News

Linux Vulnerabilities of the Week: December 20, 2021 1. Apache Log4j logging library vulnerability Severity: Critical         CVSS Score: 10.0 This is a flaw in Apache that allows an attacker who can control log messages or log message parameters to execute...

December Patch Tuesday 2021 Fixes 67 Vulnerabilities December Patch Tuesday Arrives with 67 Fixes There are 7 Critical (one more than last month) and 60 Important fixes in this release.  Updates were included for Microsoft Windows and Windows Components, ASP.NET Core...

Linux Vulnerabilities of the Week: December 6, 2021 1. CSRF token bypass in Mailman (<2.1.38) Severity: Important    CVSS Score: 8.8 A Cross-Site Request Forgery (CSRF) attack can be performed in GNU Mailman due to a CSRF token bypass. CSRF tokens...

Linux Vulnerabilities of the Week: November 30, 2021 1. A heap buffer overflow in Redis (>2.6) Severity: Important    CVSS Score: 8.8 Redis is an open-source, in-memory database that persists on disk. In affected versions Specially crafted Lua scripts executing in...

Linux Vulnerabilities of the Week: November 22, 2021 1. Out-of-bounds write to memory in FreeRDP  Severity: Important   CVSS Score: 8.8 This is a flaw in the FreeRDP, a free implementation of the Remote Desktop Protocol (RDP), released under the Apache...

Linux Vulnerabilities of the Week: November 15, 2021 1. Possible trojan source attacks in the Unicode Specification (through 14.0) Severity: Critical         CVSS Score: 9.8 This is a flaw in the way Unicode standards are implemented in the context of development...

Top Linux Vulnerabilities for November 2021 1. Buffer overflow in Golang (<1.16.9) Severity: Critical         CVSS Score: 9.8 This is a validation flaw in Golang. When invoking functions from WASM modules built using GOARCH=wasm GOOS=js, passing very large arguments can cause...

Linux Vulnerabilities of the Week: November 1, 2021 1. Unsafe deserialization of Xalan xsltc.trax.TemplatesImpl in XStream Severity: Important    CVSS Score: 8.8 XStream is a simple library, used to serialize objects to XML and back again. This is a flaw in...

Linux Vulnerabilities of the Week: October 25, 2021 1. Buffer overflow in Golang (<1.16.9) Severity: Critical         CVSS Score: 9.8 This is a validation flaw in Golang. When invoking functions from WASM modules built using GOARCH=wasm GOOS=js, passing very large arguments...

Linux Vulnerabilities of the Week: October 18, 2021 1. Apache HTTP server vulnerability Severity: Critical         CVSS Score: 9.8 This is a path transversal and remote code execution flaw in Apache HTTP Server 2.4.49 and 2.4.50, which a remote attacker could...