Kernel vulnerability CVE-2017-0861 Security Advisory Security Advisory Description Use-after-free vulnerability in the snd_pcm_info function in the ALSA subsystem in the Linux kernel allows ...
More info:
https://support.f5.com/csp/article/K54212139?utm_source=f5support&utm_medium=RSS
For the last few weeks we’ve seen and blocked an increase in brute-force, credential stuffing, and dictionary attacks targeting the WordPress xmlrpc.php endpoint, on some days exceeding 150 million attacks against 1.9 million sites in a 24-hour period. These attacks attempt to guess the password of an authorized user on a site, and some of […]
More info:
https://www.wordfence.com/blog/2020/12/the-nonenone-brute-force-attacks-even-hackers-need-qa/
It’s not very often that we see abandoned components being used on a website — but when we do, it’s most often because the website was exhibiting malware-like behavior and we were called to investigate and clean up the site. Old and abandoned plugins and themes are a good target for opportunistic attackers who are […]
More info:
http://feedproxy.google.com/~r/sucuri/blog/~3/vKdt2NZpgRI/the-dangers-of-using-abandoned-plugins-themes.html
Contact Form 7, arguably the most widely used WordPress plugin, released a security patch for an unrestricted file upload vulnerability in all versions 5.3.1 and lower. The WordPress plugin directory lists 5+ million sites using Contact Form 7, but we estimate that it has at least 10 million installations. One of the important features of […]
More info:
https://www.wordfence.com/blog/2020/12/a-challenging-exploit-the-contact-form-7-file-upload-vulnerability/
Samba vulnerability CVE-2018-1050 Security Advisory Security Advisory Description All versions of Samba from 4.0.0 onwards are vulnerable to a denial of service attack when the RPC spoolss service ...
More info:
https://support.f5.com/csp/article/K01494912?utm_source=f5support&utm_medium=RSS
