article thumbnail

A flaw in libcue library impacts GNOME Linux systems

Security Affairs

A vulnerability in the libcue library impacting GNOME Linux systems can be exploited to achieve remote code execution (RCE) on affected hosts. A threat actor can trigger a vulnerability, tracked as CVE-2023-43641 (CVSS score: 8.8), in the libcue library impacting GNOME Linux systems to achieve remote code execution (RCE) on affected hosts.

Libraries 309
article thumbnail

Closure JavaScript Library introduced XSS issue in Google Search and potentially other services

Security Affairs

A change made months ago in an open-source JavaScript library introduced a cross-site scripting (XSS) vulnerability in Google Search. The Japanese security researcher Masato Kinugawa discovered an XSS vulnerability in Google Search that was introduced with a change made months ago in an open-source JavaScript library.

Libraries 276
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Internet Archive data breach impacted 31M users

Security Affairs

.” The Internet Archive is an American nonprofit digital library website that provides free access to collections of digitized materials including websites, software applications, music, audiovisual, and print materials. million print materials, 13 million videos, 1.2

Archiving 299
article thumbnail

Popular open-source PJSIP library is affected by critical flaws

Security Affairs

Researchers from JFrog’s Security Research team discovered five vulnerabilities in the PJSIP open-source multimedia communication library. Researchers from JFrog’s Security Research team discovered five vulnerabilities in the popular PJSIP open-source multimedia communication library. on February 24, 2022.

Libraries 246
article thumbnail

3CX voice and video conferencing software victim of a supply chain attack

Security Affairs

Popular voice and video conferencing software 3CX was the victim of a supply chain attack, SentinelOne researchers reported. As of Mar 22, 2023, SentinelOne observed a spike in behavioral detections of the 3CXDesktopApp, which is a popular voice and video conferencing software product. ” explained 3CX’s CEO Nick Galea.

article thumbnail

Vulnerabilities in Microsoft apps for macOS allow stealing permissions

Security Affairs

These flaws could allow attackers to inject malicious libraries into Microsoft’s apps and steal permissions. ” Cisco Talos identified vulnerabilities in Microsoft macOS applications that could let attackers send emails, record audio, take pictures, or record videos without user knowledge. ” continues the report.

Libraries 324
article thumbnail

Microsoft March 2022 Patch Tuesday updates fix 89 vulnerabilities

Security Affairs

Below is the complete list of vulnerabilities addressed by Microsoft: Tag CVE ID CVE Title Severity.NET and Visual Studio CVE-2022-24512.NET NET and Visual Studio Remote Code Execution Vulnerability Important.NET and Visual Studio CVE-2022-24464.NET

Libraries 291