A new zero-day vulnerability in Barracuda Networks’ Email Security Gateway (ESG) has been disclosed. The vulnerability, identified as CVE-2023-7102, stems from the open-source third-party library, Spreadsheet::ParseExcel, used in ESG’s malware protection features. This issue...
In the complex domain of cybersecurity, the emergence of RetSpill marks a significant shift in the landscape of Linux kernel exploitation. This ingenious technique exploits the kernel’s design to escalate privileges, bypassing multiple layers...
In the ever-evolving landscape of cybersecurity, a new attack technique named “SMTP Smuggling” has emerged, posing a significant threat to the integrity of email communications. Discovered by Timo Longin, in collaboration with SEC Consult,...
In the realm of Linux and UNIX operating systems, the “sudo” command is a cornerstone of system administration, allowing users to execute commands with superuser privileges. However, the discovery of CVE-2023-7090 has cast a...
Deepin Linux has long been celebrated for its aesthetics and user-friendliness, especially among open-source enthusiasts. Developed by a Chinese team, it has earned a reputation for being one of the most visually appealing Linux...
Details have emerged about a now-patched security vulnerability in OpenSSH that could be potentially exploited to run arbitrary commands remotely on compromised hosts under specific conditions. The vulnerability is tracked under the CVE identifier...
Apache Airflow, the backbone of countless workflow pipelines, has encountered unwelcome turbulence. Four security vulnerabilities, collectively known as CVE-2023-47265, CVE-2023-49920, CVE-2023-50783, and CVE-2023-48291, have landed in the Airflow ecosystem, putting your workflows and data...
As an HTML5 web application, Apache Guacamole deftly bridges the gap between users and remote desktop environments, employing protocols like VNC or RDP. Beyond its immediate functionality, Guacamole underpins a broader project, offering an...
A new threat has emerged, targeting the very core of Linux systems around the globe. This peril, identified as CVE-2023-6817, lurks within the NetFilter subsystem of the Linux kernel, a critical component that governs...
In the ever-evolving landscape of cybersecurity, a new threat has emerged, known as the Terrapin attack. This sophisticated cyber assault targets the SSH (Secure Shell) protocol, a widely used standard for secure network services...
In the ever-evolving landscape of cyber security, the discovery of vulnerabilities within widely-used software systems is not uncommon. The latest to join this list is Apache Doris, an MPP (Massively Parallel Processing) architecture-based analytical...
A critical security flaw has been discovered in 3CX’s VoIP software, prompting the company to urge customers to disable their CRM integrations immediately. While details remain under wraps, the potential for a data breach...