Skip to content

Gotham Security Daily Threat Alerts

by on July 18, 2014

July 16, Securityweek – (International) Oracle patches 13 vulnerabilities, including 20 in Java. Oracle released its Critical Patch Update for July, which includes patches for 113 security vulnerabilities in various Oracle products, including 20 vulnerabilities in Java SE. The 20 vulnerabilities in Java can all be remotely exploited without authentication and users were advised to apply the updates as soon as possible. Source: http://www.securityweek.com/oracle-patches-113-vulnerabilities-including-20-java

July 16, Softpedia – (International) vBulletin exploitable through SQL injection. Members of the Romanian Security Team group identified and reported an SQL injection vulnerability in vBulletin which could be used by attackers to gain access to a forum’s administration panel and databases. The group reported the vulnerability to the developers of vBulletin and stated that they would disclose the full details of the issue once a fix is released. Source: http://news.softpedia.com/news/vBulletin-Exploitable-Through-SQL-Injection-450894.shtml

July 16, Securityweek – (International) OpenBSD downplays PRNG vulnerability in LibreSSL. A researcher with Opsmate reported finding a flaw in the pseudorandom number generator (PRNG) in LibreSSL for Linux. Representatives of the OpenBSD Project confirmed that the issue exists but stated that the now-fixed problem was unlikely to be exploitable in real world conditions. Source: http://www.securityweek.com/openbsd-downplays-prng-vulnerability-libressl

 

From → Security

Comments are closed.

%d bloggers like this: