Zeek is a powerful network analysis framework that is much different from the typical IDS you may know. While focusing on network security monitoring, Zeek provides a comprehensive platform for more general network traffic analysis as well. Well grounded in more than 15 years of research, Zeek has successfully bridged the traditional gap between academia and operations since its inception.…
Ubuntu Security Notice 5089-2 – USN-5089-1 updated ca-certificates. This update provides the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. The ca-certificates package contained a CA certificate that will expire on 2021-09-30 and will cause connectivity issues. This update removes the “DST Root CA X3” CA. Various other issues were also addressed.
Ubuntu Security Notice 5089-1 – The ca-certificates package contained a CA certificate that will expire on 2021-09-30 and will cause connectivity issues. This update removes the “DST Root CA X3” CA.
WordPress 3DPrint Lite plugin version 1.9.1.4 suffers from a remote shell upload vulnerability.
Pharmacy Point of Sale System version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.
Ubuntu Security Notice 5088-1 – It was discovered that EDK II incorrectly handled input validation in MdeModulePkg. A local user could possibly use this issue to cause EDK II to crash, resulting in a denial of service, obtain sensitive information or execute arbitrary code. Paul Kehrer discovered that OpenSSL used in EDK II incorrectly handled certain input lengths in EVP…
Police Crime Record Management Project version 1.0 suffers from a remote SQL injection vulnerability.
Redragon Gaming Mouse suffers from a denial of service vulnerability.
WordPress Advanced Order Export For WooCommerce plugin version 3.1.7 suffers from a cross site scripting vulnerability.
Ubuntu Security Notice 5087-1 – A large number of security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution.