სისუსტეები
Drupal team announced a security advisory for a vulnerability
(CVE-2018-7600) reported by Jasper Mattsson and rated as Highly Critical
with a score of 21/25 based on the NIST Common Misuse Scoring System. A
remote code execution vulnerability exists within multiple subsystems
of Drupal 7.x and 8.x. This potentially allows attackers to exploit
multiple attack vectors on a Drupal site. Successful exploitation could
lead to a potential compromise of the web application and possibly the
underlying operating system as well.
25 აპრილი, 2018
On February 05, 2018, Devcore Security Consulting discovered a buffer
overflow vulnerability in the base64 decode function of Exim message
transfer agent. On March 06, 2018, Exim released a security advisory
about the issue, confirming potential remote code execution that could
be triggered by sending a handcrafted message. The issue has been fixed
in version 4.90.1 of Exim and no alternative mitigation is known.
25 აპრილი, 2018
On January 31, 2018, KrCERT/CC released a security alert regarding a
vulnerability in Adobe Flash Player. Regarding this issue, Adobe Systems
has also released a security advisory about the vulnerability
(CVE-2018-4878). According to Adobe, the vulnerability is being
exploited in the wild. As of February 6th, 2017 a patch from Adobe is
available.
25 აპრილი, 2018