https://www.wordfence.com/blog/2019/09/authentication-bypass-vulnerability-in-givewp-plugin/ Description: Authentication Bypass with Information DisclosureCVSS v3.0 Score: 7.5 (High)CVSS Vector String: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:NAffected Plugin: GiveWPPlugin Slug: giveAffected Versions: <= 2.5.4Patched Version: 2.5.5 A few weeks ago, our Threat Intelligence team discovered a vulnerability present in GiveWP, a WordPress plugin installed on over 70,000 websites. The weakness
More info:
https://www.wordfence.com/blog/2019/09/authentication-bypass-vulnerability-in-givewp-plugin/
Linux kernel vulnerability CVE-2007-6762 Security Advisory Security Advisory Description In the Linux kernel before 2.6.20, there is an off-by-one bug in net/netlabel/netlabel_cipso_v4.c where it ...
More info:
https://support.f5.com/csp/article/K05342145
Linux kernel vulnerability CVE-2007-6762 Security Advisory Security Advisory Description In the Linux kernel before 2.6.20, there is an off-by-one bug in net/netlabel/netlabel_cipso_v4.c where it ...
More info:
https://support.f5.com/csp/article/K05342145
It was discovered that the Lemonldap::NG web SSO system did not restrictOIDC authorization codes to the relying party.
More info:
https://www.debian.org/security/2019/dsa-4533
It was discovered that the Lemonldap::NG web SSO system did not restrictOIDC authorization codes to the relying party.
More info:
https://www.debian.org/security/2019/dsa-4533
Linux kernel vulnerability CVE-2019-12456 Security Advisory Security Advisory Description ** DISPUTED ** An issue was discovered in the MPT3COMMAND case in _ctl_ioctl_main in drivers/scsi/mpt3sas/ ...
More info:
https://support.f5.com/csp/article/K84310302
http://feedproxy.google.com/~r/sucuri/blog/~3/C0lXQcD0tyc/zero-day-rce-in-vbulletin-v5-0-0-v5-5-4.html A new remote code execution (RCE) zero-day vulnerability has been disclosed by an anonymous researcher on the Full Disclosure mailing list this past Monday. This vulnerability is extremely severe. It allows any website visitors to run PHP code and shell commands on the site’s underlying server. Am I At Risk? At the time of writing […]
More info:
http://feedproxy.google.com/~r/sucuri/blog/~3/C0lXQcD0tyc/zero-day-rce-in-vbulletin-v5-0-0-v5-5-4.html
Several vulnerabilities have been discovered in the Linux kernel thatmay lead to a privilege escalation, denial of service or informationleaks.
More info:
https://www.debian.org/security/2019/dsa-4531
Apache Traffic Control vulnerability CVE-2019-12405 Security Advisory Security Advisory Description Improper authentication is possible in Apache Traffic Control versions 3.0.0 and 3.0.1 if LDAP ...
More info:
https://support.f5.com/csp/article/K84141859
https://ithemes.com/wordpress-security-infographics/Love infographics? We do, too! From WordPress security basics to how to secure your website, we have 8 WordPress security infographics for you to download and share. 1. Five Ways to Secure Your WordPress Website It feels like every week there’s another security breach in the news. It can cause panic, especially when we think […]
More info:
https://ithemes.com/wordpress-security-infographics/
