Cyber Security Newsfeeds from around the world
This week, Google Paid Out $3.4 Million for Vulnerabilities Reported in 2018, Hackers Target WordPress Sites via WP Cost Estimation Plugin, Facebook paid $25,000 for CSRF exploit that leads to Account Takeover, and PoC Exploit Code for Recent Container…
Continue Reading1) Privilege escalation Description. The vulnerability allows a local attacker to escalate privileges on the system. The vulnerability exists in i915_gem_execbuffer2_ioctl in drivers/gpu/drm/i915/i915_gem_execbuffer.c due to a provided address with acc…
Continue ReadingLinux kernel: information disclosure via BPF Pointer Arithmetic Synthesis of the vulnerability An attacker can bypass access restrictions to data via BPF Pointer Arithmetic of the Linux kernel, in order to obtain sensitive information. Vulnerable syste…
Continue ReadingLinux kernel: use after free via bc_svc_process Synthesis of the vulnerability An attacker can force the usage of a freed memory area via bc_svc_process() of the Linux kernel, in order to trigger a denial of service, and possibly to run code. Impacted …
Continue ReadingThe Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a database and tools to fix them.
Linux kernel: use after free via nested_get_vmcs12_pages Synthesis of the vulnerability An attacker, insi…
Continue Reading#################################################################### # Exploit Title : Joomla JWallPapers Components 2.0.1 CSRF Backdoor Access Vulnerability # Author [ Discovered By ] : KingSkrupellos # Team : Cyberizm Digital Security Army # Date : 1…
Continue ReadingRedhat Enterprise Linux Server 7 Redhat Enterprise Linux for Power, little endian 7 Redhat Enterprise Linux for Power 9 7 Redhat Enterprise Linux for IBM z Systems 7 Redhat Enterprise Linux for IBM System z (Structure A) 7 Redhat Enterprise Linux for A…
Continue Reading18 February 2019 systemd vulnerability. A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 18.10; Ubuntu 18.04 LTS; Ubuntu 16.04 LTS Summary. systemd could be made to crash if it received specially a crafted D-Bus message. So…
Continue ReadingA runtime used to support Docker and Linux container engines suffered a vulnerability the past few days. An attack could consequently compromise the entire infrastructure. Polish researchers Adam Iwaniuk et al discovered vulnerability CVE-2019-5736. Th…
Continue ReadingLinux kernel: buffer overflow via usb_get_extra_descriptor Synthesis of the vulnerability An attacker can generate a buffer overflow via usb_get_extra_descriptor() of the Linux kernel, in order to trigger a denial of service, and possibly to run code. …
Continue Reading