Security Advisories & Alerts

WPA2 Key Reinstallation Multiple Security Weaknesses

Description: WPA2 is prone to multiple security weaknesses. Impact: Exploiting these issues may allow an unauthorized user to intercept and manipulate data or disclose sensitive information. This may aid in further attacks. Mitigation: Updates are available. Please see the references or vendor advisory for more information. Reference URL’s:

Read more

Intel Manageability Engine CVE-2017-5705 Multiple Local Buffer Overflow Vulnerabilities

Description: Multiple buffer overflows in kernel in Intel Manageability Engine Firmware 11.0/11.5/11.6/11.7/11.10/11.20 allow attacker with local access to the system to execute arbitrary code. Impact: Local attackers can exploit these issues to execute arbitrary code in the context of the affected application. Failed exploit attempts will likely result in denial-of-service...

Read more

Microsoft Office CVE-2017-11826 Memory Corruption Vulnerability

Description:  Microsoft Office 2010, SharePoint Enterprise Server 2010, SharePoint Server 2010, Web Applications, Office Web Apps Server 2010 and 2013, Word Viewer, Word 2007, 2010, 2013 and 2016, Word Automation Services, and Office Online Server allow remote code execution when the software fails to properly handle objects in memory. Impact:...

Read more

Microsoft Office CVE-2017-11825 Remote Code Execution Vulnerability

Description: Microsoft Office 2016 Click-to-Run (C2R) and Microsoft Office 2016 for Mac allow an attacker to use a specially crafted file to perform actions in the security context of the current user, due to how Microsoft Office handles files in memory, aka “Microsoft Office Remote Code Execution Vulnerability”. Impact: An...

Read more

Windows ASLR Vulnerability !!

Description:  Windows 8 and later fail to properly randomize every application if system-wide mandatory ASLR is enabled via EMET or Windows Defender Exploit Guard. Microsoft Windows 8 introduced a change in how system-wide mandatory ASLR is implemented. This change requires system-wide bottom-up ASLR to be enabled for mandatory ASLR to...

Read more

Microsoft Releases November 2017 Security Updates

Description: Microsoft has released updates to address vulnerabilities in Microsoft software. The November security release consists of security updates for the following software: Internet Explorer Microsoft Edge Microsoft Windows Microsoft Office and Microsoft Office Services and Web Apps ASP.NET Core and .NET Core Chakra Core Impact: A remote attacker could exploit some...

Read more

Joomla! Releases Security Update

Description: Joomla! has released version 3.8.2 of its Content Management System (CMS) software to address multiple vulnerabilities. Impact: A remote attacker could exploit one of these vulnerabilities to obtain sensitive information. Mitigation: Updates are available. Please see the references or vendor advisory for more information. Reference URL’s:

WordPress 4.8.3 Security Release

Description: WordPress 4.8.3 is now available. This is a security release for all previous versions and it is strongly encouraged you to update your sites immediately. WordPress versions 4.8.2 and earlier are affected by an issue where $wpdb->prepare() can create unexpected and unsafe queries leading to potential SQL injection (SQLi). WordPress core is not...

Read more

Apache Tomcat CVE-2017-5664 Security Bypass Vulnerability

Description: The error page mechanism of the Java Servlet Specification requires that, when an error occurs and an error page is configured for the error that occurred, the original request and response are forwarded to the error page. This means that the request is presented to the error page with...

Read more

PostgreSQL CVE-2014-0062 Security Bypass Vulnerability

Description: Race condition in the (1) CREATE INDEX and (2) unspecified ALTER TABLE commands in PostgreSQL before 8.4.20, 9.0.x before 9.0.16, 9.1.x before 9.1.12, 9.2.x before 9.2.7, and 9.3.x before 9.3.3 allows remote authenticated users to create an unauthorized index or read portions of unauthorized tables by creating or deleting...

Read more

Page 30 of 46« First...1020...2829303132...40...Last »