WordPress security experts said that 1.5M sites have been defaced following the disclosure of a silently fixed content injection vulnerability.
Tag Archives: PHP
PHPMailer, SwiftMailer Updates Resolve Critical Remote Code Execution Vulnerabilities
Critical remote code execution vulnerabilities in PHPMailer and SwiftMailer, libraries used to send emails via PHP, were patched this week.
PornHub Hack Earns Researchers $22,000
Researchers found a serious vulnerability in PHP code that could have allowed hackers to gain access to porn site’s private user data.
New Debian Releases Fix PHP, VirtualBox Bugs
The maintainers of Debian have released new versions of the operating system to fix several vulnerabilities, including a number of bugs in PHP and an unspecified flaw in Oracle’s VirtualBox application. There are new versions of the stable and oldstable releases of Debian available, which fix the security vulnerabilities. Among the patches is one for […]
New PHP Releases Fix BACKRONYM MySQL Flaw
Several new versions of PHP have been released, all of which contain a number of bug fixes, most notably a patch for the so-called BACKRONYM vulnerability in MySQL. That bug in MySQL is caused by a problem with the way that the database software handles requests for secure connections. Researchers at Duo Security disclosed the […]
Seagate Confirms NAS Zero Day, Won’t Patch Until May
Seagate confirmed a publicly disclosed vulnerability in one of its network attached storage products, but said it won’t have a patch available until May.
Seagate Business NAS Firmware Vulnerabilities Disclosed
Remote code execution vulnerabilities in Seagate Business NAS firmware were disclosed after a 100-plus day deadline passed without a fix from the vendor.
Enterprise Apps in Scope of Ghost glibc Vulnerability
Researchers at Veracode examined whether enterprise applications were also vulnerable to the Ghost vulnerability in glibc.
PHP Applications, WordPress Subject to Ghost glibc Vulnerability
Researchers at Sucuri revealed that applications such as WordPress that support PHP could also be subject to the Ghost vulnerability in glibc.
PHP 5.6.5 Released With Several Security Fixes
Several new versions of PHP have been released, fixing a number of security vulnerabilities and other bugs in the popular scripting language. PHP 5.6.5 is the newest version of the language, and it has patches for a handful of vulnerabilities, including a use-after-free flaw that could lead to remote code execution in some cases. “Sapi/cgi/cgi_main.c in […]