Two new critical vulnerabilities have been discovered affecting every processor since 1995, which allow malicious programs to steal information from other programs memory. These vulnerabilities are named as Meltdown (CVE-2017-5754) and Spectre (CVE-2017-5753 and CVE-2017-5715). Meltdown and Spectre vulnerabilities affect all processors since 1995 including AMD, ARM, and Intel.┬áThese vulnerabilities allow an attacker to access […]

Read More →

The following SCAP content has been released to SCAP Repo and SecPod Saner Solution. SecPod Saner will automatically pull the relevant content on its next scheduled update. oval:org.secpod.oval:def:1600754 ALAS-2017-889 CVE-2017-1000099 CVE-2017-1000100 CVE-2017-1000101 ALAS-2017-889 —- curl oval:org.secpod.oval:def:1600755 ALAS-2017-881 CVE-2017-6508 ALAS-2017-881 —- wget oval:org.secpod.oval:def:1600756 ALAS-2017-876 CVE-2017-0553 ALAS-2017-876 —- libnl3 oval:org.secpod.oval:def:1600757 ALAS-2017-880 CVE-2016-7798 ALAS-2017-880 —- ruby23 oval:org.secpod.oval:def:1600759 ALAS-2017-878 […]

Read More →

The following SCAP content has been released to SCAP Repo and SecPod ANCOR. SecPod Saner will automatically pull the relevant content on its next scheduled update. oval:org.secpod.oval:def:41603 CVE-2017-3085 Security Bypass vulnerability in Adobe Flash Player – CVE-2017-3085 oval:org.secpod.oval:def:41604 CVE-2017-3106 Type confusion vulnerability in Adobe Flash Player – CVE-2017-3106 oval:org.secpod.oval:def:41605 APSB17-23 CVE-2017-3085 CVE-2017-3106 Multiple vulnerabilities in […]

Read More →

Privilege escalation is the method of exploiting a bug, design flaw or configuration issues in an operating system or software application to gain access to resources that are restricted to be used by other users. An independent researcher Dawid Golunski exposed a privilege escalation vulnerability (CVE-2016-5616/CVE-2016-6663) present in MySQL, MariaDB and PerconaDB databases. This issue […]

Read More →

A new massive threat is making its rounds in the security world. A tricky yet nasty piece of ransomware called Fantom. Many organizations are being infected with this ransomware. But luckily, there are definite ways to evade it and also ways to mitigate the damage without letting the troublemakers win. Fantom ransomware is a devious […]

Read More →

The following SCAP content has been released to SCAP Repo and SecPod ANCOR. SecPod Saner will automatically pull the relevant content on its next scheduled update. oval:org.secpod.oval:def:38036 CVE-2016-5199 Heap corruption vulnerability in the FFmpeg in Google Chrome via unspecified vectors (Mac OS X) oval:org.secpod.oval:def:38037 CVE-2016-5200 Out of bounds memory access vulnerability in the V8 in […]

Read More →