December 20, 2021
Linux Vulnerabilities of the Week: December 20, 2021 1. Apache Log4j logging library vulnerability Severity: Critical CVSS Score: 10.0 This is a flaw in Apache that allows an attacker who can control log messages or log message parameters to execute...
December 15, 2021
December Patch Tuesday 2021 Fixes 67 Vulnerabilities December Patch Tuesday Arrives with 67 Fixes There are 7 Critical (one more than last month) and 60 Important fixes in this release. Updates were included for Microsoft Windows and Windows Components, ASP.NET Core...
December 6, 2021
Linux Vulnerabilities of the Week: December 6, 2021 1. CSRF token bypass in Mailman (<2.1.38) Severity: Important CVSS Score: 8.8 A Cross-Site Request Forgery (CSRF) attack can be performed in GNU Mailman due to a CSRF token bypass. CSRF tokens...
December 1, 2021
Linux Vulnerabilities of the Week: November 30, 2021 1. A heap buffer overflow in Redis (>2.6) Severity: Important CVSS Score: 8.8 Redis is an open-source, in-memory database that persists on disk. In affected versions Specially crafted Lua scripts executing in...
November 23, 2021
Linux Vulnerabilities of the Week: November 22, 2021 1. Out-of-bounds write to memory in FreeRDP Severity: Important CVSS Score: 8.8 This is a flaw in the FreeRDP, a free implementation of the Remote Desktop Protocol (RDP), released under the Apache...
November 16, 2021
Linux Vulnerabilities of the Week: November 15, 2021 1. Possible trojan source attacks in the Unicode Specification (through 14.0) Severity: Critical CVSS Score: 9.8 This is a flaw in the way Unicode standards are implemented in the context of development...
November 8, 2021
Top Linux Vulnerabilities for November 2021 1. Buffer overflow in Golang (<1.16.9) Severity: Critical CVSS Score: 9.8 This is a validation flaw in Golang. When invoking functions from WASM modules built using GOARCH=wasm GOOS=js, passing very large arguments can cause...
November 2, 2021
Linux Vulnerabilities of the Week: November 1, 2021 1. Unsafe deserialization of Xalan xsltc.trax.TemplatesImpl in XStream Severity: Important CVSS Score: 8.8 XStream is a simple library, used to serialize objects to XML and back again. This is a flaw in...
October 25, 2021
Linux Vulnerabilities of the Week: October 25, 2021 1. Buffer overflow in Golang (<1.16.9) Severity: Critical CVSS Score: 9.8 This is a validation flaw in Golang. When invoking functions from WASM modules built using GOARCH=wasm GOOS=js, passing very large arguments...
October 18, 2021
Linux Vulnerabilities of the Week: October 18, 2021 1. Apache HTTP server vulnerability Severity: Critical CVSS Score: 9.8 This is a path transversal and remote code execution flaw in Apache HTTP Server 2.4.49 and 2.4.50, which a remote attacker could...