Description: Microsoft has released security updates to address a vulnerability in Windows 7 x64 and Windows Server 2008 R2 x64 systems. Impact: A remote attacker could exploit this vulnerability to take control of an affected system. Mitigation: Apply an update. This issue is addressed in the Microsoft update for CVE-2018-1038. Please see the references or vendor advisory for more information. Reference URL’s: https://www.kb.cert.org/vuls/id/277400
Description: The Apache Software Foundation has released a security update to address a vulnerability in Struts 2. Impact: A remote attacker could exploit this vulnerability to take control of an affected system. Mitigation: Upgrade to Struts 2.5.16. Please see the references or vendor advisory for more information. Reference URL’s: https://cwiki.apache.org/confluence/display/WW/S2-056
Description: A remote code execution vulnerability exists within multiple subsystems of Drupal 7.x and 8.x. This potentially allows attackers to exploit multiple attack vectors on a Drupal site, which could result in the site being completely compromised. Impact: A remote attacker could exploit this vulnerability to take control of an affected system. Mitigation: If you are running 7.x, upgrade to Drupal 7.58. If you are running...
Read More
Description: Cisco has released updates to address vulnerabilities affecting multiple products. Review the following Cisco Security Advisories and apply the necessary updates: Cisco IOS XE Software Static Credential Vulnerability Cisco IOS and IOS XE Software Smart Install Remote Code Execution Vulnerability Cisco IOS and IOS XE Software Quality of Service Remote Code Execution Vulnerability Impact: A remote attacker could exploit some of these vulnerabilities to...
Read More
Description: Multiple vulnerabilities have been discovered in MozillaFirefox and Firefox Extended Support Release (ESR), which could allow for remote code execution. Details of the vulnerabilities are as follows: * A remote code-execution vulnerability exists because it fails to properly process Vorbis audio data. Specifically, this issue occurs due to an out-of-bounds write error in the ‘libvorbis’ library. (CVE-2018-5146) * A remote code-execution vulnerability exists because...
Read More
