Cisco Patches Vulnerability Exploited in Large-Scale Brute-Force Campaign SecurityWeek Article Source https://www.securityweek.com/cisco-patches-vulnerability-exploited-in-large-scale-brute-force-campaign/
The vulnerability is a heap overflow in the implementation of the DCERPC (distributed computing environment / remote procedure call) protocol in vCenter Server. An attacker with network access to vCenter server can trigger them by sending a… Source link
A critical SQL injection flaw within the VMware HCX platform got an urgent fix. The vulnerability allows unauthorized low-privilege users to execute remote code on the HCX manager. Versions 4.8.x through 4.10.x of the HCX platform are… Source link
Cisco Patches High-Severity Vulnerabilities in Analog Telephone Adapters SecurityWeek Article Source https://www.securityweek.com/cisco-patches-high-severity-vulnerabilities-in-analog-telephone-adapters/
Oracle Patches Over 200 Vulnerabilities With October 2024 CPU SecurityWeek Article Source https://www.securityweek.com/oracle-patches-over-200-vulnerabilities-with-october-2024-cpu/
Building off the existing Linux support for GPU Direct RDMA / Peer-To-Peer DMA functionality, a set of patches were posted by NVIDIA today enabling this P2P DMA support to also work for device-private pages. There’s been a lot of Linux work… Article Source https://www.phoronix.com/news/Linux-GPU-P2P-DMA-Device-Priv
Aruba access points running AOS-8 and AOS-10 need to be patched urgently after HPE emitted fixes for three critical flaws in its networking subsidiary’s networking access points. The issues would allow an unauthenticated attacker to run code on… Article Source https://www.theregister.com/2024/09/26/hpe_aruba_patch_papi/
HPE has revealed Aruba Access Points (APs), the company’s high-performance Wi-Fi devices, could have been vulnerable to a threat granting threat actors the ability to execute malicious code remotely. The company confirmed the news in a security… Article Source https://www.techradar.com/pro/security/hpe-aruba-patches-critical-security-flaws-across-several-access-points
Intel’s Linux team is working on performance monitoring capabilities for the next-generation Arrow Lake and Lunar Lake CPUs. The team has integrated model-specific parts for these CPUs into the Linux 6.11 kernel. The new performance monitoring unit for these CPUs is similar to the previous generation Meteor Lake with some key differences, such as additional … Read more
Citrix urged clients to update to the latest versions of NetScaler ADC and NetScaler Gateway due to an attack targeting a critical vulnerability. The company released patches to address the issue, known as CVE-2023-4966, on October 10. Citrix warned that exploiting the flaw could result in data disclosure. The vulnerability is most critical for customers … Read more