This November, Microsoft released monthly security patches covering total 63 vulnerabilities, with 12 of them rated critical, 47 are rated Important, one is rated Moderate and three are Low in Severity. These vulnerabilities impact Internet Explorer, Microsoft Edge, Microsoft Windows, Microsoft Office, and Microsoft Office Services and Web Apps, ChakraCore, .NET Core, Skype for Business, […]

Read More →

A critical remote code execution vulnerability affecting popular web application framework Apache Struts has been discovered. The vulnerability is in the core of the application and exists due to insufficient validation of user-provided untrusted inputs under certain configurations. This vulnerability is identified by CVE-2018-11776. This Remote Code Execution vulnerability poses a huge risk as the […]

Read More →

  Today Microsoft released regular monthly patches, fixing a total of 50 vulnerabilities. Among these Microsoft rated 11 as Critical and rest 39 as Important. These vulnerabilities impact Internet Explorer, Microsoft Edge, Microsoft Windows, Microsoft Exchange Server, ASP.NET Core, .NET Core, PowerShell Core, ChakraCore, Microsoft Office, and Microsoft Office Services and Web Apps. This month […]

Read More →

  Five hours! Five hours! That’s how long it took for hackers to exploit Drupal vulnerability (CVE-2018-7602) after the patches were released. This time, instead of releasing the patches straight away, Drupal dropped a PSA(Public Service Announcement) approximately two days before releasing the updates to get the website owners and developers ready to patch out […]

Read More →

  Oracle WebLogic Server is a Java EE application server currently developed by Oracle Corporation. A configured instance to host applications and resources. Oracle in October 2017 published a critical arbitrary code execution vulnerability concerning Oracle WebLogic and assigned cve CVE-2017-10271. The critical Java deserialization vulnerability in WebLogic’s ‘WLS Security’ subcomponent was the result of […]

Read More →

  More than a million active websites use Drupal, making it the second most used content management system worldwide after WordPress. On March 28, 2018, Drupal released security patches for versions 6 to 8 suggesting to update immediately and marking the underlying vulnerability (CVE-2018-7600) as critical with remote code execution. The scanning and attacks on […]

Read More →