Blog

More info: https://wpvulndb.com/vulnerabilities/9099

The new Firefox Monitor service will use anonymized range query API endpoints from Have I Been Pwned (HIBP). This new Firefox feature allows users to check for compromised online accounts while preserving their privacy. Anonymizing Account Identifiers Operations like ‘search’ … Continue readingThe post Scanning for breached accounts with k-Anonymity appeared first on Mozilla Security Blog. More info: https://blog.mozilla.org/security/2018/06/25/scanning-breached-accounts-k-anonymity/

RHN Satellite and Proxy: An update for java-1.8.0-ibm is now available for Red Hat Satellite 5.8.Red Hat Product Security has rated this update as having a security impact ofModerate. A Common Vulnerability Scoring System (CVSS) base score, which gives adetailed severity rating, is available for each vulnerability from the CVElink(s) in the References section. CVE-2018-2783, CVE-2018-2790, CVE-2018-2794, CVE-2018-2795, CVE-2018-2796, CVE-2018-2797, CVE-2018-2798, CVE-2018-2799, CVE-2018-2800 More info: http://rhn.redhat.com/errata/RHSA-2018-1975.html

TLS vulnerability CVE-2015-4000. Security Advisory. Security Advisory Description. The TLS protocol 1.2 and earlier, when ... More info: https://support.f5.com/csp/article/K16674

Two vulnerabilities were discovered in LAVA, a continuous integrationsystem for deploying operating systems for running tests, which couldresult in information disclosure of files readable by the lavaserversystem user or the execution of arbitrary code via a XMLRPC call. More info: https://www.debian.org/security/2018/dsa-4234

Project: Drupal coreDate: 2018-April-25Security risk: Highly critical 20∕25 AC:Basic/A:User/CI:All/II:All/E:Exploit/TD:DefaultVulnerability: Remote Code ExecutionCVE IDs: CVE-2018-7602Description: A remote code execution vulnerability exists within multiple subsystems of Drupal 7.x and 8.x. This potentially allows attackers to exploit multiple attack vectors on a Drupal site, which could result in the site being compromised. This vulnerability is related to Drupal core - Highly critical More info: https://www.drupal.org/sa-core-2018-004

Project: Drupal coreDate: 2018-March-28Security risk: Highly critical 24∕25 AC:None/A:None/CI:All/II:All/E:Exploit/TD:DefaultVulnerability: Remote Code Execution CVE IDs: CVE-2018-7600Description: A remote code execution vulnerability exists within multiple subsystems of Drupal 7.x and 8.x. This potentially allows attackers to exploit multiple attack vectors on a Drupal site, which could result in the site being completely compromised.The security team has written an FAQ about this More info: https://www.drupal.org/sa-core-2018-002

RHN Satellite and Proxy: An update for java-1.7.1-ibm is now available for Red Hat Satellite 5.6 and RedHat Satellite 5.7.Red Hat Product Security has rated this update as having a security impact ofModerate. A Common Vulnerability Scoring System (CVSS) base score, which gives adetailed severity rating, is available for each vulnerability from the CVElink(s) in the References section. CVE-2018-2783, CVE-2018-2790, CVE-2018-2794, CVE-2018-2795, CVE-2018-2796, CVE-2018-2797, CVE-2018-2798, More info: http://rhn.redhat.com/errata/RHSA-2018-1974.html

Two vulnerabilities were discovered in LAVA, a continuous integrationsystem for deploying operating systems for running tests, which couldresult in information disclosure of files readable by the lavaserversystem user or the execution of arbitrary code via a XMLRPC call. More info: https://www.debian.org/security/2018/dsa-4234

https://wpvulndb.com/vulnerabilities/9098 More info: https://wpvulndb.com/vulnerabilities/9098