The CERT Coordination Center (CERT/CC) has released a security advisory for multiple “SACK Panic” vulnerabilities that impact Linux kernels. In addition, a related flaw also impacts FreeBSD.
The Apache Software Foundation has released new Apache Tomcat security updates to address an HTTP/2 Denial of Service (DoS) vulnerability.
Oracle has released a patch for a critical vulnerability CVE-2019-2729 in Oracle WebLogic Server, exploited in the wild. The company also warns bad actors can remotely exploit the flaw without a username and password.
Mozilla has released a security update that fixes a critical vulnerability in Firefox 67.0.3 and Firefox ESR 60.7.1.
Samba has released fixes for two security vulnerabilities that impact Samba products. A remote attacker could take advantage of these bugs and exploit unpatched systems.
The Department of Homeland Security (DHS) just issued a new warning on the “wormable” BlueKeep threat and vulnerability. DHS says attackers can exploit unpatched systems to perform remote code execution.
Google has released a new security update for Chrome 75.0.3770.90 for Windows, Mac and Linux.
Intel has released security and firmware updates that fix vulnerabilities in multiple Intel products.
Microsoft issued the June 2019 Security Updates that include 88 unique vulnerability fixes, 21 rated critical. Additional guidance was also published to mitigate Adobe vulnerabilities.
Researchers at Qualys discovered a critical remote command execution vulnerability in Exim, a popular mail transfer agent (MTA) used on mostly Unix-like operating systems.