Tag: code execution
-
The Register: Asus lets processor security fix slip out early, AMD confirms patch in progress
Source URL: https://www.theregister.com/2025/01/23/asus_amd_processor_fix/ Source: The Register Title: Asus lets processor security fix slip out early, AMD confirms patch in progress Feedly Summary: Answers on a postcard to what ‘Microcode Signature Verification Vulnerability’ might mean AMD has confirmed at least some of its microprocessors suffer a microcode-related security vulnerability, the existence of which accidentally emerged this…
-
The Register: Oracle emits 603 patches, names one it wants you to worry about soon
Source URL: https://www.theregister.com/2025/01/23/oracle_patch_linux/ Source: The Register Title: Oracle emits 603 patches, names one it wants you to worry about soon Feedly Summary: Old flaws that keep causing trouble haunt Big Red Oracle has delivered its regular quarterly collection of patches: 603 in total, 318 for its own products, and another 285 for Linux code it…
-
Alerts: CISA and FBI Release Advisory on How Threat Actors Chained Vulnerabilities in Ivanti Cloud Service Applications
Source URL: https://www.cisa.gov/news-events/alerts/2025/01/22/cisa-and-fbi-release-advisory-how-threat-actors-chained-vulnerabilities-ivanti-cloud-service Source: Alerts Title: CISA and FBI Release Advisory on How Threat Actors Chained Vulnerabilities in Ivanti Cloud Service Applications Feedly Summary: CISA, in partnership with the Federal Bureau of Investigation (FBI), released Threat Actors Chained Vulnerabilities in Ivanti Cloud Service Applications. This advisory was crafted in response to active exploitation of vulnerabilities—CVE-2024-8963,…
-
Simon Willison’s Weblog: llm-gemini 0.9
Source URL: https://simonwillison.net/2025/Jan/22/llm-gemini/ Source: Simon Willison’s Weblog Title: llm-gemini 0.9 Feedly Summary: llm-gemini 0.9 This new release of my llm-gemini plugin adds support for two new experimental models: learnlm-1.5-pro-experimental is “an experimental task-specific model that has been trained to align with learning science principles when following system instructions for teaching and learning use cases" –…
-
Unit 42: Threat Brief: CVE-2025-0282 and CVE-2025-0283
Source URL: https://unit42.paloaltonetworks.com/threat-brief-ivanti-cve-2025-0282-cve-2025-0283/ Source: Unit 42 Title: Threat Brief: CVE-2025-0282 and CVE-2025-0283 Feedly Summary: CVE-2025-0282 and CVE-2025-0283 affect multiple Ivanti products. This threat brief covers attack scope, including details from an incident response case. The post Threat Brief: CVE-2025-0282 and CVE-2025-0283 appeared first on Unit 42. AI Summary and Description: Yes **Summary:** The text details…
-
Hacker News: Researchers have identified a total of 6 vulnerabilities in rsync
Source URL: https://www.openwall.com/lists/oss-security/2025/01/14/3 Source: Hacker News Title: Researchers have identified a total of 6 vulnerabilities in rsync Feedly Summary: Comments AI Summary and Description: Yes Summary: The text discusses multiple vulnerabilities identified in the rsync software, including a critical heap buffer overflow that allows arbitrary code execution with minimal access rights. This communication is especially…