Search Exclude < 1.2.4 – Arbitrary Settings Change
More info:
https://wpvulndb.com/vulnerabilities/9870
DSA-4517 exim4 – security update
"Zerons" and Qualys discovered that a buffer overflow triggerable in theTLS negotiation code of the Exim mail transport agent could result in theexecution of arbitrary code with root privileges.
More info:
https://www.debian.org/security/2019/dsa-4517
Linux kernel vulnerability CVE-2014-8134
Linux kernel vulnerability CVE-2014-8134 Security Advisory Security Advisory Description The paravirt_ops_setup function in arch/x86/kernel/kvm.c in the Linux kernel through 3.18 uses an improper ...
More info:
https://support.f5.com/csp/article/K17120
Linux kernel vulnerability CVE-2014-8134
Linux kernel vulnerability CVE-2014-8134 Security Advisory Security Advisory Description The paravirt_ops_setup function in arch/x86/kernel/kvm.c in the Linux kernel through 3.18 uses an improper ...
More info:
https://support.f5.com/csp/article/K17120
ECPay Logistics for WooCommerce <= 1.2.181030 – Unauthenticated Reflected XSS
More info:
https://wpvulndb.com/vulnerabilities/9869
WordPress <= 5.2.2 – Cross-Site Scripting (XSS) in URL Sanitisation
https://wpvulndb.com/vulnerabilities/9867
More info:
https://wpvulndb.com/vulnerabilities/9867
QEMU vulnerability CVE-2019-14378
QEMU vulnerability CVE-2019-14378 Security Advisory Security Advisory Description ip_reass in ip_input.c in libslirp 4.0.0 has a heap-based buffer overflow via a large packet because it mishandles ...
More info:
https://support.f5.com/csp/article/K25423748
Episode 43: Wordfence Research on Malvertising Campaign Makes the News
https://www.wordfence.com/blog/2019/09/episode-43-wordfence-research-on-malvertising-campaign-makes-the-news/ This week, we chat about the plan for WordPress 5.3 and some of the new features we will see added to WordPress in November, including many improvements to the editor. We will also see a switch from robots.txt files to meta tags for better control over search engine indexing. We also cover the latest […]
More info:
https://www.wordfence.com/blog/2019/09/episode-43-wordfence-research-on-malvertising-campaign-makes-the-news/
The WordPress 5.2.3 Security Release Unpacked
https://www.wordfence.com/blog/2019/09/the-wordpress-5-2-3-security-release-unpacked/ WordPress core version 5.2.3 has just been released. This is a security release which contains several fixes. I’m going to detail each of them below and unpack what each fix means and add any additional info that may be relevant. Seven of the eight vulnerabilities fixed in this release are cross site scripting (XSS) vulnerabilities. […]
More info:
https://www.wordfence.com/blog/2019/09/the-wordpress-5-2-3-security-release-unpacked/
ECPay Logistics for WooCommerce <= 1.2.181030 – Unauthenticated Reflected XSS
https://wpvulndb.com/vulnerabilities/9869
More info:
https://wpvulndb.com/vulnerabilities/9869