Several security issues have been found in the Mozilla Firefox webbrowser: Multiple memory safety errors and use-after-frees may lead tothe execution of arbitrary code or denial of service.
More info:
https://www.debian.org/security/2018/dsa-4287
August 21, 2018 4:00 AM PDT CVE Identifiers: CVE-2018-5390 (SegmentSmack), CVE-2018-5391 (FragmentSmack) AWS is aware of two recently-disclosed security issues, commonly referred to as SegmentSmack and FragmentSmack, both of which affect the TCP and IP processing subsystem of several popular operating systems including Linux. With the exception of the AWS services listed below, no customer action is required to address these issues. Customers not using Amazon Linux should contact their
More info:
https://aws.amazon.com/security/security-bulletins/AWS-2018-018/
Tavis Ormandy discovered multiple vulnerabilites in Ghostscript, aninterpreter for the PostScript language, which could result in denial ofservice, the creation of files or the execution of arbitrary code if amalformed Postscript file is processed (despite the dSAFER sandbox beingenabled).
More info:
https://www.debian.org/security/2018/dsa-4288
Several vulnerabilities have been discovered in the chromium web browser.
More info:
https://www.debian.org/security/2018/dsa-4289
BIG-IP Configuration utility vulnerability CVE-2015-4040. Security Advisory. Security Advisory Description. Directory traversal ...
More info:
https://support.f5.com/csp/article/K17253
August 21, 2018 4:00 AM PDT CVE Identifiers: CVE-2018-5390 (SegmentSmack), CVE-2018-5391 (FragmentSmack) AWS is aware of two recently-disclosed security issues, commonly referred to as SegmentSmack and FragmentSmack, both of which affect the TCP and IP processing subsystem of several popular operating systems including Linux. With the exception of the AWS services listed below, no customer action is required to address these issues. Customers not using Amazon Linux should contact their
More info:
https://aws.amazon.com/security/security-bulletins/AWS-2018-018/
More info:
https://wpvulndb.com/vulnerabilities/9124
Apache Tomcat vulnerability CVE-2018-1336. Security Advisory. Security Advisory Description. An improper handing of overflow ...
More info:
https://support.f5.com/csp/article/K73008537
BIG-IP APM redirect vulnerability CVE-2018-5548. Security Advisory. Security Advisory Description. An insecure AES ECB ...
More info:
https://support.f5.com/csp/article/K66171422
http://feedproxy.google.com/~r/sucuri/blog/~3/oBrZAjVphwM/pci-for-smb-requirement-5-6-maintain-a-vulnerability-management-program.html This is the fourth post in a series of articles on understanding the Payment Card Industry Data Security Standard – PCI DSS. We want to show how PCI DSS can help anyone going through the compliance process using the PCI SAQ’s (Self Assessment Questionnaires). In the previous articles we have written about PCI, we […]
More info:
http://feedproxy.google.com/~r/sucuri/blog/~3/oBrZAjVphwM/pci-for-smb-requirement-5-6-maintain-a-vulnerability-management-program.html
