Lucene search
K

182 matches found

Fedora
Fedora
added 2019/08/05 1:41 a.m.56 views

[SECURITY] Fedora 29 Update: python3-3.7.4-1.fc29

Python is an accessible, high-level, dynamically typed, interpreted program ming language, designed with an emphasis on code readability. It includes an extensive standard library, and has a vast ecosystem of third-party libraries. The python3 package provides the "python3" executable: the...

9.8CVSS2.1AI score0.20743EPSS
Exploits2
Fedora
Fedora
added 2019/05/27 3:24 a.m.83 views

[SECURITY] Fedora 29 Update: python3-3.7.3-3.fc29

Python is an accessible, high-level, dynamically typed, interpreted program ming language, designed with an emphasis on code readability. It includes an extensive standard library, and has a vast ecosystem of third-party libraries. The python3 package provides the "python3" executable: the...

9.8CVSS2.1AI score0.20743EPSS
Exploits3
Tenable Nessus
Tenable Nessus
added 2019/05/22 12:0 a.m.15 views

Drupal 7.x < 7.67 Third-Party Libraries Vulnerability

According to its self-reported version, the instance of Drupal running on the remote web server is 7.0.x prior to 7.67, 8.6.x prior to 8.6.16, or 8.7.x prior to 8.7.1. It is, therefore, affected by a path traversal vulnerability. This security release fixes third-party dependencies included in or...

9.8CVSS9.8AI score0.05586EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2019/05/22 12:0 a.m.18 views

Drupal 8.6.x < 8.6.16 Third-Party Libraries Vulnerability

According to its self-reported version, the instance of Drupal running on the remote web server is 7.0.x prior to 7.67, 8.6.x prior to 8.6.16, or 8.7.x prior to 8.7.1. It is, therefore, affected by a path traversal vulnerability. This security release fixes third-party dependencies included in or...

9.8CVSS9.8AI score0.05586EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2019/05/22 12:0 a.m.13 views

Drupal 8.7.x < 8.7.1 Third-Party Libraries Vulnerability

According to its self-reported version, the instance of Drupal running on the remote web server is 7.0.x prior to 7.67, 8.6.x prior to 8.6.16, or 8.7.x prior to 8.7.1. It is, therefore, affected by a path traversal vulnerability. This security release fixes third-party dependencies included in or...

9.8CVSS9.8AI score0.05586EPSS
Exploits0References4
OpenVAS
OpenVAS
added 2019/05/09 12:0 a.m.113 views

Drupal Third-party Libraries Vulnerability (SA-CORE-2019-007) - Windows

Drupal is prone to a vulnerability in the 3rd party library Phar Stream Wrapper. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

9.8CVSS6.7AI score0.05586EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2019/05/09 12:0 a.m.92 views

Drupal Third-party Libraries Vulnerability (SA-CORE-2019-007) - Linux

Drupal is prone to a vulnerability in the 3rd party library Phar Stream Wrapper. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

9.8CVSS6.7AI score0.05586EPSS
Exploits0References2
Drupal
Drupal
added 2019/05/08 12:0 a.m.70 views

Drupal core - Moderately critical - Third-party libraries - SA-CORE-2019-007

This security release fixes third-party dependencies included in or required by Drupal core. As described in TYPO3-PSA-2019-007: By-passing protection of Phar Stream Wrapper Interceptor: In order to intercept file invocations like fileexists or stat on compromised Phar archives the base name has ...

9.8CVSS1.3AI score0.05586EPSS
Exploits0References13
Fedora
Fedora
added 2019/03/29 7:41 p.m.39 views

[SECURITY] Fedora 30 Update: python3-3.7.2-8.fc30

Python is an accessible, high-level, dynamically typed, interpreted program ming language, designed with an emphasis on code readability. It includes an extensive standard library, and has a vast ecosystem of third-party libraries. The python3 package provides the "python3" executable: the...

9.8CVSS2.1AI score0.08811EPSS
Exploits0
Fedora
Fedora
added 2019/01/24 4:34 a.m.45 views

[SECURITY] Fedora 29 Update: python3-3.7.2-4.fc29

Python is an accessible, high-level, dynamically typed, interpreted program ming language, designed with an emphasis on code readability. It includes an extensive standard library, and has a vast ecosystem of third-party libraries. The python3 package provides the "python3" executable: the...

7.5CVSS2.1AI score0.20743EPSS
Exploits1
Fedora
Fedora
added 2019/01/19 1:55 a.m.11 views

[SECURITY] Fedora 28 Update: python3-3.6.8-1.fc28

Python is an accessible, high-level, dynamically typed, interpreted program ming language, designed with an emphasis on code readability. It includes an extensive standard library, and has a vast ecosystem of third-party libraries. The python3 package provides the "python3" executable: the...

2.1AI score
Exploits0
Drupal
Drupal
added 2019/01/16 12:0 a.m.80 views

Drupal core - Critical - Third Party Libraries - SA-CORE-2019-001

Drupal core uses the third-party PEAR ArchiveTar library. This library has released a security update which impacts some Drupal configurations. Refer to CVE-2018-1000888 for details...

8.8CVSS1.7AI score0.19207EPSS
Exploits5References13
Tenable Nessus
Tenable Nessus
added 2019/01/03 12:0 a.m.31 views

Fedora 28 : clamav (2018-eff94da132)

ClamAV 0.100.2 has been released! This is a patch release to address several vulnerabilities. Fixes for the following ClamAV vulnerabilities: CVE-2018-15378: Vulnerability in ClamAV's MEW unpacking feature that could allow an unauthenticated, remote attacker to cause a denial-of-service DoS...

8.8CVSS6.8AI score0.03806EPSS
Exploits0References6
Hacker One
Hacker One
added 2018/07/10 8:42 a.m.32 views

Nextcloud: Missing memory corruption protection on Windows release built

Hi, we have noticed that the Windows Desktop Client doesn't enable the protections ASLR and DEP and others. These protections are per-default enabled since approximately 10 years in Visual Studio and are very important because they make exploitation a lot harder or even make some vulnerabilities...

2.1CVSS1AI score0.00351EPSS
Exploits0
Imperva Blog
Imperva Blog
added 2018/04/13 4:12 p.m.65 views

Securing Modern Web Applications: Threats and Types of Attacks

Web Application Firewalls are the most advanced firewall capabilities available to IT teams. Deploying the appropriate WAF is important, especially these days when the security threat landscape is changing so rapidly. In a previous post, we introduced Web Application Firewalls: Securing Modern We...

0.6AI score
Exploits0
Fedora
Fedora
added 2018/04/06 11:10 a.m.43 views

[SECURITY] Fedora 28 Update: python3-3.6.5-1.fc28

Python is an accessible, high-level, dynamically typed, interpreted program ming language, designed with an emphasis on code readability. It includes an extensive standard library, and has a vast ecosystem of third-party libraries. The python3 package provides the "python3" executable: the...

7.5CVSS2.1AI score0.05103EPSS
Exploits1
Kitploit
Kitploit
added 2017/12/29 1:5 p.m.15 views

Merlin - A cross-platform post-exploitation HTTP/2 Command & Control server and agent

Merlin is a cross-platform post-exploitation HTTP/2 Command & Control server and agent written in golang. An introductory blog post can be found here: https://medium.com/@Ne0nd0g/introducing-merlin-645da3c635a Getting Started The quickest and easiest way to start using Merlin is download the...

7.5AI score
Exploits0References3
Google Chrome Security Advisories
Google Chrome Security Advisories
added 2017/03/29 12:0 a.m.40 views

Stable Channel Updates for Chrome OS

The Stable channel has been updated to 57.0.2987.137 Platform version: 9202.60.0 for all Chrome OS devices except AOpen Chromebase Mini, AOpen Chromebox Mini, Google Chromebook Pixel 2015, ASUS Chromebook Flip C100PA, Samsung Chromebook Plus. This build contains a number of bug fixes, security...

9.6CVSS9.9AI score0.02557EPSS
Exploits0Affected Software1
ThreatPost
ThreatPost
added 2016/12/15 10:0 a.m.55 views

Code Reuse a Peril for Secure Software Development

The amount of insecure software tied to reused third-party libraries and lingering in applications long after patches have been deployed is staggering. It’s a habitual problem perpetuated by developers failing to vet third-party code for vulnerabilities, and some repositories taking a hands-off...

9.1AI score0.99993EPSS
Exploits41References11
n0where
n0where
added 2016/11/03 6:18 a.m.93 views

Automated Security Response: Falcon Orchestrator

CrowdStrike Falcon Orchestrator is an extendable Windows-based application that provides workflow automation, case management and security response functionality. The tool leverages the highly extensible APIs contained within the CrowdStrike Falcon Connect program. Falcon Orchestrator has only be...

0.3AI score
Exploits0References2
Rows per page
Query Builder