Author Archives: CIRT Team



CIRT Team

in Security Advisories & Alerts

Drupal Releases Critical Security Updates

Description: A remote code execution vulnerability exists within multiple subsystems of Drupal 7.x and 8.x. This potentially allows attackers to exploit multiple attack vectors on a Drupal site, which could result in the site being compromised. This vulnerability is related to Drupal core – Highly critical – Remote Code Execution –...

Read more

0
26 Apr 2018
in Security Advisories & Alerts

Apple Releases Security Updates !

Description: Apple has released security updates to address vulnerabilities in multiple products. The following is titled under this update : Safari 11.1 macOS High Sierra 10.13.4 iOS 11.3.1 Impact: An attacker who successfully exploited the vulnerability could take control of an affected system. Mitigation: Updates are available. Please check specific vendor...

Read more

0
25 Apr 2018
in Security Advisories & Alerts

Cisco Releases Security Updates

Description: Cisco has released several updates to address vulnerabilities affecting multiple products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. The following products are covered by the updates : Cisco WebEx Clients Remote Code Execution Vulnerability cisco-sa-20180418-wbs(link is external) Cisco UCS Director Virtual...

Read more

0
19 Apr 2018
in Security Advisories & Alerts

Drupal Releases Security Updates

Description: CKEditor, a third-party JavaScript library included in Drupal core, has fixed a cross-site scripting (XSS) vulnerability. The vulnerability stemmed from the fact that it was possible to execute XSS inside CKEditor when using the image2 plugin (which Drupal 8 core also uses). We would like to thank the CKEditor team for patching...

Read more

0
19 Apr 2018
in News Clipping

Flaw in Microsoft Outlook Lets Hackers Easily Steal Your Windows Password [source: thehackernews]

A security researcher has disclosed details of an important vulnerability in Microsoft Outlook for which the company released an incomplete patch this month—almost 18 months after receiving the responsible disclosure report. The Microsoft Outlook vulnerability (CVE-2018-0950) could allow attackers to steal sensitive information, including users’ Windows login credentials, just by convincing...

Read more

0
19 Apr 2018
in Security Advisories & Alerts

Oracle Critical Patch Update – April 2018

Description: A Critical Patch Update is a collection of patches for multiple security vulnerabilities. Critical Patch Update patches are usually cumulative, but each advisory describes only the security fixes added since the previous Critical Patch Update advisory. Thus, prior Critical Patch Update advisories should be reviewed for information regarding earlier...

Read more

0
18 Apr 2018
in Security Advisories & Alerts

VMware Releases Security Updates

Description: VMware has released security updates to address a vulnerability in vRealize Automation. Impact: An attacker could exploit this vulnerability to take control of an affected system. Mitigation: Apply an update. Please see the references or vendor advisory for more information. Reference URL’s: https://www.vmware.com/security/advisories/VMSA-2018-0009.html

0
17 Apr 2018
Page 31 of 94« First...1020...2930313233...405060...Last »