A critical remote code execution (RCE) vulnerability affecting one of the widely used internet forum software vBulletin has been publicly disclosed. The vulnerability is identified with CVE-2019-16759 and allows an attacker to execute any command on the website like uploading malware, uploading shells or tampering with the website’s code. This vulnerability is believed to be […]

Read More →

Apple has released a set of Security Updates to address the vulnerabilities in its products. There are a total of 5 CVEs. The affected products are MacOS, Safari, tvOS, iOS and WatchOS. CVE-2019-8641 is considered critical and is classified as out-of-bounds read (CWE-125), where an attacker can read data past the end, or before the […]

Read More →

Adobe released security updates for three vulnerabilities in ColdFusion. Two vulnerabilities are rated critical for arbitrary code execution and one is rated important for information disclosure. Adobe ColdFusion is a rapid development platform used for building modern web applications. As per the advisory, the vulnerabilities are outlined as follows: CVE-2019-8072 : An information disclosure vulnerability […]

Read More →

Microsoft has released out-of-band security updates to fix a critical remote code execution vulnerability in Microsoft Internet Explorer being exploited in-the-wild and a denial of service vulnerability in Microsoft Defender. CVE-2019-1367 is a zero-day  remote code execution vulnerability that exists in the way the scripting engine in Internet Explorer handles objects in memory. This is […]

Read More →

Google has released urgent updates for 4 vulnerabilities. One of the vulnerability is rated Critical and the other three are rated High in severity. As per the Chrome advisory, the vulnerabilities are : CVE-2019-13685 : A critical Use-after-free issue in UI. CVE-2019-13688 :  A Use-after-free issue in media. CVE-2019-13687 :  A Use-after-free issue in media. […]

Read More →

  phpMyAdmin is a free tool used by millions around the world to manage MySQL and MariaDB databases over the web. Joomla, WordPress, etc are some of the popular products which use phpMyAdmin. Manuel Garcia Cardenas, a security researcher, discovered a CSRF vulnerability which can meddle with the server configurations in phpMyAdmin. An attacker can […]

Read More →