The following SCAP content has been released to SCAP Repo and SecPod Saner Solution. SecPod Saner will automatically pull the relevant content on its next scheduled update. oval:org.secpod.oval:def:1502554 CVE-2019-11707 CVE-2019-11708 ELSA-2019-1604 ELSA-2019-1604 — Oracle firefox oval:org.secpod.oval:def:1502555 CVE-2019-11707 CVE-2019-11708 ELSA-2019-1603 ELSA-2019-1603 — Oracle firefox oval:org.secpod.oval:def:1801469 10314 CVE-2019-10691 [3.8] dovecot: Mishandling invalid UTF-8 characters by JSON encoder […]

Read More →

The following SCAP content has been released to SCAP Repo and SecPod Saner Solution. SecPod Saner will automatically pull the relevant content on its next scheduled update. oval:org.secpod.oval:def:116787 FEDORA-2019-fd116d3002 FEDORA-2019-fd116d3002 — Fedora 30 thunderbird-60.7.2-2.fc30 oval:org.secpod.oval:def:116788 CVE-2019-11068 FEDORA-2019-e74d639587 FEDORA-2019-e74d639587 — Fedora 29 libxslt-1.1.33-1.fc29 oval:org.secpod.oval:def:116789 CVE-2019-11708 FEDORA-2019-53e4772bb8 FEDORA-2019-53e4772bb8 — Fedora 29 firefox-67.0.4-1.fc29 oval:org.secpod.oval:def:116790 CVE-2019-11708 FEDORA-2019-1ae01e6688 FEDORA-2019-1ae01e6688 — […]

Read More →

Privilege Escalation Vulnerabilities are a dime a dozen these days. But, what if an attacker could take control of an application which runs with the highest privileges? Then it’s an apocalypse! A flaw in an application running with administrator privileges has left millions of Dell PCs vulnerable. What is Dell SupportAssist? Dell SupportAssist is a […]

Read More →

A campaign targeting government organizations in Central Asia was discovered delivering a backdoor named HAWKBALL. This backdoor can collect information from the victim’s system and it can also deliver various payloads. It offers an attacker a range of malicious capabilities including examining the host, executing native Windows commands, terminating processes, creating, deleting files, uploading files, […]

Read More →

image credit: blogs.oracle.com Oracle has released an out-of-band security update to address a critical vulnerability in Oracle WebLogic Server. A deserialization flaw allows remote code execution and is tracked with CVE-2019-2729. This vulnerability is rated critical and is found to be exploited in-the-wild. The vulnerability exists due to a deserialization flaw in XMLDecoder in Oracle […]

Read More →

Exim, one of the most popular open source mail transfer agent (MTA) in Linux systems, is now being exploited by attackers all over the world. Currently, more than 3.5 million servers are at risk worldwide. The critical vulnerability which is already fixed by the vendor has still not been patched in most of the operating […]

Read More →