by EGI CSIRT | Oct 11, 2024 | Advisories, News
HIGH risk vulnerability has been found concerning the Java version of voms-proxy-init. During the proxy generation process it is possible for unauthorized users on the same machine to gain read access to the proxy. This allows the user to then perform any action that...
by EGI CSIRT | Oct 7, 2024 | News
The 2024 edition of the EGI Conference was held in Lecce from 30 September to 4 October. The program addressed several key issues, including data management, integrating diverse technologies, like high-throughput computing, cloud and high-performance computing...
by EGI CSIRT | Sep 12, 2024 | News
SLUBStick is a kernel exploit technique that elevates a heap vulnerability to an arbitrary memory read/write primitive. It works in several steps: first, it exploits a timing side channel of the allocator to reliably perform a cross-cache attack on commonly used...
by EGI CSIRT | Sep 11, 2024 | Advisories, News
A critical vulnerability CVE-2024-41110 has been found in Docker Authorization that could allow an attacker to bypass authorization plugins (AuthZ) under specific circumstances. See our SVG Advisory for further details.
by EGI CSIRT | Aug 26, 2024 | Advisories, News
There is a HIGH-risk vulnerability CVE-2024-5564 in libndp. This flaw allows a local malicious user to cause a buffer overflow in NetworkManager, triggered by sending a malformed IPv6 router advertisement packet. Further information on this vulnerability can be found...
Recent Comments