Blog

Publicado el

Episode 98: How Application Passwords Work in WordPress 5.6

WordPress 5.6 was released this week with a new feature called application passwords. In this episode we talk about how application passwords work, where to find them in your WordPress installation, and why Wordfence decided to turn these off by default in version 7.4.14. We also talk about a new Magecart attack that places card […] More info: https://www.wordfence.com/blog/2020/12/episode-98-how-application-passwords-work-in-wordpress-5-6/
Publicado el

libarchive vulnerability CVE-2017-14503

libarchive vulnerability CVE-2017-14503 Security Advisory Security Advisory Description libarchive 3.3.2 suffers from an out-of-bounds read within lha_read_data_none() in archive_read_support_ ... More info: https://support.f5.com/csp/article/K18252740?utm_source=f5support&utm_medium=RSS
Publicado el

libarchive vulnerability CVE-2017-14503

libarchive vulnerability CVE-2017-14503 Security Advisory Security Advisory Description libarchive 3.3.2 suffers from an out-of-bounds read within lha_read_data_none() in archive_read_support_ ... More info: https://support.f5.com/csp/article/K18252740?utm_source=f5support&utm_medium=RSS
Publicado el

Apache Struts vulnerability CVE-2012-0391

Apache Struts vulnerability CVE-2012-0391 Security Advisory Security Advisory Description The ExceptionDelegator component in Apache Struts before 2.2.3.1 interprets parameter values as OGNL ... More info: https://support.f5.com/csp/article/K20127031?utm_source=f5support&utm_medium=RSS
Publicado el

Apache Struts vulnerability CVE-2012-0392

Apache Struts vulnerability CVE-2012-0392 Security Advisory Security Advisory Description The CookieInterceptor component in Apache Struts before 2.3.1.1 does not use the parameter-name whitelist, ... More info: https://support.f5.com/csp/article/K13434228?utm_source=f5support&utm_medium=RSS
Publicado el

BIND vulnerability CVE-2020-8624

BIND vulnerability CVE-2020-8624 Security Advisory Security Advisory Description In BIND 9.9.12 -> 9.9.13, 9.10.7 -> 9.10.8, 9.11.3 -> 9.11.21, 9.12.1 -> 9.16.5, 9.17.0 -> 9.17.3, also affects 9.9 ... More info: https://support.f5.com/csp/article/K91090139?utm_source=f5support&utm_medium=RSS
Publicado el

OpenJDK vulnerability CVE-2020-14792

OpenJDK vulnerability CVE-2020-14792 Security Advisory Security Advisory Description Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Hotspot). Supported ... More info: https://support.f5.com/csp/article/K33606035?utm_source=f5support&utm_medium=RSS
Publicado el

F5 TMM vulnerability CVE-2020-5950

F5 TMM vulnerability CVE-2020-5950 Security Advisory Security Advisory Description An early syncookie leaks forwarding flows if the virtual server has Clustered Multiprocessing (CMP) disabled and ... More info: https://support.f5.com/csp/article/K05204103?utm_source=f5support&utm_medium=RSS
Publicado el

BIND vulnerability CVE-2020-8623

BIND vulnerability CVE-2020-8623 Security Advisory Security Advisory Description In BIND 9.10.0 -> 9.11.21, 9.12.0 -> 9.16.5, 9.17.0 -> 9.17.3, also affects 9.10.5-S1 -> 9.11.21-S1 of the BIND 9 ... More info: https://support.f5.com/csp/article/K82252291?utm_source=f5support&utm_medium=RSS
Publicado el

OpenSSL vulnerability CVE-2020-1968

OpenSSL vulnerability CVE-2020-1968 Security Advisory Security Advisory Description The Raccoon attack exploits a flaw in the TLS specification which can lead to an attacker being able to compute ... More info: https://support.f5.com/csp/article/K92451315?utm_source=f5support&utm_medium=RSS
Translate »