[R1] Nessus 10.0.0 Fixes One Vulnerability
Nessus versions 8.15.2 and earlier were found to contain a local privilege escalation vulnerability which could allow an authenticated, local administrator to run specific executables...
[R1] Stand-alone Security Patch Available for Tenable.sc versions 5.16.0 to 5.19.1: Patch 202110.1
Tenable.sc leverages third-party software to help provide underlying functionality. One of the third-party components (Apache) was found to contain vulnerabilities, and updated versions have been...
[R2] Stand-alone Security Patch Available for Tenable.sc versions 5.16.0 to 5.19.1: Patch 202109.1
Tenable.sc leverages third-party software to help provide underlying functionality. One of the third-party components (OpenSSL) was found to contain vulnerabilities, and updated versions have been...
Drupal core – Moderately critical – Access Bypass – SA-CORE-2021-010
Project: Drupal core Date: 2021-September-15 Security risk: Moderately critical 12∕25 AC:Basic/A:None/CI:Some/II:None/E:Theoretical/TD:Default Vulnerability: Access Bypass CVE IDs: CVE-2020-13677 Description: Under some circumstances, the Drupal core JSON:API...
Drupal core – Moderately critical – Access bypass – SA-CORE-2021-009
Project: Drupal core Date: 2021-September-15 Security risk: Moderately critical 10∕25 AC:Basic/A:User/CI:Some/II:None/E:Theoretical/TD:Default Vulnerability: Access bypass CVE IDs: CVE-2020-13676 Description: The QuickEdit module does not properly check...
Drupal core – Moderately critical – Access bypass – SA-CORE-2021-008
Project: Drupal core Date: 2021-September-15 Security risk: Moderately critical 11∕25 AC:Basic/A:None/CI:None/II:Some/E:Theoretical/TD:Uncommon Vulnerability: Access bypass CVE IDs: CVE-2020-13675 Description: Drupal's JSON:API and REST/File modules allow file...
Drupal core – Moderately critical – Cross Site Request Forgery – SA-CORE-2021-007
Project: Drupal core Date: 2021-September-15 Security risk: Moderately critical 14∕25 AC:Complex/A:None/CI:Some/II:Some/E:Theoretical/TD:Default Vulnerability: Cross Site Request Forgery CVE IDs: CVE-2020-13674 Description: The QuickEdit module does not...
Drupal core – Moderately critical – Cross Site Request Forgery – SA-CORE-2021-006
Project: Drupal core Date: 2021-September-15 Security risk: Moderately critical 10∕25 AC:Basic/A:User/CI:None/II:Some/E:Theoretical/TD:Default Vulnerability: Cross Site Request Forgery CVE IDs: CVE-2020-13673 Description: The Drupal core Media module...
WordPress 5.8.1 Security and Maintenance Release
WordPress 5.8.1 is now available! This security and maintenance release features 60 bug fixes in addition to 3 security fixes. Because this is a security...