Persistent Cross-Site Scripting in All in One SEO Pack #WordPress Plugin
Critical: #glibc remote code execution possible
A stored Cross-Site Scripting #vulnerability was found in the Bot Blocker functionality of the All in One SEO Pack #WordPress Plugin (1+ million active installs). This issue allows an attacker to perform a wide variety of actions, such as stealing Administrators’ session tokens, or performing arbitrary actions on their behalf. More info: http://s.ibscc.net/zZM5r
#Secure your data in the #cloud!
Investigations showed that the issue affected all the versions of #glibc since 2.9. You should definitely update if you are on an older version though. If the #vulnerability is detected, machine owners may wish to take steps to mitigate the risk of an attack. The glibc #DNS client side resolver is vulnerable to a stack-based […]
#OpenSSL #Security #Patch available
Are you ready to #secure your data in the #cloud? Create your #Boxcryptor account today and #encrypt your cloud storage for free! Use https://www.boxcryptor.com/app/referral/?code=3YmVhrfDKOFqfP94 to register for free.
#0-day local privilege escalation #vulnerability in the #Linux kernel
#OpenSSL #Security #Patch available Severity: High Historically OpenSSL usually only ever generated DH parameters based on “safe” primes. More recently (in version 1.0.2) support was provided for generating X9.42 style parameter files such as those required for RFC 5114 support. The primes used in such files may not be “safe”. Where an application is using […]
#0-day local privilege escalation #vulnerability in the #Linux kernel The Perception Point Research team has identified a #0-day local privilege escalation #vulnerability in the #Linux kernel. The vulnerability has existed since 2012 and has implications for approximately tens of millions of #Linux PCs and servers, and 66 percent of all #Android devices (phones/tablets). More information: […]