PHP vulnerability CVE-2019-6977 Security Advisory Security Advisory Description gdImageColorMatch in gd_color_match.c in the GD Graphics Library (aka LibGD) 2.2.5, as used in the imagecolormatch ...
More info:
https://support.f5.com/csp/article/K02412162?utm_source=f5support&utm_medium=RSS
Kernel vulnerability CVE-2016-6828 Security Advisory Security Advisory Description The tcp_check_send_head function in include/net/tcp.h in the Linux kernel before 4.7.5 does not properly maintain ...
More info:
https://support.f5.com/csp/article/K62442245?utm_source=f5support&utm_medium=RSS
https://www.getastra.com/blog/911/japanese-keyword-hack/ Many website owners have contacted us worried about Japanese SEO Spam or Japanese Keyword Hack. In a Japanese keyword hack, auto generated Japanese text starts to appear on your site. This particular Blackhat SEO technique hijacks Google search results by …
More info:
https://www.getastra.com/blog/911/japanese-keyword-hack/
https://www.wordfence.com/blog/2020/03/vulnerabilities-patched-in-popup-builder-plugin-affecting-over-100000-sites/ On March 4th, our Threat Intelligence team discovered several vulnerabilities in Popup Builder, a WordPress plugin installed on over 100,000 sites. One vulnerability allowed an unauthenticated attacker to inject malicious JavaScript into any published popup, which would then be executed whenever the popup loaded. The other vulnerability allowed any logged-in user, even those with
More info:
https://www.wordfence.com/blog/2020/03/vulnerabilities-patched-in-popup-builder-plugin-affecting-over-100000-sites/
https://wpbuffs.com/how-to-secure-wordpress-site/At any moment, your website might be under attack without you knowing it. Bots could be probing your pages, trying to find vulnerabilities to inject malware or gain access to user data. It’s your job to secure your WordPress site so it isn’t low-hanging fruit for them. Although WordPress is secure in and of itself, […]
More info:
https://wpbuffs.com/how-to-secure-wordpress-site/
We wanted to post a quick acknowledgement that VMware will be a part of the 2020 Pwn2Own Contest, this year from our home offices in Palo Alto and Bangalore to review any vulnerabilities that may be demonstrated during the contest. We would like to thank the organizers for inviting us. Stay tuned for further updates. The post VMware and Pwn2Own Vancouver 2020 appeared first on Security & Compliance Blog.
More info:
https://blogs.vmware.com/security/2020/03/vmware-and-pwn2own-vancouver-2020.html
https://www.wpwhitesecurity.com/plugins-suspended-wordpress-repository-security-issue/On 27th February 2020, at 9:34PM (CET) we received an email notifying us that our plugin WP Security Audit Log was “temporarily withdrawn from the WordPress.org Plugin directory due to an exploit”. We submitted a fix on Friday, 28th February 2020, at 4:08PM. It only took us 16.5 hours to release the fix. We would […]
More info:
https://www.wpwhitesecurity.com/plugins-suspended-wordpress-repository-security-issue/
Linux file utility vulnerabilities CVE-2014-8116 and CVE-2014-8117 Security Advisory Security Advisory Description CVE-2014-8116 The ELF parser (readelf.c) in file before 5.21 allows remote ...
More info:
https://support.f5.com/csp/article/K16347?utm_source=f5support&utm_medium=RSS
