected devices. In …

Ubuntu
Real-time Ubuntu released, offers end-to-end security and reliability

Canonical released real-time Ubuntu 22.04 LTS, providing a deterministic response to an external event, aiming to minimise the response time guarantee within a specified …

Ubuntu
Ubuntu Pro: Comprehensive subscription for open-source software security

Ubuntu Pro, Canonical’s comprehensive subscription for secure open source and compliance, is now generally available. Ubuntu Pro helps teams get timely CVE patches, harden …

git
Critical RCE vulnerabilities found in git (CVE-2022-41903, CVE-2022-23251)

A source code audit has revealed two critical vulnerabilities affecting git, the popular distributed version control system for collaborative software development. The latest …

Linux
Nimbuspwn bugs allow attackers to gain root privileges on some Linux machines (CVE-2022-29799, CVE-2022-29800)

Microsoft has unearthed two security vulnerabilities (CVE-2022-29799, CVE-2022-29800) in the networkd-dispatcher daemon that may be exploited by attackers to gain root on many …

security platform
Ubuntu 22.04 LTS released, delivers enterprise-grade security

Canonical Ubuntu 22.04 LTS is now generally available, featuring significant leaps forward in cloud confidential computing, real-time kernel for industrial applications, and …

Samba
Samba bug may allow code execution as root on Linux machines, NAS devices (CVE-2021-44142)

A critical vulnerability (CVE-2021-44142) in Samba, a widely used open source implementation of the Server Message Block (SMB) networking protocol, could allow attackers to …

linux tux
PolKit vulnerability can give attackers root on many Linux distros (CVE-2021-4034)

A memory corruption vulnerability (CVE-2021-4034) in PolKit, a component used in major Linux distributions and some Unix-like operating systems, can be easily exploited by …

Don't miss

Cybersecurity news