Category Archives: Advisories

Multiple Vulnerabilities in Google Android OS Could Allow for Arbitrary Code Execution

Read Time:25 Second

Multiple vulnerabilities have been discovered in Google Android OS, the most severe of which could allow for arbitrary code execution. Android is an operating system developed by Google for mobile devices, including, but not limited to, smartphones, tablets, and watches. Successful exploitation of the most severe of these vulnerabilities could allow for arbitrary code execution. Depending on the privileges associated with the exploited component, an attacker could then install programs; view, change, or delete data; or create new accounts with full rights.

Read More

CVE-2014-8164

Read Time:7 Second

A insecure configuration for certificate verification (http.verify_mode = OpenSSL::SSL::VERIFY_NONE) may lead to verification bypass in Red Hat CloudForms 5.x.

Read More

USN-5488-2: OpenSSL vulnerability

Read Time:15 Second

USN-5488-1 fixed vulnerabilities in OpenSSL. This update provides the
corresponding updates for Ubuntu 16.04 ESM.

Original advisory details:

Chancen and Daniel Fiala discovered that OpenSSL incorrectly handled the
c_rehash script. A local attacker could possibly use this issue to execute
arbitrary commands when c_rehash is run.

Read More