Linux kernel vulnerability CVE-2019-16089
Linux kernel vulnerability CVE-2019-16089 Security Advisory Security Advisory Description An issue was discovered in the Linux kernel through 5.2.13. nbd_genl_status in drivers/block/nbd.c does ...
InfoZIP vulnerability CVE-2019-13232
InfoZIP vulnerability CVE-2019-13232 Security Advisory Security Advisory Description Info-ZIP UnZip 6.0 mishandles the overlapping of files inside a ZIP container, leading to denial of service ( ...
Vim/Neovim vulnerability CVE-2019-12735
Vim/Neovim vulnerability CVE-2019-12735 Security Advisory Security Advisory Description getchar.c in Vim before 8.1.1365 and Neovim before 0.3.6 allows remote attackers to execute arbitrary OS ...
Ghostscript vulnerability CVE-2018-15909
Ghostscript vulnerability CVE-2018-15909 Security Advisory Security Advisory Description In Artifex Ghostscript 9.23 before 2018-08-24, a type confusion using the .shfill operator could be used by ...
Linux kernel vulnerability CVE-2016-10906
Linux kernel vulnerability CVE-2016-10906 Security Advisory Security Advisory Description An issue was discovered in drivers/net/ethernet/arc/emac_main.c in the Linux kernel before 4.5. A use- ...
Linux kernel vulnerability CVE-2018-20856
Linux kernel vulnerability CVE-2018-20856 Security Advisory Security Advisory Description An issue was discovered in the Linux kernel before 4.18.7. In block/blk-core.c, there is an __blk_drain_ ...
Linux kernel vulnerability CVE-2019-13233
Linux kernel vulnerability CVE-2019-13233 Security Advisory Security Advisory Description In arch/x86/lib/insn-eval.c in the Linux kernel before 5.1.9, there is a use-after-free for access to an ...
9p filesystem vulnerability CVE-2019-16413
9p filesystem vulnerability CVE-2019-16413 Security Advisory Security Advisory Description The 9p filesystem did not protect i_size_write() properly, which causes an i_size_read() infinite loop ...
OpenLDAP vulnerability CVE-2019-13565
OpenLDAP vulnerability CVE-2019-13565 Security Advisory Security Advisory Description An issue was discovered in OpenLDAP 2.x before 2.4.48. When using SASL authentication and session encryption, ...
Linux kernel vulnerability CVE-2019-16714
Linux kernel vulnerability CVE-2019-16714 Security Advisory Security Advisory Description In the Linux kernel before 5.2.14, rds6_inc_info_copy in net/rds/recv.c allows attackers to obtain ...
Linux kernel vulnerability CVE-2019-15538
Linux kernel vulnerability CVE-2019-15538 Security Advisory Security Advisory Description An issue was discovered in xfs_setattr_nonsize in fs/xfs/xfs_iops.c in the Linux kernel through 5.2.9. XFS ...
BIG-IP APM Edge Client logging vulnerability CVE-2019-6656
BIG-IP APM Edge Client logging vulnerability CVE-2019-6656 Security Advisory Security Advisory Description BIG-IP APM Edge Client logs the full BIG-IP APM session ID in the log files. (CVE-2019-6656)
Linux kernel vulnerability CVE-2010-5331
Linux kernel vulnerability CVE-2010-5331 Security Advisory Security Advisory Description In the Linux kernel before 2.6.34, a range check issue in drivers/gpu/drm/radeon/atombios.c could cause an ...
ImageMagick vulnerability CVE-2019-13136
ImageMagick vulnerability CVE-2019-13136 Security Advisory Security Advisory Description ImageMagick before 7.0.8-50 has an integer overflow vulnerability in the function TIFFSeekCustomStream in ...
Apache Tomcat vulnerability CVE-2019-0221
Apache Tomcat vulnerability CVE-2019-0221 Security Advisory Security Advisory Description The SSI printenv command in Apache Tomcat 9.0.0.M1 to 9.0.0.17, 8.5.0 to 8.5.39 and 7.0.0 to 7.0.93 echoes ...
Linux kernel vulnerability CVE-2017-18551
Linux kernel vulnerability CVE-2017-18551 Security Advisory Security Advisory Description An issue was discovered in drivers/i2c/i2c-core-smbus.c in the Linux kernel before 4.14.15. There is an ...
Linux kernel vulnerability CVE-2018-20976
Linux kernel vulnerability CVE-2018-20976 Security Advisory Security Advisory Description An issue was discovered in fs/xfs/xfs_super.c in the Linux kernel before 4.18. A use after free exists, ...
Linux parse_audio_mixer_unit kernel vulnerability CVE-2019-15117
Linux parse_audio_mixer_unit kernel vulnerability CVE-2019-15117 Security Advisory Security Advisory Description parse_audio_mixer_unit in sound/usb/mixer.c in the Linux kernel through 5.2.9 ...
OpenSSL vulnerability CVE-2019-1547
OpenSSL vulnerability CVE-2019-1547 Security Advisory Security Advisory Description Normally in OpenSSL EC groups always have a co-factor present and this is used in side channel resistant code ...
OpenSSL vulnerability CVE-2019-1563
OpenSSL vulnerability CVE-2019-1563 Security Advisory Security Advisory Description In situations where an attacker receives automated notification of the success or failure of a decryption ...
Deus ex hackina: It took just 10 minutes to find data-divulging demons corrupting Pope’s Click to Pray eRosary app
Vatican coders exorcise API gremlins but, we must confess, they missed little monster.... Exclusive The technology behind the Catholic Church’s latest innovation, an electronic rosary, is so insecure, it can be trivially hacked to siphon off worshipers' personal information.…
Trojanized Russian-language Tor browser lets attacks steal from users’ e-wallets
Researchers have discovered a trojanized version of a Tor private browser that targets Russian-speaking dark web marketplace visitors and lets cybercriminals steal from their e-wallet transactions.
The developers behind the malicious browser have so far stolen at least $40,000 in...
UC Browser potentially endangers 500 million users
The popular Android browser UC Browser was found to break several Google mobile app rules possibly placing up to 500 million of its users at risk.
UC Browser, which
is available from the Google Play store, was found by Zscaler ThreatLabZ...
US stopped using floppy disks to manage nuclear weapons arsenal
US Air Force switches to secure solid-state-based solution to replace antiquated floppy disks in SACCS nuclear weapons management system.
Friday Squid Blogging: Six-Foot-Long Mass of Squid Eggs Found on Great Barrier Reef
It's likely the diamondback squid. There's a video.
As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered.
Read my blog posting guidelines here.
