Double free vulnerability in Esi.cc in Squid 3.x before 3.5.18 and 4.x before 4.0.10 allows remote servers to cause a denial of service (crash) via a crafted Edge Side Includes (ESI) response.
Monthly Archives: May 2016
CVE-2016-4561
Cross-site scripting (XSS) vulnerability in the cgierror function in CGI.pm in ikiwiki before 3.20160506 might allow remote attackers to inject arbitrary web script or HTML via unspecified vectors involving an error message.
Adobe Releases Security Updates
Original release date: May 10, 2016
Adobe has released security updates to address vulnerabilities in Flash Player, ColdFusion, Acrobat, and Reader. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of an affected system.
US-CERT encourages users and administrators to review Adobe Security Bulletins APSA16-02, APSB16-14, and APSB16-16 and apply the necessary updates.
This product is provided subject to this Notification and this Privacy & Use policy.
Microsoft Releases May 2016 Security Bulletin
Original release date: May 10, 2016
Microsoft has released 16 updates to address vulnerabilities in Microsoft software. Exploitation of some of these vulnerabilities could allow a remote attacker to take control of an affected system.
Users and administrators are encouraged to review the following Microsoft Security Bulletins MS16-051 through MS16-067 and apply the necessary updates.
This product is provided subject to this Notification and this Privacy & Use policy.
Microsoft Patches JScript, VBScript Flaw Under Attack
Microsoft’s Patch Tuesday security bulletins include a patch for a JScript and VBScript scripting engine vulnerability being publicly exploited.
Outdated, Unpatched Software Rampant in Businesses
A Duo Labs report reveals the dangers of unpatched and outdated software used in business world.
Adobe Warns of Flash Zero Day, Patches Acrobat, Reader
Adobe pushed out 95 fixes for Acrobat, Reader, and ColdFusion on Tuesday and simultaneously warned about a zero day vulnerability in Flash it plans to patch on Thursday.
FCC To Carriers: Update Faster
Red Hat Security Advisory 2016-0996-01
Red Hat Security Advisory 2016-0996-01 – OpenSSL is a toolkit that implements the Secure Sockets Layer and Transport Layer Security protocols, as well as a full-strength general-purpose cryptography library. Security Fix: A flaw was found in the way OpenSSL encoded certain ASN.1 data structures. An attacker could use this flaw to create a specially crafted certificate which, when verified or re-encoded by OpenSSL, could cause it to crash, or execute arbitrary code using the permissions of the user running an application compiled against the OpenSSL library.
Top 4 Data Breaches reported in last 24 Hours
There is no doubt that data breaches are on the rise. Hardly a day goes without headlines about any significant data breach.
According to the latest ‘Cyber Security Breaches Survey 2016’ report published by UK government, two-thirds of the biggest firm in the UK have experienced at least a cyber attacks or data breaches within the past 12 months.
Here’s today, I am writing about top 4 data
