Security Advisories & Alerts

Linux Kernel CVE-2017-2636 Local Privilege Escalation Vulnerability

Description:  Race condition in drivers/tty/n_hdlc.c in the Linux kernel through 4.10.1 allows local users to gain privileges or cause a denial of service (double free) by setting the HDLC line discipline. Impact: Local attackers may exploit this issue to gain elevated privileges. Mitigation: Updates are available. Please check the respective...

Read more

Apache Struts 2 Vulnerability Leads to Remote Code Execution (CVE-2017-5638)

Description: The Jakarta Multipart parser in Apache Struts 2 2.3.x before 2.3.32 and 2.5.x before mishandles file upload, which allows remote attackers to execute arbitrary commands via a #cmd= string in a crafted Content-Type HTTP header, as exploited in the wild in March 2017. Impact:  This vulnerability allows for...

Read more

WordPress versions 4.7.2 and earlier are affected by six security issues

Description: Cross-site scripting (XSS) via media file metadata. Control characters can trick redirect URL validation Unintended files can be deleted by administrators using the plugin deletion functionality Cross-site scripting (XSS) via video URL in YouTube embeds. Cross-site scripting (XSS) via taxonomy term names. Cross-site request forgery (CSRF) in Press This...

Read more

Page 60 of 64« First...102030...5859606162...Last »