**Horde_Form 2.0.20** * [mjr] SECURITY: Prevent ability to specify temporary filename (CVE-2020-8866, Reported By: Andrea Cardaci working with Trend Micro Zero Day Initiative).
The following vulnerability has been discovered in the webkit2gtk web engine: CVE-2020-10018
Open Liberty 20.0.0.3 Runtime is now available from the Customer Portal. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from
An update for firefox is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability
The post WordPress Toolkit 4.6 is Now Available appeared first on Plesk.
This update fixes several vulnerabilities in Graphicsmagick: Various memory handling problems and cases of missing or incomplete input sanitising may result in denial of service, memory disclosure or the execution of arbitrary code if malformed media files are processed.
Update to 2.9.6 bugfix release and 2 CVE fixes: CVE-2020-1737, CVE-2020-1739
https://lists.wikimedia.org/pipermail/mediawiki- announce/2019-December/000243.html
https://lists.wikimedia.org/pipermail/mediawiki- announce/2019-December/000243.html
CouchDB 3.0.0
An update for skopeo is now available for Red Hat OpenShift Container Platform 4.1. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
Red Hat OpenShift Container Platform release 4.1.38 is now available with updates to packages and images that fix several bugs. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score,
Firefox could be made to crash or run programs as your login if it opened a malicious website.
Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code.
The second release candidate for WordPress 5.4 is now available! WordPress 5.4 is currently scheduled to be released on March 31 2020, and we need your help to get there—if you haven’t tried 5.4 yet, now is the time! There are two ways to test the WordPress 5.4 release candidate: Try the WordPress Beta Tester plugin (choose the “bleeding edge […]
Joomla 3.9.16 is now available. This is a security release for the 3.x series of Joomla which addresses six security vulnerabilities and contains over 20 bug fixes and improvements.
The lack of type casting of a variable in SQL statement leads to a SQL injection vulnerability in the “Featured Articles” frontend menutype.
Joomla! CMS versions 1.7.0 – 3.9.15
Upgrade to version 3.9.16
The JSST at the Joomla! Security Centre.
Incorrect Access Control in the SQL fieldtype of com_fields allows access for non-superadmin users.
Joomla! CMS versions 3.7.0 – 3.9.15
Upgrade to version 3.9.16
The JSST at the Joomla! Security Centre.
Missing length checks in the user table can lead to the creation of users with duplicate usernames and/or email addresses.
Joomla! CMS versions 3.0.0 – 3.9.15
Upgrade to version 3.9.16
The JSST at the Joomla! Security Centre.
Various actions in com_templates lack the required ACL checks, leading to various potential attack vectors.
Joomla! CMS versions 2.5.0 – 3.9.15
Upgrade to version 3.9.16
The JSST at the Joomla! Security Centre.
Inadequate handling of CSS selectors in the Protostar and Beez3 JavaScript allow XSS attacks.
Joomla! CMS versions 3.0.0 – 3.9.15
Upgrade to version 3.9.16
The JSST at the Joomla! Security Centre.
Missing token checks in the image actions of com_templates causes CSRF vulnerabilities.
Joomla! CMS versions 3.2.0 – 3.9.15
Upgrade to version 3.9.16
The JSST at the Joomla! Security Centre.
Several security issues were fixed in SQLite.
The post Hostripples Q&A: Keeping Affordable, Flexible Hosting Plans and More appeared first on Plesk.
Kobus van Schoor discovered that network-manager-ssh, a plugin to provide VPN integration for SSH in NetworkManager, is prone to a privilege escalation vulnerability. A local user with privileges to modify a connection can take advantage of this flaw to execute arbitrary
Several security issues were fixed in runc.
The post Securing Your Websites with the SSL It! Extension in Plesk Obsidian appeared first on Plesk.
In the March edition of our “People of WordPress” series, you’ll find out how Mary Job grew from a timid, curious cat into a public speaker and organizer of WordPress Meetups and WordCamps.
– update to latest development version 1.9.0b1 – added sudo_logsrvd and sudo_sendlog to files and their appropriate man pages Resolves: rhbz#1787823 – Stack based buffer overflow in when pwfeedback is enabled Resolves: rhbz#1796945 – fixes: CVE-2019-18634 – By using ! character in the shadow file instead of a password hash can access to a run as all sudoer account Resolves: rhbz#1786709 –
58 queries. 9.25 mb Memory usage. 0.800 seconds.