Day: 14 abril, 2018

Publicado el

Drupal core – Highly critical – Remote Code Execution – SA-CORE-2018-002

Project: Drupal coreDate: 2018-March-28Security risk: Highly critical 22∕25 AC:None/A:None/CI:All/II:All/E:Proof/TD:DefaultVulnerability: Remote Code Execution Description: CVE: CVE-2018-7600A remote code execution vulnerability exists within multiple subsystems of Drupal 7.x and 8.x. This potentially allows attackers to exploit multiple attack vectors on a Drupal site, which could result in the site being completely compromised.The security team has written an FAQ about this More info: https://www.drupal.org/sa-core-2018-002
Publicado el

PHP vulnerability CVE-2016-5768

PHP vulnerability CVE-2016-5768. Security Advisory. Security Advisory Description. Double free vulnerability in the ... More info: https://support.f5.com/csp/article/K95432245
Publicado el

DSA-4171 ruby-loofah – security update

The Shopify Application Security Team reported that ruby-loofah, ageneral library for manipulating and transforming HTML/XML documents andfragments, allows non-whitelisted attributes to be present in sanitizedoutput when input with specially-crafted HTML fragments. This mightallow to mount a code injection attack into a browser consumingsanitized output. More info: https://www.debian.org/security/2018/dsa-4171
Publicado el

Drupal core – Highly critical – Remote Code Execution – SA-CORE-2018-002

Project: Drupal coreDate: 2018-March-28Security risk: Highly critical 24∕25 AC:None/A:None/CI:All/II:All/E:Exploit/TD:DefaultVulnerability: Remote Code Execution Description: CVE: CVE-2018-7600A remote code execution vulnerability exists within multiple subsystems of Drupal 7.x and 8.x. This potentially allows attackers to exploit multiple attack vectors on a Drupal site, which could result in the site being completely compromised.The security team has written an FAQ about this More info: https://www.drupal.org/sa-core-2018-002
Acceso Administrador
Translate »