Joomla has released security updates to address the following vulnerabilities: a) Medium Priority – Core – LDAP Information Disclosure (affecting Joomla! 1.5.0 through 3.8.1) b) Medium Priority – Core – Two-Factor Authentication Bypass (affecting Joomla! 3.2.0 through 3.8.1) c) Low Priority – Core – Information Disclosure (affecting Joomla! 3.7.0 through 3.8.1) Further information on these […]
Multiple vulnerabilities have been discovered in Google Android OS, the most severe of which could allow for arbitrary code execution within the context of a privileged process. Details of these vulnerabilities are as follows: a) Multiple elevation of privilege vulnerabilities in Framework – (CVE-2017-0830, CVE-2017-0831) b) Multiple arbitrary code execution vulnerabilities in Media Framework – […]
Cisco has released security updates to address vulnerabilities affecting multiple products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. Information on the products affected and how they can be fixed can be found on the Cisco Website via the following links: a) Wireless LAN Controller 802.11v Basic […]
Multiple vulnerabilities have been discovered in iCloud for Windows, iOS, iTunes for Windows, macOS High Sierra, Siera, El Capitan, Safari, tvOS and watchOS, the most severe of which could allow for arbitrary code execution. Details of these vulnerabilities are as follows: – Multiple memory corruption issues were addressed with improved memory handling – (CVE-2017-7132) – […]
Multiple vulnerabilities have been discovered in OpenOffice, which could allow for arbitrary code execution. OpenOffice is an open-source productivity software suite that contains a word processor, spreadsheet application, presentation application, drawing application, formula editor, and a database management application. Details regarding these vulnerabilities are as below: a) A vulnerability in the OpenOffice Writer DOC file […]
Multiple vulnerabilities have been discovered in PHP, the most severe of which could allow an attacker to execute arbitrary code. Details of these vulnerabilities are as below: Version 7.1.11 Bug #75241 (Null pointer dereference in zend_mm_alloc_small()). Bug #75236 (infinite loop when printing an error-message). Bug #75252 (Incorrect token formatting on two parse errors in one […]
Multiple vulnerabilities have been discovered in Google Chrome, the most severe of which could result in arbitrary code execution. These vulnerabilities can be exploited if a user visits, or is redirected to, a specially crafted web page. Details of the vulnerabilities are as follows: a)UXSS with MHTML – (CVE-2017-5124) b)Heap overfin Skia – (CVE-2017-5125) c) […]
Oracle has released its Critical Patch Update for October 2017 to address 252 vulnerabilities across multiple products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. Information on these vulnerabilities and how they can be fixed can be found on the Oracle Website at http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html
Multiple vulnerabilities have been discovered in Microsoft products, the most severe of which could allow for code execution. Successful exploitation of the most severe of these vulnerabilities could result in an attacker gaining the same privileges as the logged on user. Depending on the privileges associated with the user, an attacker could then install programs; […]
Multiple vulnerabilities have been discovered in Netgear products, the most severe of which could allow for arbitrary code execution. Netgear is a manufacturer of networked devices such as Network Attached Storage (NAS), routers, switches, cable and DSL modems, and video cameras. Successful exploitation of the most severe of these vulnerabilities could allow an attacker to […]
