DSA-5267 pysha3 – security update
Nicky Mouha discovered a buffer overflow in sha3, a Python library for the SHA-3 hashing functions. Read More
DSA-5266 expat – security update
A heap use-after-free vulnerability after overeager destruction of a shared DTD in the XML_ExternalEntityParserCreate function in Expat, an XML parsing C library, may result in...
CVE-2021-42777 (reports)
Stimulsoft (aka Stimulsoft Reports) 2013.1.1600.0, when Compilation Mode is used, allows an attacker to execute arbitrary C# code on any machine that renders a report,...
DSA-5263 chromium – security update
A security issue was discovered in Chromium, which could result in the execution of arbitrary code. Read More
DSA-5264 batik – security update
It was discovered that Apache Batik, a SVG library for Java, allowed attackers to run arbitrary Java code by processing a malicious SVG file. Read...
DSA-5265 tomcat9 – security update
Several security vulnerabilities have been discovered in the Tomcat servlet and JSP engine. Read More
Friday Squid Blogging: Chinese Squid Fishing
China claims that it is “engaging in responsible squid fishing”: Chen Xinjun, dean of the College of Marine Sciences at Shanghai Ocean University, made the...
CVE-2021-36898
Auth. SQL Injection (SQLi) vulnerability in Quiz And Survey Master plugin <= 7.3.4 on WordPress. Read More
CVE-2021-36864
Auth. (editor+) Reflected Cross-Site Scripting (XSS) vulnerability in ExpressTech Quiz And Survey Master plugin <= 7.3.4 on WordPress. Read More
Phishing attacks increase by over 31% in third quarter: Report
Email security and threat detection company Vade has found that phishing emails in the third quarter this year increased by more than 31% quarter on...