Blog

glibc vulnerability CVE-2016-4429. Security Advisory. Security Advisory Description. Stack-based buffer overflow in the clntudp_call ... More info: https://support.f5.com/csp/article/K17075474

TMM vulnerability CVE-2018-5500. Security Advisory. Security Advisory Description. Every Multipath TCP (MCTCP) connection ... More info: https://support.f5.com/csp/article/K33211839

OpenSSL vulnerability CVE-2016-7056. Security Advisory. Security Advisory Description. The signing function in certain ... More info: https://support.f5.com/csp/article/K32743437

glibc vulnerability CVE-2015-8982. Security Advisory. Security Advisory Description. Integer overflow in the strxfrm function ... More info: https://support.f5.com/csp/article/K71877858

GNU C Library vulnerability CVE-2015-8985. Security Advisory. Security Advisory Description. The pop_fail_stack function ... More info: https://support.f5.com/csp/article/K25552364

BIG-IP TMM vulnerability CVE-2017-6150. Security Advisory. Security Advisory Description. Under certain conditions for ... More info: https://support.f5.com/csp/article/K62712037

Joonun Jang discovered several problems in wavpack, an audiocompression format suite. Incorrect processing of input resulted inseveral heap- and stack-based buffer overflows, leading to applicationcrash or potential code execution. More info: https://www.debian.org/security/2018/dsa-4125

Red Hat Enterprise Linux: An update for rh-dotnet20-dotnet, rh-dotnetcore10-dotnetcore, andrh-dotnetcore11-dotnetcore is now available for .NET Core on Red Hat EnterpriseLinux.Red Hat Product Security has rated this update as having a security impact ofModerate. A Common Vulnerability Scoring System (CVSS) base score, which gives adetailed severity rating, is available for each vulnerability from the CVElink(s) in the References section. CVE-2018-0764 More info: http://rhn.redhat.com/errata/RHSA-2018-0379.html

Prior to the release of the Mozilla Observatory in June of 2016, I ran a scan of the Alexa Top 1M websites. Despite being available for years, the usage rates of modern defensive security technologies was frustratingly low. A lack … Continue readingThe post Analysis of the Alexa Top 1M Sites appeared first on Mozilla Security Blog. More info: https://blog.mozilla.org/security/2018/02/28/analysis-alexa-top-1m-sites-2/

Two vulnerabilities have been found in Solr, a search server based onLucene, which could result in the execution of arbitrary code orpath traversal. More info: https://www.debian.org/security/2018/dsa-4124