Original release date: January 20, 2023 Drupal has released security advisories to address vulnerabilities affecting multiple products. An attacker could exploit these vulnerabilities to access sensitive information. CISA encourages users and administrators to review Drupal’s security advisories SA-CORE-2023-001, SA-CONTRIB-2023-002, SA-CONTRIB-2023-003, and SA-CONTRIB-2023-004 and apply the…
Rilevata vulnerabilità di tipo “Path Traversal” nel firmware dei prodotti SonicWall SMA1000 che potrebbe permettere a un utente malintenzionato remoto l’accesso a informazioni sensibili presenti sui dispositivi target. Source link Author: csirt@pec.acn.gov.it Article used for cyber security disclosure.
Original release date: January 18, 2023 Mozilla has released security updates to address vulnerabilities in Firefox ESR and Firefox. An attacker could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review Mozilla’s security advisories for…
Mozilla ha rilasciato aggiornamenti di sicurezza per sanare molteplici vulnerabilità, di cui 5 con gravità “alta”, nei prodotti Firefox e Firefox ESR. Source link Author: csirt@pec.acn.gov.it Article used for cyber security disclosure.
From time to time I stumble upon Tweets about counting the number of IPv6 addresses (1 2 3). While I think it is ok to do it that way when you’re new to IPv6 and you want to get an idea of it, it does…
Original release date: January 12, 2023 CISA released twelve Industrial Control Systems (ICS) advisories on January 12, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. CISA encourages users and administrators to review the newly released ICS advisories for…
Risolta vulnerabilità, con gravità “alta”, che riguarda il kernel Linux. Tale vulnerabilità, qualora sfruttata, potrebbe permettere l’elevazione dei privilegi utente tramite l’utilizzo di software opportunamente predisposto. Source link Author: csirt@pec.acn.gov.it Article used for cyber security disclosure.
Original release date: January 12, 2023 Drupal has released a security update to address a vulnerability affecting private vocabulary modules for Drupal 8.x. An unauthorized user could exploit this vulnerability to bypass access permissions to create, modify, and delete private vocabulary terms. CISA encourages users…
