The CERT Coordination Center (CERT/CC) has released a security advisory for multiple “SACK Panic” vulnerabilities that impact Linux kernels. In addition, a related flaw also impacts FreeBSD.
The Apache Software Foundation has released new Apache Tomcat security updates to address an HTTP/2 Denial of Service (DoS) vulnerability.
Oracle has released a patch for a critical vulnerability CVE-2019-2729 in Oracle WebLogic Server, exploited in the wild. The company also warns bad actors can remotely exploit the flaw without a username and password.
Mozilla has released a security update that fixes a critical vulnerability in Firefox 67.0.3 and Firefox ESR 60.7.1.
Samba has released fixes for two security vulnerabilities that impact Samba products. A remote attacker could take advantage of these bugs and exploit unpatched systems.
The Department of Homeland Security (DHS) just issued a new warning on the “wormable” BlueKeep threat and vulnerability. DHS says attackers can exploit unpatched systems to perform remote code execution.
Yubico has issued a recall of certain models of its YubiKey FIPS series devices after the company discovered security issues.
Google has released a new security update for Chrome 75.0.3770.90 for Windows, Mac and Linux.
Intel has released security and firmware updates that fix vulnerabilities in multiple Intel products.
Microsoft issued the June 2019 Security Updates that include 88 unique vulnerability fixes, 21 rated critical. Additional guidance was also published to mitigate Adobe vulnerabilities.