A critical remote code execution vulnerability affecting popular web application framework Apache Struts has been discovered. The vulnerability is in the core of the application and exists due to insufficient validation of user-provided untrusted inputs under certain configurations. This vulnerability is identified by CVE-2018-11776. This Remote Code Execution vulnerability poses a huge risk as the […]

Read More →

  Today Microsoft released regular monthly patches, fixing a total of 50 vulnerabilities. Among these Microsoft rated 11 as Critical and rest 39 as Important. These vulnerabilities impact Internet Explorer, Microsoft Edge, Microsoft Windows, Microsoft Exchange Server, ASP.NET Core, .NET Core, PowerShell Core, ChakraCore, Microsoft Office, and Microsoft Office Services and Web Apps. This month […]

Read More →

  Five hours! Five hours! That’s how long it took for hackers to exploit Drupal vulnerability (CVE-2018-7602) after the patches were released. This time, instead of releasing the patches straight away, Drupal dropped a PSA(Public Service Announcement) approximately two days before releasing the updates to get the website owners and developers ready to patch out […]

Read More →

  Oracle WebLogic Server is a Java EE application server currently developed by Oracle Corporation. A configured instance to host applications and resources. Oracle in October 2017 published a critical arbitrary code execution vulnerability concerning Oracle WebLogic and assigned cve CVE-2017-10271. The critical Java deserialization vulnerability in WebLogic’s ‘WLS Security’ subcomponent was the result of […]

Read More →

  More than a million active websites use Drupal, making it the second most used content management system worldwide after WordPress. On March 28, 2018, Drupal released security patches for versions 6 to 8 suggesting to update immediately and marking the underlying vulnerability (CVE-2018-7600) as critical with remote code execution. The scanning and attacks on […]

Read More →

Today Microsoft released regular patches fixing a total of 75 vulnerabilities. Among these Microsoft rated 14 CVEs as Critical and rest 61 as Important.¬†These vulnerabilities impact¬†Internet Explorer, Microsoft Edge, Microsoft Windows, Microsoft Exchange Server, ASP.NET Core, .NET Core, PowerShell Core, ChakraCore, Microsoft Office, and Microsoft Office Services and Web Apps. This Patch Tuesday major critical […]

Read More →