Month: mayo 2021

If you haven’t updated your WordPress website since October 2013, this wouldn’t affect you, but we strongly hope that is not the case! There’s a new object injection vulnerability which affects WordPress versions 3.7 to 5.7.1. Be sure to get updated to 5.7.2 as soon as possible! According to WPScan, the new object injection vulnerability […] More info: http://feedproxy.google.com/~r/sucuri/blog/~3/VCJQNfh0UI4/object-injection-vulnerability-affects-wordpress-versions-3-7-to-5-7-1.html

On March 13, 2021, the Wordfence Threat Intelligence team initiated responsible disclosure for a vulnerability in WP Statistics, a plugin installed on over 600,000 WordPress sites. The vulnerability allowed any site visitor to extract sensitive information from a site’s database via Time-Based Blind SQL Injection. We received a response to our initial disclosure the same […] More info: https://www.wordfence.com/blog/2021/05/over-600000-sites-impacted-by-wp-statistics-patch/

Email is arguably the most common electronic communication medium on Earth. It’s used for everything, from communication to alert notifications, to password reset flows and email-based Two-factor Authentication (2FA). As a website owner sending email from your WordPress site, there are a few issues you’ll likely encounter. If you simply try and install a plugin […] More info: https://www.wpwhitesecurity.com/wordpress-email-deliverability/

BIND vulnerability CVE-2021-25214 Security Advisory Security Advisory Description In BIND 9.8.5 -> 9.8.8, 9.9.3 -> 9.11.29, 9.12.0 -> 9.16.13, and versions BIND 9.9.3-S1 -> 9.11.29-S1 and 9.16.8- ... More info: https://support.f5.com/csp/article/K11426315?utm_source=f5support&utm_medium=RSS

BIND vulnerability CVE-2021-25215 Security Advisory Security Advisory Description In BIND 9.0.0 -> 9.11.29, 9.12.0 -> 9.16.13, and versions BIND 9.9.3-S1 -> 9.11.29-S1 and 9.16.8-S1 -> 9.16.13-S1 ... More info: https://support.f5.com/csp/article/K96223611?utm_source=f5support&utm_medium=RSS

Linux kernel vulnerability CVE-2019-20811 Security Advisory Security Advisory Description An issue was discovered in the Linux kernel before 5.0.6. In rx_queue_add_kobject() and netdev_queue_add_ ... More info: https://support.f5.com/csp/article/K52525232?utm_source=f5support&utm_medium=RSS

When two major vulnerabilities known as Meltdown and Spectre were disclosed by security researchers in early 2018, Firefox promptly added security mitigations to keep you safe. Going forward, however, it … Read moreThe post Introducing Site Isolation in Firefox appeared first on Mozilla Security Blog. More info: https://blog.mozilla.org/security/2021/05/18/introducing-site-isolation-in-firefox/

Gdk-pixbuf vulnerability CVE-2017-2862 Security Advisory Security Advisory Description An exploitable heap overflow vulnerability exists in the gdk_pixbuf__jpeg_image_load_increment functionality ... More info: https://support.f5.com/csp/article/K36984830?utm_source=f5support&utm_medium=RSS

OpenSSL vulnerability CVE-2016-6306 Security Advisory Security Advisory Description The certificate parser in OpenSSL before 1.0.1u and 1.0.2 before 1.0.2i might allow remote attackers to cause a ... More info: https://support.f5.com/csp/article/K90492697?utm_source=f5support&utm_medium=RSS

Linux kernel vulnerability CVE-2020-14331 Security Advisory Security Advisory Description A flaw was found in the Linux kernel’s implementation of the invert video code on VGA consoles when ... More info: https://support.f5.com/csp/article/K10429441?utm_source=f5support&utm_medium=RSS