Security Advisories & Alerts


Apple Swift CVE-2018-4220 Arbitrary Code Execution Vulnerability

Description: Apple Swift is prone to an arbitrary code-execution vulnerability. Impact: A remote attacker may exploit this issue to execute arbitrary code in the context of the affected application. Failed attempts will likely cause a denial-of-service condition. Mitigation: Updates are available. Please see the references or vendor advisory for more...

Read more


Multiple Devices Integrated GPUs CVE-2018-10229 Security Bypass Vulnerability

Description: A hardware vulnerability in GPU memory modules allows attackers to accelerate micro-architectural attacks through the use of the JavaScript WebGL API. Impact: Upon visiting a malicious or compromised website with a vulnerable device, an attacker may be able to bypass security features provided by the web browser. Mitigation: Apply...

Read more


QEMU CVE-2017-15124 Denial of Service Vulnerability

Description: VNC server implementation in Quick Emulator (QEMU) 2.11.0 and older was found to be vulnerable to an unbounded memory allocation issue, as it did not throttle the framebuffer updates sent to its client. If the client did not consume these updates, VNC server allocates growing memory to hold onto...

Read more


OpenStack Nova CVE-2017-18191 Local Denial of Service Vulnerability

Description: An issue was discovered in OpenStack Nova 15.x through 15.1.0 and 16.x through 16.1.1. By detaching and reattaching an encrypted volume, an attacker may access the underlying raw volume and corrupt the LUKS header, resulting in a denial of service attack on the compute host. (The same code error...

Read more


Memory double free vulnerability on Huawei smartphones (CVE-2017-17320)

Description: Huawei Mate 9 Pro smartphones with software of LON-AL00BC00B139D, LON-AL00BC00B229, LON-L29DC721B188 have a memory double free vulnerability. The system does not manage the memory properly, that frees on the same memory address twice. An attacker tricks the user who has root privilege to install a crafted application, successful exploit...

Read more


Microsoft Releases Critical Security Updates

Description: A remote code execution vulnerability exists when the Windows Host Compute Service Shim (hcsshim) library fails to properly validate input while importing a container image. To exploit the vulnerability, an attacker would place malicious code in a specially crafted container image which, if an authenticated administrator imported (pulled), could...

Read more


Multiple Vulnerabilities in PHP

Description: Multiple vulnerabilities have been discovered in PHP, the most severe of which could allow an attacker to execute arbitrary code. PHP is a programming language originally designed for use in web-based applications with HTML content. PHP supports a wide variety of platforms and is used by numerous web-based software...

Read more


Page 10 of 32« First...89101112...2030...Last »