info
Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss
List of recent vulnerabilities
11 views
Skip to first unread message
rek2 hispagatos
Oct 12, 2023, 11:51:47 AM10/12/23
to
Microsoft Edge, Teams, and Skype Vulnerabilities:
Microsoft released urgent patches for vulnerabilities
in Edge, Teams, and Skype1.
JetBrains TeamCity RCE Vulnerability:
A critical vulnerability identified as
CVE-2023-42793 was found in JetBrains' TeamCity
server, allowing for Remote Code Execution (RCE)
without user input due to an authentication bypass
flaw2.
Arm Mali GPU Vulnerabilities:
Vulnerabilities identified in the Arm Mali GPU
drivers, notably CVE-2023-4211, were actively
exploited. Patches were issued for Bifrost,
Valhall, and Arm 5th Gen GPU architectures,
though a fix for Midgard GPU kernel driver may
not be available2.
Exim Mail Server Vulnerabilities:
Multiple zero-day vulnerabilities identified in
Exim's SMTP service, including an RCE
vulnerability (CVE-2023-42115) caused by
insufficient validation of user-supplied data,
resulting in a buffer overflow2.
Android October 2023 Update Vulnerabilities:
The Android October 2023 security update
addressed 54 vulnerabilities, including a buffer
overflow vulnerability (CVE-2023-4863) in the
libwebp library, and an actively exploited
vulnerability (CVE-2023-4211) in the Arm Mali
GPU drivers on Android devices2.
Curl and libcurl Vulnerabilities:
Two vulnerabilities, CVE-2023-38545 (a SOCKS5
heap buffer overflow vulnerability) and
CVE-2023-38546 (a cookie injection flaw), were
identified and fixed in Curl v8.4.03.
free5gc Web API Vulnerability:
A vulnerability in the /api/ component of
free5gc, identified as CVE-2023-5329, leads to
improper authentication4.
F5 Vulnerabilities:
On October 10, 2023, F5 announced several
security issues5.
PS: I format this better next time, creating a template now.
Happy Hacking
ReK2
--
- {gemini,https}://{,rek2.}hispagatos.org - mastodon: @re...@hispagatos.space
- [https|gemini]://2600.Madrid - https://hispagatos.space/@rek2
- https://keyoxide.org/A31C7CE19D9C58084EA42BA26C0B0D11E9303EC5
Microsoft released urgent patches for vulnerabilities
in Edge, Teams, and Skype1.
JetBrains TeamCity RCE Vulnerability:
A critical vulnerability identified as
CVE-2023-42793 was found in JetBrains' TeamCity
server, allowing for Remote Code Execution (RCE)
without user input due to an authentication bypass
flaw2.
Arm Mali GPU Vulnerabilities:
Vulnerabilities identified in the Arm Mali GPU
drivers, notably CVE-2023-4211, were actively
exploited. Patches were issued for Bifrost,
Valhall, and Arm 5th Gen GPU architectures,
though a fix for Midgard GPU kernel driver may
not be available2.
Exim Mail Server Vulnerabilities:
Multiple zero-day vulnerabilities identified in
Exim's SMTP service, including an RCE
vulnerability (CVE-2023-42115) caused by
insufficient validation of user-supplied data,
resulting in a buffer overflow2.
Android October 2023 Update Vulnerabilities:
The Android October 2023 security update
addressed 54 vulnerabilities, including a buffer
overflow vulnerability (CVE-2023-4863) in the
libwebp library, and an actively exploited
vulnerability (CVE-2023-4211) in the Arm Mali
GPU drivers on Android devices2.
Curl and libcurl Vulnerabilities:
Two vulnerabilities, CVE-2023-38545 (a SOCKS5
heap buffer overflow vulnerability) and
CVE-2023-38546 (a cookie injection flaw), were
identified and fixed in Curl v8.4.03.
free5gc Web API Vulnerability:
A vulnerability in the /api/ component of
free5gc, identified as CVE-2023-5329, leads to
improper authentication4.
F5 Vulnerabilities:
On October 10, 2023, F5 announced several
security issues5.
PS: I format this better next time, creating a template now.
Happy Hacking
ReK2
--
- {gemini,https}://{,rek2.}hispagatos.org - mastodon: @re...@hispagatos.space
- [https|gemini]://2600.Madrid - https://hispagatos.space/@rek2
- https://keyoxide.org/A31C7CE19D9C58084EA42BA26C0B0D11E9303EC5
0 new messages