GHSA-WJQC-J537-J9GJ Command injection in git-it-electron

Git-it through 4.4.0 allows OS command injection at the Branches Aren't Just For Birds challenge step. During the verification process, it attempts to run the reflog command followed by the current branch name which is not sanitized for execution...

Windows 10 Mitigations Make Future EternalBlue Attacks Difficult

The emergence of a port of the EternalBlue exploit to Windows 10 signals that white-hat researchers have likely done what the NSA has already long ago accomplished. The leaked version of the powerful Windows SMB attack shared by the ShadowBrokers in April was built only to attack Windows XP and...

Local /tmp vulnerability fixed in ppp-off

A local /tmp bug in the /usr/sbin/ppp-off program was found. This bug could allow a local user to corrupt system files. A fix has been made and an updated package is now available in the -current branch. The package described below will work for users of Slackware 7.0, 7.1, and -current...