Lucene search
K

6 matches found

ThreatPost
ThreatPost
added 2019/10/22 7:44 p.m.165 views

Open Redirect Bug in Bridge Theme Plugin Opens Admins to Spearphishing

Two open-redirect vulnerabilities in Bridge, a commercial WordPress theme purchased more than 120,000 times, would allow an attacker to mount spearphishing attacks against site administrators. An open redirect vulnerability can be used to hide malicious links behind URLs for legitimate domains. F...

6CVSS7.4AI score0.02606EPSS
Exploits0References4
ThreatPost
ThreatPost
added 2019/10/18 3:55 p.m.165 views

Four-Year-Old Critical Linux Wi-Fi Bug Allows System Compromise

A critical Linux bug has been discovered that could allow attackers to fully compromise vulnerable machines. A fix has been proposed but has not yet been incorporated into the Linux kernel. The flaw CVE-2019-17666, which was classified as critical in severity, exists in the “rtlwifi” driver, whic...

9CVSS1.1AI score0.99965EPSS
Exploits30References12
ThreatPost
ThreatPost
added 2019/10/15 3:55 p.m.103 views

Sudo Bug Opens Root Access on Linux Systems

A vulnerability in Sudo, a core command utility for Linux, could allow a user to execute commands as a root user even if that root access has been specifically disallowed. Sudo is a utility that allows a system administrator to give certain users or groups of users the ability to run commands in...

9CVSS1.3AI score0.63917EPSS
Exploits10References6
ThreatPost
ThreatPost
added 2019/09/30 5:2 p.m.99 views

New Bug Found in NSA’s Ghidra Tool

A medium severity bug reported on Saturday impacts Ghidra, a free, open-source software reverse-engineering tool released by the National Security Agency earlier this year. The vulnerability allows a remote attacker to compromise exposed systems, according to a NIST National Vulnerability Databas...

7.8CVSS0.1AI score0.05133EPSS
Exploits7References9
ThreatPost
ThreatPost
added 2019/09/30 2:12 p.m.241 views

Critical Exim Flaw Opens Servers to Remote Code Execution

A patch has been issued for a critical flaw in the Exim email server software, which could potentially open Exim-based servers up to denial of service or remote code execution attacks. Exim, which is free software used on Unix-like operating systems including Linux or Mac OSX, serves as a mail...

7.5CVSS1.4AI score0.99961EPSS
Exploits28References10
ThreatPost
ThreatPost
added 2019/09/27 2:39 p.m.85 views

Microsoft Blacklists Dozens of New File Extensions in Outlook

Microsoft is banning almost 40 new types of file extensions on its Outlook email platform. The aim is to protect email users from what it deems “at-risk” file attachments, which are typically sent with malicious scripts or executables. The move will prevent users from downloading email attachment...

7.1AI score
Exploits0References8
Rows per page
Query Builder