Skip to content

Home Early Warning System Advisories
Advisory
RDP Clients Multiple Vulnerabilities
Thursday, 07 February 2019 21:00

Multiple vulnerabilities and issues were discovered in FreeRDP, rdesktop, and Windows built-in RDP.
FreeRDP has been found vulnerable to 6 vulnerabilities, 5 of which are major memory corruption issues that could even result in remote code execution on the client's computer.
rdesktop has been found vulnerable to 19 vulnerabilities, 11 of which could allow a malicious RDP server to execute arbitrary code on the client's computer.
Security researchers also discovered some issue in Windows built-in RDP, but Microsoft decided not to address the issues.
Users are advised to apply available update as soon as possible.

 
Linux Security Update Overview (February 6, 2019)
Wednesday, 06 February 2019 12:00

The following Linux distributions have released security updates to fix vulnerabilities:
Debian: Security updates for curl, dovecot, libgd2, libvncserver, rssh, libreoffice, golang-1.8, and golang-1.7.
SUSE: Security updates for MozillaFirefox, rmt-server, curl, lua53, python3, spice, Linux Kernel, haproxy, uriparser, and java-11-openjdk.
Ubuntu: Security updates for LibreOffice, curl, Dovecot and Linux kernel.
Oracle Linux: Security updates for Unbreakable Enterprise kernel, thunderbird, spice, and polkit.
Red Hat: Security updates for rh-haproxy18-haproxy, systemd, and thunderbird.

 
Linux Security Update Overview (January 30, 2019)
Wednesday, 30 January 2019 09:00

The following Linux distributions have released security updates to fix vulnerabilities:
Debian: Security updates for qtbase-opensource-src, coturn, and ghostscript.
SUSE: Security updates for avahi, krb5, and python-paramiko.
Oracle Linux: Security updates for qemu.
Ubuntu: Security updates for Linux kernel and Spice.
Archlinux: Security updates for subversion.

 
phpMyAdmin Releases Version 4.8.5 to Fix SQL Injection and Arbitrary File Read Vulnerabilities
Tuesday, 29 January 2019 11:00

Two vulnerabilities were reported in phpMyAdmin version prior to 4.8.5. A specially crafted username can be used to trigger an SQL injection attack. An attacker may be able to read any file or exploit the vulnerability to delete arbitrary files on the server. Users are advised to upgrade phpMyAdmin to version 4.8.5 or apply available patches.

 
Cisco Security Advisories
Thursday, 24 January 2019 17:00

Cisco has released one(1) Critical, eleven(11) High, and ten(10) Medium new security advisories to address vulnerabilities in multiple Cisco products. It is advised to update.
(Critical)A vulnerability in the vContainer of the Cisco SD-WAN Solution could allow an authenticated, remote attacker to cause a denial of service (DoS) condition and execute arbitrary code as the root user.

 
<< Start < Prev 1 2 3 4 5 6 7 8 9 10 Next > End >>

Page 8 of 374
[YOUR IP: 3.84.182.112: 50304] ...   [YOUR BROWSER: CCBot/2.0 (https://commoncrawl.org/faq/)] ...