New scheme ready for Cyber Incident Exercising providers
A new Cyber Incident Exercising scheme is now open for organisations to apply to be Assured Providers, with IASME and CREST as our delivery partners. NCSC
RoyalTSX 6.0.1 RTSZ File Handling Heap Memory Corruption
RoyalTSX version 6.0.1 suffers from an RTSZ file handling heap memory corruption vulnerability. The application receives SIGABRT after the RAPortCheck.createNWConnection() function is handling the SecureGatewayHost
OPNsense 23.1.11_1 / 23.7.3 / 23.7.4 Cross Site Scripting / Privilege Escalation
OPNsense versions 23.1.11_1, 23.7.3, and 23.7.4 suffer from cross site scripting vulnerabilities that can allow for privilege escalation. Exploit Files ≈ Packet Storm
Debian Security Advisory 5504-1
Debian Linux Security Advisory 5504-1 – Several vulnerabilities were discovered in BIND, a DNS server implementation. Vulnerability Files ≈ Packet Storm
Apple Security Advisory 2023-09-21-6
Apple Security Advisory 2023-09-21-6 – macOS Ventura 13.6 addresses bypass vulnerabilities. Vulnerability Files ≈ Packet Storm
Apple Security Advisory 2023-09-21-5
Apple Security Advisory 2023-09-21-5 – watchOS 9.6.3 addresses bypass vulnerabilities. Vulnerability Files ≈ Packet Storm
Apple Security Advisory 2023-09-21-4
Apple Security Advisory 2023-09-21-4 – watchOS 10.0.1 addresses bypass vulnerabilities. Vulnerability Files ≈ Packet Storm
LogoBee CMS 0.2 Cross Site Scripting
LogoBee CMS version 0.2 suffers from a cross site scripting vulnerability. Exploit Files ≈ Packet Storm
Lamano LMS 0.1 Insecure Settings
Lamano LMS version 0.1 suffers from an ignored default credential vulnerability. Exploit Files ≈ Packet Storm
Apple Security Advisory 2023-09-21-3
Apple Security Advisory 2023-09-21-3 – iOS 16.7 and iPadOS 16.7 addresses bypass vulnerabilities. Vulnerability Files ≈ Packet Storm