Multiple Vulnerabilities in Cisco IOS XE Software Web UI Feature
Multiple (also critical) vulnerabilities were found in Cisco IOS XE Software Web UI that effect devices with HTTP in HTTPS protocols enabled and exposed to the Internet. The most critical is vulnerability CVE-2023-20198 with CVSS score 10.0, which allows a remote,...
Intel downfall vulnerability
A potential security vulnerability in some Intel® Processors may allowinformation disclosure. Intel released firmware updates and an optionalsoftware sequence to mitigate this potential vulnerability. Read more about this vulnerability in the SVG Advisory.
Multiple kernel vulnerabilities in RHEL7, RHEL8 and RHEL9.
Multiple high kernel vulnerabilities were fixed in the RHEL7, RHEL8 and RHEL9. CVEs affecting RHEL9 only: CVE ID/CVSS Score : CVE-2023-3610/7.8CVE ID/CVSS Score : CVE-2023-4147/7.8 CVE ID/CVSS Score : CVE-2023-31248/7.8 CVEs affecting RHEL9 and RHEL8: CVE ID/CVSS...
Critical vulnerability (CVE-2023-32233) in Netfilter nf_tables
A use-after-free flaw was found in the Netfilter nf_tables (net/netfilter/nf_tables_api.c) in the Linux kernel, assigned CVE is CVE-2023-32233.In order to exploit this flaw, the attacker must have CAP_NET_ADMIN privileges and be able to manipulate netfilter entries....
Thematic CERN school of computing on Security 2023
EGI CSIRT has taken part at the Thematic CERN school of computing on Security, which took place from 8th to 14th of October in Split. The school is proposed to people working in academia and research institutes, who need to tackle security in their work and provide...
Recommendations to enhance security
Based on recent incidents in the EGI environment, we would like to point out some of the guidelines and best practices to enhance the security resilience of the resource providers. Prevention Central logging: Ensure that logs are collected centrally by a remote...
