Security Advisories & Alerts

Squirrelmail CVE-2017-7692 Command Injection Vulnerability

Description:  SquirrelMail versions 1.4.22 and below are vulnerable to a command-line argument injection exploit that could allow arbitrary code execution if $edit_identity and $useSendmail are enabled and user has knowledge of the location and permissions on the SquirrelMail attachment directory. Impact: Successful exploit allows an attacker to inject and execute...

Read more

Linux Kernel CVE-2017-7895 Multiple Security Bypass Vulnerabilities

Description: The NFSv2 and NFSv3 server implementations in the Linux kernel through 4.10.13 lacks certain checks for the end of a buffer, which allows remote attackers to trigger pointer-arithmetic errors or possibly have unspecified other impact via crafted requests, related to fs/nfsd/nfs3xdr.c and fs/nfsd/nfsxdr.c. Impact: Attackers can exploit these issues...

Read more

Linksys Smart Wi-Fi Vulnerabilities

Description: Cyber security researchers from IOActive said in an advisory that after reverse engineering, the router firmware they identified total of 10 security vulnerabilities, ranging from low-to-high risk issues, six of which can be exploited remotely by unauthenticated attackers. Impact: Because of these vulnerabilities, it allows unauthenticated attackers to create...

Read more

Drupal Security Issue SA-CONTRIB-2017-38

Description: The Drupal security team has discovered a critical vulnerability in a third-party module named References. Although this module is no longer maintained, it is currently used within over 120,000 installations. Impact:  The Drupal security team did not disclose the technical details about the vulnerability in order to avoid the...

Read more

Page 76 of 84« First...102030...7475767778...Last »