Linux kernel vulnerability CVE-2018-16882 Security Advisory Security Advisory Description A use-after-free issue was found in the way the Linux kernels KVM hypervisor processed posted interrupts ...
More info:
https://support.f5.com/csp/article/K80557033
Linux kernel KVM subsystem vulnerability CVE-2019-6974 Security Advisory Security Advisory Description In the Linux kernel before 4.20.8, kvm_ioctl_create_device in virt/kvm/kvm_main.c mishandles ...
More info:
https://support.f5.com/csp/article/K11186236
Linux kernel KVM subsystem vulnerability CVE-2019-6974 Security Advisory Security Advisory Description In the Linux kernel before 4.20.8, kvm_ioctl_create_device in virt/kvm/kvm_main.c mishandles ...
More info:
https://support.f5.com/csp/article/K11186236
http://feedproxy.google.com/~r/sucuri/blog/~3/zwipU_PCCcw/thinkphp-5-x-remote-code-execution.html Earlier this year, we noticed an increase in attacks aiming at ThinkPHP, which is a PHP framework that is very popular in Asia. If you keep track of your site’s activity, the following log may look familiar: POST: /index.php?s=captcha HTTP/1.1 Data: _method=__construct&filter[]=system&method=get&server[REQUEST_METHOD]=uname&ipconfig In December 2018, a working exploit was
More info:
http://feedproxy.google.com/~r/sucuri/blog/~3/zwipU_PCCcw/thinkphp-5-x-remote-code-execution.html
Several vulnerabilities have been discovered in the Rubygems included inthe interpreter for the Ruby language, which may result in denial ofservice or the execution of arbitrary code.
More info:
https://www.debian.org/security/2019/dsa-4433
Cedric Buissart discovered two vulnerabilities in Ghostscript, the GPLPostScript/PDF interpreter, which could result in bypass of file systemrestrictions of the dSAFER sandbox.
More info:
https://www.debian.org/security/2019/dsa-4432
https://www.wordfence.com/blog/2019/04/podcast-episode-7-the-tyler-lau-interview-assange-thought-experiments-airbnb-scams-and-more/ This week we look at the Assange arrest, an irresponsible security researcher affecting the WordPress community and do a bit of a thought experiment. We also look at Google’s Sensorvault and how it’s being used by law enforcement, the fascinating rise and fall of the Bayrob malware gang, and some tips for avoiding […]
More info:
https://www.wordfence.com/blog/2019/04/podcast-episode-7-the-tyler-lau-interview-assange-thought-experiments-airbnb-scams-and-more/
Project: Drupal coreDate: 2019-April-17Security risk: Moderately critical 14∕25 AC:Basic/A:User/CI:Some/II:Some/E:Proof/TD:DefaultVulnerability: Multiple Vulnerabilities Description: This security release fixes third-party dependencies included in or required by Drupal core. CVE-2019-10909: Escape validation messages in the PHP templating engine. From that advisory:Validation messages were not escaped when using the form theme of the PHP templating engine which, when validation messages
More info:
https://www.drupal.org/sa-core-2019-005
BIG-IP URL classification vulnerability CVE-2019-6610 Security Advisory Security Advisory Description The BIG-IP system is vulnerable to a denial-of-service (DoS) attack when performing URL ...
More info:
https://support.f5.com/csp/article/K42465020
BIG-IP URL classification vulnerability CVE-2019-6610 Security Advisory Security Advisory Description The BIG-IP system is vulnerable to a denial-of-service (DoS) attack when performing URL ...
More info:
https://support.f5.com/csp/article/K42465020
