Security Advisories & Alerts

Microsoft Releases September 2017 Security Updates

Description:  Microsoft releases security updates for September 17. This release consists of security updates for the following software: Microsoft Excel 2016 for Mac Microsoft Office 2016 for Mac Microsoft .NET Framework Windows Server 2008 Impact: An attacker who successfully exploited the vulnerability could take control of an affected system. Mitigation:...

Read more

Sudo CVE-2017-1000368 Incomplete Fix Local Privilege Escalation Vulnerability

Description:  Todd Miller’s sudo version 1.8.20p1 and earlier is vulnerable to an input validation (embedded newlines) in the get_process_ttyname() function resulting in information disclosure and command execution. Impact: Local attackers could exploit this issue to run arbitrary commands with root privileges. This issue is fixed in sudo 1.8.20p2. NOTE: This...

Read more

Apache Struts CVE-2017-9805 Remote Code Execution Vulnerability

Description:   The REST Plugin is using a XStreamHandler with an instance of XStream for deserialization without any type filtering and this can lead to Remote Code Execution when deserializing XML payloads. Impact: Successfully exploiting this issue may allow an attacker to execute arbitrary code in the context of the affected...

Read more

Symantec Messaging Gateway CVE-2017-6326 Remote Code Execution Vulnerability

Description:   The Symantec Messaging Gateway can encounter an issue of remote code execution, which describes a situation whereby an individual may obtain the ability to execute commands remotely on a target machine or in a target process. Impact: Attackers can exploit this issue to execute arbitrary code on the affected...

Read more

Linux Kernel CVE-2017-1000379 Local Security Bypass Vulnerability

Description:  The Linux Kernel running on AMD64 systems will sometimes map the contents of PIE executable, the heap or to where the stack is mapped allowing attackers to more easily manipulate the stack. Linux Kernel version 4.11.5 is affected. Impact: Attackers can exploit this issue to bypass certain security...

Read more

Linux kernel CVE-2017-12762 Local Buffer Overflow Vulnerability

Description:  In /drivers/isdn/i4l/isdn_net.c: A user-controlled buffer is copied into a local buffer of constant size using strcpy without a length check which can cause a buffer overflow. This affects the Linux kernel 4.9-stable tree, 4.12-stable tree, 3.18-stable tree, and 4.4-stable tree. Impact: Successful exploits may allow attackers to execute arbitrary...

Read more

Page 19 of 32« First...10...1718192021...30...Last »