iTerm2 is one of the most popular macOS terminal emulator and is a default choice for developers and administrators due to its extensive features like windows transparency, full-screen mode, notifications, integration with tmux etc. A critical remote code execution vulnerability has been discovered in iTerm2 by Radically Open Security, as part of an independent security […]

Read More →

A critical remote code execution (RCE) vulnerability affecting one of the widely used internet forum software vBulletin has been publicly disclosed. The vulnerability is identified with CVE-2019-16759 and allows an attacker to execute any command on the website like uploading malware, uploading shells or tampering with the website’s code. This vulnerability is believed to be […]

Read More →

Microsoft released its Patch Tuesday security updates today, revised 80 common vulnerabilities and exposures (CVEs) in the family of Windows operating systems and other products. Out of these 17 are classified as “Critical“, 61 as “Important”, and 1 as “Moderate“. While most of the “Critical” rated vulnerabilities influence the scripting engines and browsers in an […]

Read More →

Squid is an open-source web caching and Internet proxy application which is widely used for speeding up the webserver and aiding in its security. A heap buffer overflow vulnerability has been discovered in some versions of the Squid web proxy cache servers. This vulnerability is tracked as CVE-2019-12527 and could be exploited by attackers to […]

Read More →

image credit: blogs.oracle.com Oracle has released an out-of-band security update to address a critical vulnerability in Oracle WebLogic Server. A deserialization flaw allows remote code execution and is tracked with CVE-2019-2729. This vulnerability is rated critical and is found to be exploited in-the-wild. The vulnerability exists due to a deserialization flaw in XMLDecoder in Oracle […]

Read More →

Exim, one of the most popular open source mail transfer agent (MTA) in Linux systems, is now being exploited by attackers all over the world. Currently, more than 3.5 million servers are at risk worldwide. The critical vulnerability which is already fixed by the vendor has still not been patched in most of the operating […]

Read More →