Alerts & Advisories

Zero Day in jQuery Plugin Impacts Thousands of Applications

Thousands of projects are possibly impacted by a jQuery File Upload plugin vulnerability that has been actively exploited in the wild, a security researcher has discovered. Tracked as CVE-2018-9206, the…

Read More
Flaw in Media Library Impacts VLC, Other Software

A serious vulnerability in the LIVE555 Streaming Media RTSP server affects popular applications, including VLC, MPlayer and others, Cisco Talos has discovered. Developed by Live Networks, Inc, LIVE555 Streaming Media…

Read More
Recent Branch.io Patch Creates New XSS Flaw

The patch for a recently disclosed cross-site scripting (XSS) vulnerability in Branch.io introduced another similar flaw, a security researcher revealed last week. California-based Branch.io provides customers with solutions that help…

Read More
TTCSIRT-175.102218: TT-CSIRT Advisory – Cisco Security Updates

Cisco has released a security update stating that it discovered a vulnerability where libssh could allow an unauthenticated, remote attacker to bypass authentication on a targeted system. The issue is…

Read More
TTCSIRT-174.102218: TT-CSIRT Advisory – Drupal Security Updates

Drupal has released a security update stating that the following vulnerabilities have been discovered in the Drupal Core Module: a) Content Moderation fails in certain circumstances to check user access…

Read More
TTCSIRT-173.101618: TT-CSIRT Advisory – PHP Security Updates

PHP has released a security update stating that the following vulnerabilities have been discovered in PHP ver 7.2.11 & 7.1.23: a) Bug #66828 – (iconv_mime_encode Q-encoding longer than it should…

Read More