Security Advisories & Alerts


Cisco Secure Access Control System Remote Code Execution Vulnerability

Description: A vulnerability in the ACS Report component of Cisco Secure Access Control System (ACS) could allow an unauthenticated, remote attacker to execute arbitrary commands on an affected system. Commands executed by the attacker are processed at the targeted user’s privilege level. The vulnerability is due to insufficient validation of the Action Message Format (AMF) protocol. An attacker could exploit this vulnerability by sending a...

Read More


Cisco Wireless LAN Controller 802.11 Management Frame Denial of Service Vulnerability

Description: A vulnerability in the 802.11 frame validation functionality of the Cisco Wireless LAN Controller (WLC) could allow an unauthenticated, adjacent attacker to cause an affected device to reload unexpectedly, resulting in a denial of service (DoS) condition. The vulnerability is due to incomplete input validation of certain 802.11 management information element frames that an affected device receives from wireless clients. An attacker could exploit...

Read More


Cisco Aironet 1800, 2800, and 3800 Series Access Points Secure Shell Privilege Escalation Vulnerability

Description: A vulnerability in the assignment and management of default user accounts for Secure Shell (SSH) access to Cisco Aironet 1800, 2800, and 3800 Series Access Points that are running Cisco Mobility Express Software could allow an authenticated, remote attacker to gain elevated privileges on an affected access point. Impact: The vulnerability exists because the Cisco Mobility Express controller of the affected software configures the...

Read More


Drupal Releases Critical Security Updates

Description: A remote code execution vulnerability exists within multiple subsystems of Drupal 7.x and 8.x. This potentially allows attackers to exploit multiple attack vectors on a Drupal site, which could result in the site being compromised. This vulnerability is related to Drupal core – Highly critical – Remote Code Execution – SA-CORE-2018-002. Both SA-CORE-2018-002 and this vulnerability are being exploited in the wild. Impact: An attacker...

Read More


Apple Releases Security Updates !

Description: Apple has released security updates to address vulnerabilities in multiple products. The following is titled under this update : Safari 11.1 macOS High Sierra 10.13.4 iOS 11.3.1 Impact: An attacker who successfully exploited the vulnerability could take control of an affected system. Mitigation: Updates are available. Please check specific vendor advisory for more information. Reference URL’s: https://support.apple.com/en-us/HT208741 https://support.apple.com/en-us/HT208742 https://support.apple.com/en-us/HT208743


Cisco Releases Security Updates

Description: Cisco has released several updates to address vulnerabilities affecting multiple products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. The following products are covered by the updates : Cisco WebEx Clients Remote Code Execution Vulnerability cisco-sa-20180418-wbs(link is external) Cisco UCS Director Virtual Machine Information Disclosure Vulnerability for End User Portal cisco-sa-20180418-uscd(link is external) Cisco StarOS Interface Forwarding Denial...

Read More


Drupal Releases Security Updates

Description: CKEditor, a third-party JavaScript library included in Drupal core, has fixed a cross-site scripting (XSS) vulnerability. The vulnerability stemmed from the fact that it was possible to execute XSS inside CKEditor when using the image2 plugin (which Drupal 8 core also uses). We would like to thank the CKEditor team for patching the vulnerability and coordinating the fix and release process, and matching the Drupal core security...

Read More


Oracle Critical Patch Update – April 2018

Description: A Critical Patch Update is a collection of patches for multiple security vulnerabilities. Critical Patch Update patches are usually cumulative, but each advisory describes only the security fixes added since the previous Critical Patch Update advisory. Thus, prior Critical Patch Update advisories should be reviewed for information regarding earlier published security fixes. Impact: An attacker could exploit this vulnerability to take control of an...

Read More


VMware Releases Security Updates

Description: VMware has released security updates to address a vulnerability in vRealize Automation. Impact: An attacker could exploit this vulnerability to take control of an affected system. Mitigation: Apply an update. Please see the references or vendor advisory for more information. Reference URL’s: https://www.vmware.com/security/advisories/VMSA-2018-0009.html


Adobe Releases Security Updates

Description: Adobe has released security updates to address vulnerabilities in Adobe PhoneGap Push Plugin, Adobe Digital Editions, Adobe InDesign, Adobe Experience Manager, and Adobe Flash Player. Impact: A remote attacker could exploit this vulnerability to take control of an affected system. Mitigation: Apply an update. Please see the references or vendor advisory for more information. Reference URL’s: https://helpx.adobe.com/security/products/phonegap/apsb18-15.html https://helpx.adobe.com/security/products/Digital-Editions/apsb18-13.html https://helpx.adobe.com/security/products/indesign/apsb18-11.html https://helpx.adobe.com/security/products/experience-manager/apsb18-10.html https://helpx.adobe.com/security/products/flash-player/apsb18-08.html


Page 45 of 66« First...102030...4344454647...5060...Last »