backdoor in upstream xz/liblzma leading to ssh server compromise
CVE-2024-3094 Detail
Archlinux - The xz package has been backdoored
All servers have already been updated and tested. Everything is fine.
If you use Arch, test it as follows:
ldd /usr/sbin/sshd | grep -e libsystemd -e liblzma...
Two security defects were identified in TP-Link WR710N-V1-151022 and Archer-C5-V2-160201 SOHO (small office/home office) #routers, allowing attackers to execute code, crash devices, or guess login credentials.
Tracked as CVE-2022-4498, the first issue is described as a heap overflow caused by craf...
Samsung Galaxy Store Bug Could've Let Hackers Secretly Install Apps on Targeted Devices
A now-patched security flaw has been disclosed in the Galaxy Store app for #Samsung devices that could potentially trigger remote command execution on affected phones.
The vulnerability, which affects Galaxy S...
Retail giant Amazon patched a high-severity security issue in its Ring app for Android in May that could have enabled a rogue application installed on a user's device to access sensitive information and camera recordings.
The Ring app for Android has over 10 million downloads and enables users to...
CERT NZ is aware of a possible exploit that is affecting some #DrayTek #routers.
Attacks can be performed without user interaction if the management interface of the device has been configured to be internet facing. Exploitation of this #vulnerability can lead to a full compromise of the device an...