Security Vulnerabilities - Page 17

Discover Security Vulnerabilities News

PHP team fixes nasty site-owning remote execution bug

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

The PHP development team has fixed a bug that could allow remote code execution in some setups of the programming language. Get the details:

Brittany Day
Oct 29, 2019

PHP RCE flaw actively exploited to pop NGINX servers

A recently patched vulnerability (CVE-2019-11043) in PHP is being actively exploited by attackers to compromise NGINX web servers, threat intelligence firm Bad Packets hasconfirmed. Learn more:

Brittany Day
Oct 28, 2019

Linux Sudo Bug Lets Non-Privileged Users To Run Commands As Root

A Linux Sudo bug which allows users to run some restricted commands as root without permission has been discovered. Learn more about this security vulnerability in an informative Techworm article:

Brittany Day
Oct 16, 2019

Hackers bypassing some types of 2FA security FBI warns

Are you aware that hackers are bypassing some types of 2FA security? Get the details:

Brittany Day
Oct 11, 2019

Zero-day published for old Joomla CMS versions

Are you a Joomla user? Details have been published online last week about a vulnerability in older versions of the Joomla content management system (CMS), a popular web-based application for building and managing websites. Learn more in a great ZDNet article:

Brittany Day
Oct 08, 2019

Exim suffers another ‘critical’ remote code execution flaw

Remember the critical remote code execution (RCE) vulnerability in the Exim email server,CVE-2019-15846,from mid-September?Barely two weeks later, and the software’s maintainers have issued an advisory for another potentially troublesome bug,identified as CVE-2019-16928, which has been given the same critical rating. Learn more in a great NakedSecurity article:

Brittany Day
Oct 02, 2019

New Critical Exim Flaw Exposes Email Servers to Remote Attacks — Patch Released

Are you an Exim user? A critical security vulnerability has been discovered and fixed in the popular open-source Exim email server software, which could allow a remote attacker to simply crash or potentially execute malicious code on targeted servers. Learn more about the vulnerability in a great The Hacker News article:

Brittany Day
Sep 30, 2019

Some Voting Machines Still Have Decade-Old Vulnerabilities

The results of the 2019 Defcon Voting Village are in—and they paint an ugly picture for voting machine security. Learn more in an interesting Wired article:

Brittany Day
Sep 26, 2019

Hackers are infecting WordPress sites via a defunct plug-in

If you’re a WordPress admin using a plug-in called Rich Reviews, you’ll want to uninstall it. Now. Learn more:

Brittany Day
Sep 26, 2019

Server-squashing zero-day published for phpMyAdmin tool

Are you a phpMyAdmin user? A researcher has just published a zero-day security bug in one of the web’s most popular database administration software packages. Learn more:

Brittany Day
Sep 20, 2019

Patch now: 1,300 Harbor cloud registries open to attack

Have you heard that a severe critical privilege escalation vulnerability has been found in Harbor open-source registry software? Learn more:

Brittany Day
Sep 19, 2019

Warning: Researcher Drops phpMyAdmin Zero-Day Affecting All Versions

Are you a phpMyAdmin user? A cybersecurity researcher recently published details and proof-of-concept for an unpatched zero-day vulnerability in phpMyAdmin—one of the most popular applications for managing the MySQL and MariaDB databases. Learn more:

Brittany Day
Sep 18, 2019

Google fixes Chromebook 2FA flaw in ‘built-in security key’

Are you a Chromebook user? Google has discovered a serious flaw in a Chromebook security feature which allows owners to press their device’s power button to initiate U2F two-factor authentication (2FA). Learn more:

Brittany Day
Sep 16, 2019

Google discloses vulnerability in Chrome OS 'built-in security key' feature

Are you a Chromebook user? If so, make sure you have updated to Chrome OS 75 or later to receive a fix for a vulnerability in a "built-in security key" feature. Learn more:

Brittany Day
Sep 12, 2019

Critical TLS flaw opens Exim servers to remote compromise

A ‘critical’ security vulnerability has been discovered in the Exim mail server that requires admins’ urgent attention. Learn more about the flaw and how to protect your servers:

Brittany Day
Sep 10, 2019

Millions of Exim servers vulnerable to root-granting exploit

Are you an Exim user? Have you heard that Exim has been impacted by its second major bug this summer? Learn more:

Brittany Day
Sep 07, 2019

Major Security Flaw Found in Google Chrome, Patch Must Be Installed ASAP

A security flaw in Google Chrome allows an attacker to eventually take control a vulnerable host, and Google recommends users to deploy a patch as soon as possible. All versions of the browser are affected, including Google Chrome for Linux. Learn more:

Brittany Day
Sep 02, 2019

Google warns of system-controlling Chrome bug

Are you a Google Chrome user? If so, have you heard about the system-controlling Chrome bug in Blink? Get the details:

Brittany Day
Aug 30, 2019

Red Hat Enterprise Linux 6 and CentOS 6 Receive Important Kernel Security Update

Have you heard that the Red Hat Enterprise Linux 6 and CentOS 6 GNU/Linux operating systems have received an important Linux kernel security update that addresses several critical vulnerabilities and fixes various bugs? Learn more about this update:

Brittany Day
Aug 26, 2019

The Dangers of Open-Source Vulnerabilities, and What You Can Do About It

Neglecting basic security practices exposes companies to long-standing security threats. Learn what you can do to mitigate the risk that security vulnerabilities pose to your business:

Brittany Day
Aug 19, 2019

Security Vulnerabilities - Page 17

Exim 4.98 Addresses Critical Vulnerabilities, Bolsters Email Server Security

Recent OpenSSH RCE Bug Explained: Impact & Mitigations

CVE-2024-4577: A Swiftly Weaponized Vulnerability for Ransomware Distribution