SaltStack Salt is a very popular open-source remote task and configuration management framework widely used in data centers and cloud environments. Two critical security flaws have been discovered in Salt that can allow an attacker to execute arbitrary commands as root. These vulnerabilities are identified as CVE-2020-11651 and CVE-2020-11652, and are of two different classes […]

Read More →

OpenBSD is a free and open-source Unix-like operating system based on the Berkeley Software Distribution (BSD). It is widely regarded as one of the most secure operating systems available due to many of its security features. Security researchers at Qualys Research Labs have discovered four high-severity security vulnerabilities in OpenBSD, which include one authentication bypass […]

Read More →

iTerm2 is one of the most popular macOS terminal emulator and is a default choice for developers and administrators due to its extensive features like windows transparency, full-screen mode, notifications, integration with tmux etc. A critical remote code execution vulnerability has been discovered in iTerm2 by Radically Open Security, as part of an independent security […]

Read More →

A critical remote code execution (RCE) vulnerability affecting one of the widely used internet forum software vBulletin has been publicly disclosed. The vulnerability is identified with CVE-2019-16759 and allows an attacker to execute any command on the website like uploading malware, uploading shells or tampering with the website’s code. This vulnerability is believed to be […]

Read More →

Squid is an open-source web caching and Internet proxy application which is widely used for speeding up the webserver and aiding in its security. A heap buffer overflow vulnerability has been discovered in some versions of the Squid web proxy cache servers. This vulnerability is tracked as CVE-2019-12527 and could be exploited by attackers to […]

Read More →

ProFTPd is an open-source, cross-platform FTP server and is one among the most popular FTP servers used in Unix-like environments. It comes pre-installed with many Linux and Unix distributions and is used by a number of popular businesses and websites including SourceForge, Samba and Slackware. An improper access control vulnerability has been discovered in ProFTPD, […]

Read More →