Vulnerabilities & Exploits
- 26 czerwca 2019Kubernetes announced the discovery of CVE-2019-11246, a high-severity vulnerability affecting the command-line interface kubectl, during an ongoing third-party security audit.
- 21 czerwca 2019Dell urges users to update the vulnerable SupportAssist tool built into its business and home machines. The privilege escalation vulnerability could allow hackers control over Dell computers running Windows, if left unpatched.
- 20 czerwca 2019Oracle published an out-of-band security alert advisory on CVE-2019-2729, a zero-day deserialization vulnerability via XMLDecoder in Oracle WebLogic Server Web Services.
Critical Linux and FreeBSD Vulnerabilities Found by Netflix, Including One That Induces Kernel Panic18 czerwca 2019A Netflix researcher uncovered four critical vulnerabilities — CVE-2019-11477, CVE-2019-11478, CVE-2019-5599, and CVE-2019-11479 — within the TCP implementations on Linux and FreeBSD kernels.
- 14 czerwca 2019Two hacking groups have been spotted attacking vulnerable Exim email servers, trying to exploit CVE-2019-10149. One group uses a public internet server, and another a server on the dark web.
- 31 maja 2019A security researcher, going by the handle SandboxEscaper, published an exploit code for a zero-day vulnerability in Windows' Task Scheduler utility. Here's what you need to know.
- 29 maja 2019Almost a million systems are reportedly vulnerable to BlueKeep (CVE-2019-0708), a critical vulnerability in remote desktop services. Here are some best practices that can help defend against threats that may exploit it.
- 15 maja 2019Researchers reported new side-channel attacks — ZombieLoad, Fallout, and Rogue In-Flight Data Load (RIDL) — that can leak data being processed by vulnerable Intel processors. Here's what you need to know.
- 10 maja 2019Threat actors were found exploiting CVE-2018-1000861, a vulnerability in the Stapler web framework that is used by the Apache Jenkins open-source software development automation server with versions 2.153 and earlier.