13 abril, 2019

JSA10923 – Withdrawn: 2019-04 Security Bulletin: Junos OS: gRPC hardcoded credentials may allow unauthorized access to systems with Junos Network Agent installed

More info: http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10923&actp=RSS

13 abril, 2019

JSA10930 – 2019-04 Security Bulletin: QFX5000 Series, EX4300, EX4600: A stack buffer overflow vulnerability in Packet Forwarding Engine manager (FXPC) process (CVE-2019-0008)

More info: http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10930&actp=RSS

13 abril, 2019

Zero-Day Vulnerability in Yellow Pencil Visual Theme Customizer Exploited in the Wild

https://www.wordfence.com/blog/2019/04/zero-day-vulnerability-in-yellow-pencil-visual-theme-customizer-exploited-in-the-wild/ On Monday the WordPress plugin Yellow Pencil Visual Theme Customizer was closed in the WordPress.org plugin repository. The plugin is quite popular, with an active install base of over 30,000 websites. On Tuesday a security researcher made the irresponsible and dangerous decision to publish a blog post including a proof of concept (POC) detailing […] More info: https://www.wordfence.com/blog/2019/04/zero-day-vulnerability-in-yellow-pencil-visual-theme-customizer-exploited-in-the-wild/

13 abril, 2019

New VMware Security Advisory VMSA-2019-0006

Today, VMware has released the following new security advisory: VMSA-2019-0006 – VMware ESXi, Workstation and Fusion updates address multiple out-of-bounds read vulnerabilities This advisory documents Important Severity issues. Issue (a) VMware ESXi, Workstation and Fusion updates address an out-of-bounds vulnerability (CVE-2019-5516) with the vertex shader functionality. Exploitation of this issue requires an attacker to have […]The post New VMware Security Advisory VMSA-2019-0006 More info: https://blogs.vmware.com/security/2019/04/new-vmware-security-advisory-vmsa-2019-0006.html

13 abril, 2019

SQL Injection in Advance Contact Form 7 DB

http://feedproxy.google.com/~r/sucuri/blog/~3/KQUmgWo_uqQ/sql-injection-in-advance-contact-form-7-db.html As part of our regular research audits for our Sucuri Firewall, we discovered an SQL injection vulnerability affecting 40,000+ users of the Advanced Contact Form 7 DB WordPress plugin. Current State of the Vulnerability This plugin saves all Contact Form 7 submissions to the database using a friendly interface. Though the bug has been […] More info: http://feedproxy.google.com/~r/sucuri/blog/~3/KQUmgWo_uqQ/sql-injection-in-advance-contact-form-7-db.html

13 abril, 2019

Linux kernel vulnerability CVE-2019-3701

Linux kernel vulnerability CVE-2019-3701 Security Advisory Security Advisory Description An issue was discovered in can_can_gw_rcv in net/can/gw.c in the Linux kernel through 4.19.13. The CAN ... More info: https://support.f5.com/csp/article/K17957133

13 abril, 2019

JSA10937 – 2019-04 Security Bulletin: Junos OS: Multiple FreeBSD vulnerabilities fixed in Junos OS.

More info: http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10937&actp=RSS

L	M	X	J	V	S	D
1	2	3	4	5	6	7
8	9	10	11	12	13	14
15	16	17	18	19	20	21
22	23	24	25	26	27	28
29	30