Description: Drupal 8.3.7 is a maintenance release which contain fixes for security vulnerabilities. Updating your existing Drupal 8 sites is strongly recommended. This release fixes security issues only; there are no new features nor non-security-related bug fixes in this release. Impact: A remote attacker could exploit one of these vulnerabilities to obtain or modify sensitive information. Mitigation: Updates are available. Please check specific vendor advisory for more...
Read More
Description: Mozilla has released security updates to address multiple vulnerabilities in Firefox and Firefox ESR. The Developer Tools feature suffers from a XUL injection vulnerability due to improper sanitization of the web page source code. In the worst case, this could allow arbitrary code execution when opening a malicious page with the style editor tool. Impact: An attacker who successfully exploited the vulnerability could take control...
Read More
Description: Adobe has released security updates to address vulnerabilities in Adobe Flash Player, Acrobat, Reader, Experience Manager, and Digital Editions. Impact: An attacker who successfully exploited the vulnerability could take control of an affected system. Mitigation: Updates are available. Please check specific vendor advisory for more information. Reference URL’s: https://helpx.adobe.com/security/products/flash-player/apsb17-23.html https://helpx.adobe.com/security/products/acrobat/apsb17-24.html https://helpx.adobe.com/security/products/experience-manager/apsb17-26.html https://helpx.adobe.com/security/products/Digital-Editions/apsb17-27.html
Description: Microsoft releases security updates for August 17. This release consists of security updates for the following software: Internet Explorer Microsoft Edge Microsoft Windows Microsoft SharePoint Adobe Flash Player Microsoft SQL Server Impact: An attacker who successfully exploited the vulnerability could take control of an affected system. Mitigation: Updates are available. Please check specific vendor advisory for more information. Reference URL’s: https://portal.msrc.microsoft.com/en-us/security-guidance https://portal.msrc.microsoft.com/en-us/security-guidance/releasenotedetail/b3d96835-f651-e711-80dd-000d3a32fc99
Description: The tcp_v6_syn_recv_sock function in net/ipv6/tcp_ipv6.c in the Linux kernel through 4.11.1 mishandles inheritance, which allows local users to cause a denial of service or possibly have unspecified other impact via crafted system calls, a related issue to CVE-2017-8890. Impact: An attacker can exploit this issue to cause a local denial-of-service condition. Mitigation: Updates are available. Please check specific vendor advisory for more information. Reference...
Read More
