Skip to content

Home Early Warning System Advisories
Advisory
Drupal Patched Several Vulnerabilities in Third-Party Libraries
Monday, 22 April 2019 09:00

Drupal has release security updates to address multiple "moderately critical" vulnerabilities in Drupal Core that could allow a remote attacker to perform cross-site scripting, remote code execution, and authentication bypass attacks. It is advised to update to Drupal 8.6.15, 8.5.15, or 7.66.

 
Linux Security Update Overview (April 17, 2019)
Wednesday, 17 April 2019 10:00

The following Linux distributions have released security updates to fix vulnerabilities:
Debian: Security updates for ghostscript, libssh2, wpa, and spip.
Gentoo: Security updates for phpMyAdmin, libTIFF, GnuTLS, Git, ClamAV, and Portage.
Ubuntu: Security updates for Firefox, OpenJDK 11, WebKitGTK+, Libxslt, rssh, Ruby, wpa_supplicant, and Apache.
Arch Linux: Security updates for flashplugin, jenkins, beep, and ghostscript.
Redhat: Security updates for rh-python36-python, httpd24-httpd, httpd24-mod_auth_mellon, and Istio-Proxy.
OpenSUSE: Security updates for nodejs10, dovecot23, apache2, clamav, SDL, openwsman, and gnuplot.

 
Apache Tomcat Patches Remote Code Execution Vulnerability
Tuesday, 16 April 2019 09:00

A remote code execution vulnerability was discovered in Apache Tomcat. When running on Windows with enableCmdLineArguments enabled, the CGI Servlet is vulnerable to Remote Code Execution due to a bug in the way the JRE passes command line arguments to Windows (The CGI Servlet is disabled by default and its option enableCmdLineArguments is disabled by default in Tomcat 9.0.x.). It is advised to set the CGI Servlet initialisation parameter enableCmdLineArguments to false to upgrade Apache Tomcat to the unaffected version.

 
Linux Security Update Overview (April 10, 2019)
Wednesday, 10 April 2019 12:00

The following Linux distributions have released security updates to fix vulnerabilities:
Gentoo: Security updates for Mailman and Xen.
Ubuntu: Security updates for Wget, OpenJDK 7, systemd, Lua, ClamAV, Samba, and Apache HTTP Server.
Arch Linux: Security updates for thunderbird, apache, and gnutls.
OpenSUSE: Security updates for ldb, ntp, znc, liblouis, sqlite3, tiff, go1.11, Mozilla Thunderbird, sysstat, nodejs6, openssl, ovmf, and bash.

 
Microsoft Security Updates (April 2019)
Wednesday, 10 April 2019 10:00

Microsoft has released security updates for Adobe Flash Player, Internet Explorer, Microsoft Edge, Microsoft Windows, Microsoft Office and Microsoft Office Services and Web Apps, ChakraCore, ASP.NET, Microsoft Exchange Server, Team Foundation Server, Azure DevOps Server, Open Enclave SDK, and Windows Admin Center. These updates resolve over 70 vulnerabilities, two of the vulnerabilities being exploited in the wild. Users are advised to update as soon as possible.

 
<< Start < Prev 1 2 3 4 5 6 7 8 9 10 Next > End >>

Page 10 of 382
[YOUR IP: 3.233.215.231: 53078] ...   [YOUR BROWSER: CCBot/2.0 (https://commoncrawl.org/faq/)] ...