Month: abril 2020

Firefox has one of the oldest security bug bounties on the internet, dating back to 2004. From 2017-2019, we paid out $965,750 to researchers across 348 bugs, making the average payout $2,775 – but as you can see in the … Continue readingThe post Firefox’s Bug Bounty in 2019 and into the Future appeared first on Mozilla Security Blog. More info: https://blog.mozilla.org/security/2020/04/23/bug-bounty-2019-and-future/

Did you know that you can track and monitor changes that occur within your WordPress’ site database? This post explains how you can do just that, as well as learn more about the benefits of monitoring WordPress databases and the types of alerts you can receive whenever something has changed within your database. What are […] More info: https://www.wpsecurityauditlog.com/wordpress-security/track-monitor-wordpress-database-changes/

NGINX Controller insecure database transport vulnerability CVE-2020-5865 Security Advisory Security Advisory Description The NGINX Controller is configured to communicate with its Postgres ... More info: https://support.f5.com/csp/article/K21009022?utm_source=f5support&utm_medium=RSS

NGINX Controller vulnerability CVE-2020-5867 Security Advisory Security Advisory Description The NGINX Controller Agent installer script install.sh uses HTTP instead of HTTPS to check and ... More info: https://support.f5.com/csp/article/K00958787?utm_source=f5support&utm_medium=RSS

NGINX Controller vulnerability CVE-2020-5864 Security Advisory Security Advisory Description Communication between NGINX Controller and NGINX Plus instances skip TLS verification by default. (CVE- ... More info: https://support.f5.com/csp/article/K27205552?utm_source=f5support&utm_medium=RSS

OpenSSL vulnerability CVE-2020-1967 Security Advisory Security Advisory Description Server or client applications that call the SSL_check_chain() function during or after a TLS 1.3 handshake may ... More info: https://support.f5.com/csp/article/K01251345?utm_source=f5support&utm_medium=RSS

NGINX Controller sensitive command-line arguments vulnerability CVE-2020-5866 Security Advisory Security Advisory Description The helper.sh script, which is used optionally in NGINX Controller to ... More info: https://support.f5.com/csp/article/K11922628?utm_source=f5support&utm_medium=RSS

OpenSSH vulnerability CVE-2018-20685 Security Advisory Security Advisory Description In OpenSSH 7.9, scp.c in the scp client allows remote SSH servers to bypass intended access restrictions via ... More info: https://support.f5.com/csp/article/K11315080?utm_source=f5support&utm_medium=RSS

OpenSSH vulnerability CVE-2019-6110 Security Advisory Security Advisory Description In OpenSSH 7.9, due to accepting and displaying arbitrary stderr output from the server, a malicious server (or ... More info: https://support.f5.com/csp/article/K42531048?utm_source=f5support&utm_medium=RSS

OpenSSH vulnerability CVE-2019-6111 Security Advisory Security Advisory Description An issue was discovered in OpenSSH 7.9. Due to the scp implementation being derived from 1983 rcp, the server ... More info: https://support.f5.com/csp/article/K21350967?utm_source=f5support&utm_medium=RSS