Unpatched Bugs in Oracle iPlanet Opens Door to Info-Disclosure, Injection
CVE-2020-9315 and CVE-2020-9314 in iPlanet version 7 will not receive patches.
Source: Threat Post – Web Security – Unpatched Bugs in Oracle
[...]
disclosure
The Long Path out of the Vulnerability Disclosure Dark Ages
Letting a company know about flaws in their products has gotten easier sine 2003—but not by much.
Source: Wired – The Long
[...]
Bugtraq: Local information disclosure in OpenSMTPD (CVE-2020-8793)
Local information disclosure in OpenSMTPD (CVE-2020-8793)
Source: Security Focus – Bugtraq: Local information disclosure in OpenSMTPD (CVE-2020-8793)
[...]
Bugtraq: CVE-2020-0728: Windows Modules Installer Service Information Disclosure Vulnerability
CVE-2020-0728: Windows Modules Installer Service Information Disclosure Vulnerability
Source: Security Focus – Bugtraq: CVE-2020-0728: Windows Modules Installer Service Information Disclosure Vulnerability
[...]
Google's Project Zero Policy Change Mandates 90-Day Disclosure
The updated disclosure policy aims to achieve more thorough and improved patch development, Google reports.
Source: Dark Reading – Threat Intelligence –
[...]
Disclosure Does Little to Dissuade Cyber Spies
In the past, outing nation-state cyber espionage groups caused a few to close up shop, but nowadays actors are more likely to switch
[...]
Security Pros Value Disclosure … Sometimes
Security professionals will coordinate disclosure with researchers but may keep their self-discovered vulnerabilities secret, a new study shows.
Source: Dark Reading –
[...]
Vuln: Jenkins Credentials Binding Plugin CVE-2019-1010241 Information Disclosure Vulnerability
Jenkins Credentials Binding Plugin CVE-2019-1010241 Information Disclosure Vulnerability
Source: Security Focus – Vuln: Jenkins Credentials Binding Plugin CVE-2019-1010241 Information Disclosure Vulnerability
[...]
Vuln: Ansible CVE-2019-10206 Remote Information Disclosure Vulnerability
Ansible CVE-2019-10206 Remote Information Disclosure Vulnerability
Source: Security Focus – Vuln: Ansible CVE-2019-10206 Remote Information Disclosure Vulnerability
[...]
Vuln: FortiOS IPS engine CVE-2019-5592 Man in the Middle Information Disclosure Vulnerability
FortiOS IPS engine CVE-2019-5592 Man in the Middle Information Disclosure Vulnerability
Source: Security Focus – Vuln: FortiOS IPS engine CVE-2019-5592 Man in
[...]