Security Vulnerabilities - Page 12

Discover Security Vulnerabilities News

Critical Risk of Code Execution in CloudLinux Imunify360 Explored

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

CloudLinux’s security platform for Linux-based websites and web servers contains a high-severity PHP deserialization bug, leaving web servers vulnerable to code execution and tekeover.

Brittany Day
Nov 26, 2021

Critical Vulnerability in Linux Kernel Enables Remote Takeover

A critical Linux kernel bug (CVE-2021-43267) exists in a TIPC message type that allows Linux nodes to send cryptographic keys to each other, and could allow remote takeover.

Brittany Day
Nov 05, 2021

CISA warns of remote code execution vulnerability with Discourse

The CISA recently urged developers to update Discourse versions 2.7.8 and earlier, warning of a critical remote code execution (RCE) vulnerability (CVE-2021-41163) discovered in the platform.

Brittany Day
Oct 28, 2021

LibreOffice and OpenOffice Address Document Spoofing Vulnerability

LibreOffice and OpenOffice have pushed updates to address a vulnerability that makes it possible for an attacker to manipulate documents to appear as signed by a trusted source. "Allowing anyone to sign macro-ridden documents themselves, and make them appear as trustworthy, is an excellent way to trick users into running malicious code."

Brittany Day
Oct 12, 2021

Code Execution Bug Affects Yamale Python Package — Used by Over 200 Projects

A high-severity code injection vulnerability has been disclosed in 23andMe's Yamale, a schema and validator for YAML, that could be trivially exploited by adversaries to execute arbitrary Python code.The flaw, tracked as CVE-2021-38305 (CVSS score: 7.8), involves manipulating the schema file provided as input to the tool to circumvent protections and achieve code execution.

Brittany Day
Oct 07, 2021

Apache HTTP Server Project patches exploited zero-day vulnerability

Developers behind the Apache HTTP Server Project are urging users to apply a fix immediately to resolve a zero-day vulnerability.

Dave Wreski
Oct 07, 2021

Latest Ubuntu Linux Kernel Security Updates Fix 12 Vulnerabilities, Patch Now

An Ubuntu Linux kernel security update fixes 12 security vulnerabilities affecting the Linux 5.4 LTS kernel in Ubuntu 20.04 LTS and Ubuntu 18.04 LTS systems, as well as the Linux 5.11 kernel in Ubuntu 21.04 systems on all supported architectures and platforms.

Brittany Day
Sep 29, 2021

Apache OpenOffice can be hijacked by malicious documents, fix still in beta

Apache OpenOffice (AOO) is currently vulnerable to a remote code execution vulnerability (CVE-2021-33035) recently discovered by security researcher Eugene Lim, and while the app's source code has been patched, the fix has only been made available as beta software and awaits an official release.

Brittany Day
Sep 21, 2021

OMIGOD: Azure users running Linux VMs need to update now

Azure users running Linux VMs may not be aware they have a severely vulnerable piece of management software installed on their machine by Microsoft, which can be remotely exploited in an incredibly surprising and equally stupid way. "This is a textbook RCE vulnerability that you would expect to see in the 90's -- it's highly unusual to have one crop up in 2021 that can expose millions of endpoints," Wiz security researcher Nir Ohfeld wrote.

Brittany Day
Sep 15, 2021

Canonical Pushes New Ubuntu Kernel Updates to All Supported Releases

Canonical has published Linux kernel updates for all of its supported Ubuntu releases to address several security vulnerabilities discovered in the upstream Linux kernels that could lead to privilege escalation attacks, the execurtion of arbitrary code, the exposure of sensitive information and system crash. Update now!

Brittany Day
Jul 23, 2021

New Windows and Linux Flaws Give Attackers Highest System Privileges

Recently discovered flaws impacting Linux and Windows users alike could give attackers the highest system privileges. Remediations have been released for a security shortcoming affecting all Linux kernel versions from 2014 that can be exploited by malicious users and malware already deployed on a system to gain root-level privileges.

Brittany Day
Jul 21, 2021

Patch your Linux, hackers are actively exploiting the “Dirty COW” flaw

Hackers are exploiting a dangerous privilege escalation Linux kernel security flaw known as “Dirty COW” to hijack vulnerable systems. Patch now!

Brittany Day
Jul 19, 2021

Why Linux’s biggest strength is also its biggest weakness

Learn about the positives and negatives of Linux's peculiar patching process.

Brittany Day
Jul 12, 2021

Major Linux RPM problem uncovered

Red Hat has used RPM for software package distribution for decades, but thanks to CloudLinux developer Dmitry Antipov we now know that RPM contained a nasty hidden security bug since Day One. A repair patch for this major security hole has been submitted, but Antipov fears that it may be months before the fix is released.

Brittany Day
Jul 01, 2021

Ubuntu 21.04 Users Get Major Kernel Security Update, 17 Vulnerabilities Patched

Canonical has released a new major Linux kernel security update for Ubuntu 21.04 (Hirsute Hippo), patching a total of 17 security vulnerabilities!

Brittany Day
Jun 25, 2021

Unpatched Flaw in Linux Pling Store Apps Could Lead to Supply-Chain Attacks

Cybersecurity researchers have disclosed a critical unpatched vulnerability affecting Pling-based free and open-source software (FOSS) marketplaces for Linux platform that could be potentially abused to stage supply-chain attacks and achieve remote code execution (RCE). This discovery highlights the fact that developers of such applications must put in a high level of scrutiny to ensure their security.

Brittany Day
Jun 23, 2021

RHEL and CentOS 7 Users Get New Kernel Security Update to Fix Intel Graphics Flaws

RHEL (Red Hat Enterprise Linux) and CentOS Linux 7 users have received a new Linux kernel security update fixing several vulnerabilities affecting the Intel graphics drivers.

Brittany Day
Jun 18, 2021

Firefox 89.0.1 Released to Improve WebRender Performance, Fix Scrollbars on GTK Themes

Mozilla has released Firefox 89.0.1 to fix various bugs and regressions affecting Linux systems. This is a highly recommended update for all users!

Brittany Day
Jun 18, 2021

Seven Year Old Privilege Escalation Vulnerability Found In Some Linux Distros, Patch Now

A seven-year-old Linux local privilege escalation bug has reared its head and finally gotten a fix. When it was available, exploiting the vulnerability in the polkit authentication service could have allowed attackers to get a root shell on several actively-used Linux distros including RHEL 8, Fedora 21 or later and Ubuntu 20.04. Patch now!

Brittany Day
Jun 14, 2021

Linux system service bug lets you get root on most modern distros

Unprivileged attackers can get a root shell by exploiting an authentication bypass vulnerability in the polkit auth system service installed by default on many modern Linux distributions. This polkit local privilege escalation bug (tracked as CVE-2021-3560) was publicly disclosed, and a fix was released on June 3, 2021.

Brittany Day
Jun 11, 2021

Security Vulnerabilities - Page 12

Chrome 131 Released: Emergency Security Update Fixes Over a Dozen Significant Vulns

Easily Exploitable 10-Year-Old needrestart Utility Flaws Allow Root Access

7-Zip Users Beware: Urgent Update Needed to Fix Code Execution Security Flaw