GitHub Security Lab audited DataHub: Here’s what they found
At GitHub, we really care about open source security and love to help maintainers to secure their code. That is indeed the mission of the GitHub Security Lab. As users of open source software (OSS), w ...
Continue Reading
March 03, 2023
PHP vulnerabilities
## Releases * Ubuntu 16.04 ESM ## Packages * php7.0 - HTML-embedded scripting language interpreter It was discovered that PHP incorrectly handled certain gzip files. An attacker could possibly use ...
Continue Reading
March 02, 2023
PHP vulnerabilities
## Releases * Ubuntu 16.04 ESM ## Packages * php7.0 - HTML-embedded scripting language interpreter It was discovered that PHP incorrectly handled certain gzip files. An attacker could possibly use ...
Continue Reading
March 02, 2023
Wordfence Intelligence CE Weekly WordPress Vulnerability Report (Feb 20, 2023 to Feb 26, 2023)
Wordfence has curated an industry leading vulnerability database with all known WordPress core, theme, and plugin vulnerabilities known as [Wordfence Intelligence Community Edition](). This database ...
Continue Reading
March 02, 2023
Wordfence Intelligence CE Weekly WordPress Vulnerability Report (Feb 20, 2023 to Feb 26, 2023)
Wordfence has curated an industry leading vulnerability database with all known WordPress core, theme, and plugin vulnerabilities known as [Wordfence Intelligence Community Edition](). This database ...
Continue Reading
March 02, 2023
RHEL 7 : Red Hat Single Sign-On 7.6.2 security update on RHEL 7 (Important) (RHSA-2023:1043)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:1043 advisory. - bootstrap: Cross-site Scripting (XSS) i ...
Continue Reading
March 02, 2023
RHEL 8 : Red Hat Single Sign-On 7.6.2 security update on RHEL 8 (Important) (RHSA-2023:1044)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:1044 advisory. - bootstrap: Cross-site Scripting (XSS) i ...
Continue Reading
March 02, 2023
RHEL 9 : Red Hat Single Sign-On 7.6.2 security update on RHEL 9 (Important) (RHSA-2023:1045)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:1045 advisory. - bootstrap: Cross-site Scripting (XSS) i ...
Continue Reading
March 02, 2023
Privilege Escalation
github.com/mosn/mosn is vulnerable to Privilege Escalation. The vulnerability exists due to the `prefixMatcher` function in `matcher.go` while using JWT authorization, which is case-sensitive to the p ...
Continue Reading
March 01, 2023
Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS : PHP vulnerabilities (USN-5902-1)
The remote Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5902-1 advisory. - In PHP 8.0.X before 8.0.28, ...
Continue Reading
March 01, 2023
