Security Notices

• 2022-05-13 Autovacuum, REINDEX, and others omit security restricted operation sandbox on PostgreSQL
• 2022-04-29 ECDSA signature vulnerability on Java
• 2022-04-21 Several Vulnerabilities in the MySQL Server product
• 2022-03-31 CVE-2022-22965 RCE 0-day exploit found in Spring Framework
• 2022-03-24 ArgoCD Improper access control allows admin privilege escalation (CVE-2022-1025)
• 2022-01-26 Local privilege escalation vulnerability was found on polkit's pkexec utility (CVE-2021-4034)
• 2021-12-10 CVE-2021-44228 RCE 0-day exploit found in log4j
• 2021-10-21 Discourse: RCE via malicious SNS subscription payload
• 2021-10-06 Apache Server 2.4.49 Path traversal and file disclosure vulnerability (CVE-2021-33909 and CVE-2021-42013)
• 2021-07-22 Sequoia (CVE-2021-33909): Linux Kernel filesystem layer Vulnerability
• 2021-01-27 sudo security release: Buffer overflow in command line unescaping
• 2020-09-16 Drupal security releases
• 2020-09-15 CVE-2020-14386 Linux kernel CAP_NET_RAW vulnerability
• 2020-07-03 Apache Guacamole security release (CVE-2020-9497)
• 2020-06-22 Rails CVE-2020-8185 and Rack CVE-2020-8184 security issues
• 2020-06-18 Drupal Core Critical security issues: SA-CORE-2020-005 and SA-CORE-2020-004
• CVE-2020-13379: Grafana incorrect access control vulnerability
• 2020-06-04 GitLab security release 13.0.4, 12.10.9, 12.9.9
• 2020-05-21 CVE-2020-9484: Apache Tomcat Remote Code Execution Vulnerability
• 2020-04-21 OpenSSL segmentation fault in SSL_check_chain (CVE-2020-1967)
• 2020-02-29 Apache JServ Protocol (AJP) (CVE-2020-1938)
• 2019-11-08 WordPress WP-VCD Malware via Pirated Plugins or Themes
• 2019-05-15 MDS attacks against Intel CPUs and Zombieload vulnerability
• 2018-08-06 SegmentSmack (CVE-2018-5309): Linux Kernel TCP Vulnerability
• 2018-01-04 Spectre (CVE-2017-5753, CVE-2017-5715) and Meltdown (CVE-2017-5754) attack
• 2017-01-04 Critical security issue in MongoDB