It was discovered that lxml, a Python binding for the libxml2 and libxslt libraries, does not properly sanitize its input, which could lead to cross-site scripting.
USN-5210-1 introduced a regression in the Linux kernel.
Several vulnerabities have been discovered in Epiphany, the GNOME web browser, allowing XSS attacks under certain circumstances. For the stable distribution (bullseye), these problems have been fixed in
lxml could be made to execute arbitrary code if it received a specially crafted XML or HTML file.
Several security issues were fixed in Ghostscript.
This is the second service release to update the new stable version 1.5. It provides a bunch of small fixes and improvements to the OAuth feature as well as a security fix to a recently reported XSS vulnerability. See the full changelog in the [release notes](https://github.com/roundcube/roundcubemail/releases/tag/1.5.2) on the
Security fix for CVE-2020-16156
Examples of bank-themed survey scams seen by Netcraft
Netcraft has seen a large increase in survey scams impersonating well-known banks as a lure. These are often run under the guise of a prize in celebration of the bank’s anniversary, though in some cases a reward is promised just for participating.
These scams first came to Netcraft’s attention around 16 months ago, when businesses that were particularly useful during lockdown such as supermarkets, mobile phone networks, and delivery companies were targeted. The expansion of these attacks to use banks as a lure started in October 2021. To date we have seen over 75 distinct banks used as lures for these survey scams, with a global spread including banks from US, UK, Asia, and the Middle East.
59 queries. 8.5 mb Memory usage. 1.235 seconds.