Description: A vulnerability has been discovered in Adobe Flash Player, which could allow for arbitrary code execution. Adobe Flash Player is a widely distributed multimedia and application player used to enhance the user experience when visiting web pages or reading email messages. Impact: Successful exploitation of this vulnerability could allow for arbitrary code execution in the context of the user running the application. Depending on...
Read More
Description: Multiple Dell EMC Products are prone to multiple remote command-injection vulnerabilities. Dell EMC Unity Operating Environment (OE) versions prior to 4.3.0.1522077968 are affected by multiple OS command injection vulnerabilities. Impact: A remote application admin user could potentially exploit the vulnerabilities to execute arbitrary OS commands as system root on the system where Dell EMC Unity is installed. Mitigation: Updates are available. Please see the...
Read More
Description: Apple Swift is prone to an arbitrary code-execution vulnerability. Impact: A remote attacker may exploit this issue to execute arbitrary code in the context of the affected application. Failed attempts will likely cause a denial-of-service condition. Mitigation: Updates are available. Please see the references or vendor advisory for more information. Reference URL’s: https://support.apple.com/en-us/HT208804 https://lists.apple.com/archives/security-announce/2018/May/msg00000.html https://www.securityfocus.com/bid/104085/info https://swift.org/
Description: A hardware vulnerability in GPU memory modules allows attackers to accelerate micro-architectural attacks through the use of the JavaScript WebGL API. Impact: Upon visiting a malicious or compromised website with a vulnerable device, an attacker may be able to bypass security features provided by the web browser. Mitigation: Apply an update. Google Chrome and Mozilla Firefox have released updates which disable high precision timers...
Read More
Description: Multiple vulnerabilities have been discovered in Google Android OS, the most severe of which could allow for arbitrary code execution within the context of a privileged process. Details of these vulnerabilities are as follows: * An information disclosure vulnerability in Android runtime. (CVE-2017-13309) * Multiple elevation of privilege vulnerabilities in Framework. (CVE-2017-13310, CVE-2017-13311) * Multiple information disclosure vulnerabilities in Kernel components. (CVE-2017-16643, CVE-2017-5754) *...
Read More
