Home Tags Header

Tag: Header

VU#834067: Apache Struts 2 is vulnerable to remote code execution

Vulnerability Note VU#834067 Apache Struts 2 is vulnerable to remote code execution Original Release date: 14 Mar 2017 | Last revised: 14 Mar 2017

Now’s the time to get caught up on Windows and Office...

There were almost no patches from Microsoft in February, and the ones that were released haven’t caused any problems.So it makes a lot of...

Google reports “high-severity” bug in Edge/IE, no patch available

Enlarge (credit: Ccetsnakebite) A member of Google's Project Zero security research team has disclosed a high-severity vulnerability in Microsoft's Edge and Internet Explorer...

KopiLuwak: A New JavaScript Payload from Turla

On 28 January 2017, John Lambert of Microsoft (@JohnLaTwC) tweeted about a malicious document that dropped a “very interesting .JS backdoor“.Since the end of...

AVG AntiVirus Free (2017)

Everybody needs antivirus protection. Everybody! And I don't mean the antivirus built into Windows—it just doesn't measure up. Fortunately, you can get that protection...

WordPress plugs eight holes in latest release

Cross-site scripting, request forgery, and more! WordPress has patched a series of vulnerabilities in its content management system shuttering bugs affecting more than 10 million...

WordPress 4.7.1 Fixes CSRF, XSS, PHPMailer Vulnerabilities

WordPress developers are encouraging users of the content management system to apply a new update, pushed this week, to resolve eight security issues, including...

JSA10770 – 2017-01 Security Bulletin: Junos Space: Multiple vulnerabilities resolved in...

CVE CVSS base score Summary CVE-2016-1762 9.8 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) The xmlNextChar function in libxml2 allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted XML...

JSA10774 – 2017-01 Security Bulletin: Network and Security Manager (NSM): Multiple...

CVE CVSS base score Summary CVE-2015-5600 6.5 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L) The kbdint_next_device function in auth2-chall.c in sshd in OpenSSH through 6.9 does not properly restrict the processing of keyboard-interactive devices within...

Sneaky chat app Signal deploys decoy domains to deny despots

Reasonably secure messenger has, for now, outwitted those who would block it The latest update of Signal, one of the most well-regarded privacy-focused messaging applications...