Both PHP 5.6 and PHP 7.0 reached End of Life at the beginning of the year, and are no longer receiving any security patches from PHP. With cPanel & WHM Version 80 moving to the current tier, we are also encouraging users to upgrade to supported PHP versions in EasyApache 4. To help with that, we are removing PHP 5.6 and 7.0 from our default EasyApache profiles. This change only impacts servers running our default …
Archive for May 14th, 2019
It was discovered that the Lemonldap::NG web SSO system performed insuffient validation of session tokens if the “tokenUseGlobalStorage” option is enabled, which could grant users with access to the main session database access to an anonymous session.
It was discovered that incomplete validation in a Phar processing library embedded in Drupal, a fully-featured content management framework, could result in information disclosure.
Multiple researchers have discovered vulnerabilities in the way the Intel processor designs have implemented speculative forwarding of data filled into temporary microarchitectural structures (buffers). This flaw could allow an attacker controlling an unprivileged process to
An update for rhvm-setup-plugins is now available for Red Hat Virtualization 4.3. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,
An update for rhvm-setup-plugins is now available for Red Hat Virtualization 4.2. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,
An update for rhvm-appliance is now available for Red Hat Virtualization 4 for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,
An update for kernel is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability
An update for the virt:rhel module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,
On May 14, fixes for CVE-2018-12126, CVE-2018-12127, CVE-2018-12130,and CVE-2019-11091 were released into the Ubuntu Xenial and Bionickernels. These CVEs are security vulnerabilities caused by flaws in thedesign of speculative execution hardware in the computer’s CPU.Researchers discovered that memory contents previously stored in [More…]
The post Plesk Obsidian Preview: The Curtain Lifts appeared first on Plesk.
Netcraft recently discovered that French jewellery retailer Cleor—which operates 136 boutiques across France—was infected with a malicious JavaScript skimmer. The injected code sent the fraudster a copy of the credit card details entered by unsuspecting Cleor customers during the legitimate checkout process. Shopping Site Skimmers This attack has many of the hallmarks of JavaScript skimming […]
Isaac Boukris and Andrew Bartlett discovered that the S4U2Self Kerberos extension used in Samba’s Active Directory support was susceptible to man-in-the-middle attacks caused by incomplete checksum validation.