Security Advisories & Alerts

CVE-2017-6074: Linux local root exploit

New CVE-2017-6074 Linux local root exploit was published. CVE-2017-6074: The dccp_rcv_state_process function in net/dccp/input.c in the Linux kernel through 4.9.11 mishandles DCCP_PKT_REQUEST packet data structures in the LISTEN state, which allows local users to obtain root privileges or cause a denial of service (double free) via an application that makes an...

Read more

CVE-2017-3135: denial-of-service vulnerability in ISC BIND 9

ISC announced CVE-2017-3135, a denial-of-service vulnerability that can affect resolvers using both DNS64 and RPZ to rewrite responses for the same view. This affects all BIND 9.9 releases since 9.9.3, all BIND 9.10 releases, and all BIND 9.11 releases, including the 9.9.10b1, 9.10.5b1, and 9.11.1b1 releases. Mitigation: Upgrade to the...

Read more

Don’t click “Chrome: The ‘HoeflerText’ font wasn’t found scam”

Researchers at Proofpoint discovered an infection technique which targets only chrome users on Windows. The Chrome users are targeted with Font Wasn’t Found Social Engineering Scheme if they navigate to a compromised website through search engines. Once users runs the downloaded file dubbed as “Chrome_Font.exe”, it gets installed and infects...

Read more

Page 46 of 46« First...102030...4243444546