DSA-5056 strongswan – security update
Zhuowei Zhang discovered a bug in the EAP authentication client code of strongSwan, an IKE/IPsec suite, that may allow to bypass the client and in...
DSA-5055 util-linux – security update
The Qualys Research Labs discovered two vulnerabilities in util-linux's libmount. These flaws allow an unprivileged user to unmount other users' filesystems that are either world-writable...
DSA-5054 chromium – security update
Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure. Read More
A Backdoor in WordPress AccessPress Plugins and Themes Could Allow an Attacker Access to a Targeted Website
A backdoor has been discovered in WordPress AccessPress plugins and themes, which could allow an attacker access to a targeted website. AccessPress plugins and themes...
Multiple Vulnerabilities in Cisco Products Could Allow for Arbitrary Code Execution
Multiple vulnerabilities have been discovered in Cisco Products, the most severe of which could allow for arbitrary code execution. Successful exploitation of the most severe...
Multiple Vulnerabilities in Google Chrome Could Allow for Arbitrary Code Execution
Multiple vulnerabilities have been discovered in Google Chrome, the most severe of which could allow for arbitrary code execution. Google Chrome is a web browser...
Drupal core – Moderately critical – Cross site scripting – SA-CORE-2022-002
Project: Drupal core Date: 2022-January-19 Security risk: Moderately critical 14∕25 AC:Basic/A:User/CI:Some/II:Some/E:Proof/TD:Default Vulnerability: Cross site scripting Description: jQuery UI is a third-party library used by Drupal....
Drupal core – Moderately critical – Cross Site Scripting – SA-CORE-2022-001
Project: Drupal core Date: 2022-January-19 Security risk: Moderately critical 14∕25 AC:Basic/A:User/CI:Some/II:Some/E:Proof/TD:Default Vulnerability: Cross Site Scripting Description: jQuery UI is a third-party library used by Drupal....
A Vulnerability in Zoho Desktop Central and Desktop Central MSP Could Allow for Authentication Bypass
A vulnerability has been discovered in Zoho Desktop Central and Desktop Central MSP that could allow for authentication bypass. Zoho Desktop Central and Desktop Central...
Oracle Quarterly Critical Patches Issued January 18, 2022
Multiple vulnerabilities have been discovered in Oracle products, which could allow for remote code execution Read More