Zero Day in jQuery Plugin Impacts Thousands of Applications
Thousands of projects are possibly impacted by a jQuery File Upload plugin vulnerability that has been actively exploited in the wild, a security researcher has discovered. Tracked as CVE-2018-9206, the…
Read MoreFlaw in Media Library Impacts VLC, Other Software
A serious vulnerability in the LIVE555 Streaming Media RTSP server affects popular applications, including VLC, MPlayer and others, Cisco Talos has discovered. Developed by Live Networks, Inc, LIVE555 Streaming Media…
Read MoreRecent Branch.io Patch Creates New XSS Flaw
The patch for a recently disclosed cross-site scripting (XSS) vulnerability in Branch.io introduced another similar flaw, a security researcher revealed last week. California-based Branch.io provides customers with solutions that help…
Read MoreTTCSIRT-175.102218: TT-CSIRT Advisory – Cisco Security Updates
Cisco has released a security update stating that it discovered a vulnerability where libssh could allow an unauthenticated, remote attacker to bypass authentication on a targeted system. The issue is…
Read MoreTTCSIRT-174.102218: TT-CSIRT Advisory – Drupal Security Updates
Drupal has released a security update stating that the following vulnerabilities have been discovered in the Drupal Core Module: a) Content Moderation fails in certain circumstances to check user access…
Read MoreTTCSIRT-173.101618: TT-CSIRT Advisory – PHP Security Updates
PHP has released a security update stating that the following vulnerabilities have been discovered in PHP ver 7.2.11 & 7.1.23: a) Bug #66828 – (iconv_mime_encode Q-encoding longer than it should…
Read More