Important: Red Hat Security Advisory: openwsman security update

An update for openwsman is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...

New WordPress Flaw Lets Unauthenticated Remote Attackers Hack Sites

If for some reason your WordPress-based website has not yet been automatically updated to the latest version 5.1.1, it's highly recommended to immediately upgrade it before hackers could take advantage of a newly disclosed vulnerability to hack your website. Simon Scannell, a researcher at RIPS...

Moderate: Red Hat Security Advisory: OpenShift Container Platform 3.9 haproxy security update

An update for haproxy is now available for Red Hat OpenShift Container Platform 3.9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

openSUSE Security Update : gdm (openSUSE-2019-310)

This update for gdm fixes the following issues : Security issue fixed : - CVE-2019-3825: Fixed a lock screen bypass when timed login was enabled bsc1124628. Other issues fixed : - GLX applications do not work well when the proprietary nvidia driver is used with a wayland session. Because of that...

Critical: Red Hat Security Advisory: java-1.8.0-ibm security update

An update for java-1.8.0-ibm is now available for Red Hat Enterprise Linux 7 Supplementary. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

Podcast: RSA Conference 2019 Preview

The RSA 2019 conference is right around the corner, kicking off next week in San Francisco. As they prepare to cover the show, Threatpost editors Lindsey O’Donnell, Tom Spring and Tara Seals break down the biggest news, stories and trends – from artificial intelligence and government security to...

CVE-2019-9077

An issue was discovered in GNU Binutils 2.32. It is a heap-based buffer overflow in processmipsspecific in readelf.c via a malformed MIPS option section...

CVE-2019-9077

An issue was discovered in GNU Binutils 2.32. It is a heap-based buffer overflow in processmipsspecific in readelf.c via a malformed MIPS option section...

CVE-2019-9077

An issue was discovered in GNU Binutils 2.32. It is a heap-based buffer overflow in processmipsspecific in readelf.c via a malformed MIPS option section...

UBUNTU-CVE-2019-9077

An issue was discovered in GNU Binutils 2.32. It is a heap-based buffer overflow in processmipsspecific in readelf.c via a malformed MIPS option section...

CVE-2019-9077

An issue was discovered in GNU Binutils 2.32. It is a heap-based buffer overflow in processmipsspecific in readelf.c via a malformed MIPS option section...

Heap overflow

An issue was discovered in GNU Binutils 2.32. It is a heap-based buffer overflow in processmipsspecific in readelf.c via a malformed MIPS option section...

CVE-2019-9077

An issue was discovered in GNU Binutils 2.32. It is a heap-based buffer overflow in processmipsspecific in readelf.c via a malformed MIPS option section...

CVE-2019-9077

An issue was discovered in GNU Binutils 2.32. It is a heap-based buffer overflow in processmipsspecific in readelf.c via a malformed MIPS option section...

Important: Red Hat Security Advisory: Red Hat JBoss Core Services Apache HTTP Server 2.4.29 security update

An update is now available for JBoss Core Services on RHEL 6 and RHEL 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...

The vulnerability of the `ignore_section_sym` function in the GNU Binutils development environment allows a hacker to trigger a service failure.

The vulnerability of the ignoresectionsym function in the GNU Binutils development toolset is related to the lack of NULL check and the assignment of the outputsection pointer when writing a symtab with the type “SECTION”. Exploitation of this vulnerability could allow an attacker to cause servic...

DEBIAN-CVE-2019-7704

wasm::WasmBinaryBuilder::readUserSection in wasm-binary.cpp in Binaryen 1.38.22 triggers an attempt at excessive memory allocation, as demonstrated by wasm-merge and wasm-opt...

SuiteCRM 7.10.7 - record SQL Injection

SuiteCRM 7.10.7 - record SQL Injection Exploit Title: SuiteCRM 7.10.7 - 'record' SQL Vulnerabilities Dork: N/A Date: 03-02-2019 Exploit Author: Mehmet EMIROGLU Vendor Homepage: https://suitecrm.com/ Software Link: https://suitecrm.com/download/ Version: 7.10.7 Category: Webapps Tested on: Wampp...

Microsoft Windows 10 - RestrictedErrorInfo Unmarshal Section Handle Use-After-Free

Microsoft Windows 10 - RestrictedErrorInfo Unmarshal Section Handle Use-After-Free Windows: RestrictedErrorInfo Unmarshal Section Handle UAF EoP Platform: Windows 10 1709/1809 Class: Elevation of Privilege Security Boundary per Windows Security Service Criteria: User boundary Summary: The WinRT...

KLA11402 Spoofing vulnerability in Microsoft Office

Spoofing vulnerability was found in Microsoft Office. Malicious users can exploit this vulnerability remotely via specially crafted request to spoof user interface. Original advisories CVE-2019-0624 Related products Microsoft-Lync Microsoft-Office CVE list CVE-2019-0624 warning KB list 3061064...