Plesk 12 Security Updates Issued

An update for Magento was just released to address a critical security vulnerability and it is recommended that you update as soon as possible. Official Link: http://bit.ly/1flmoA8 Source: hostingseclist.com

Newsletter, a free WordPress plugin with more than 300,000 installations, was found to contain multiple vulnerabilities that could eventually lead to the takeover of an affected website. The bugs were discovered by the Wordfence team who notified the developer of the plugin.

An update for cPanel was just released to address various security vulnerabilities. These updates provide targeted changes to address security concerns with cPanel and WHM. We recommend that you update as soon as possible.

According to a Google Security Researcher who was able to defeat all of the current patches and make the vulnerability easier to exploit, they are now recommending the following unofficial patch until it is pushed upstream: http://www.openwall.com/lists/oss-security/2014/09/25/13 Further Information: “http://www.itnews.com.au/News/396256,further-flaws-render-shellshock-patch-ineffective.aspx source: hostingseclist

An update for Xen was just released to address two major security vulnerabilities and it is recommended that you update as soon as possible.

  Multiple vulnerabilities for the Drupal CMS have been discovered. Drupal have released versions 8.3.4 and 7.56 which contain fixes for these security vulnerabilities. We recommend that you update Drupal as soon as possible.

A remote code execution vulnerability has been reported in Exim, with immediate public disclosure (we were given no private notice). A tentative patch exists but has not yet been confirmed. Exim is a widely used mail transfer agent used on Unix-like operating systems.

WordPress 4.2.3 is now available. This is a critical security release for all previous versions and we strongly encourage you to update your sites immediately.

cPanel has released new builds for all public update tiers. These updates provide targeted changes to address security concerns with the cPanel & WHM product. These builds are currently available to all customers via the standard update system. cPanel has rated these updates as having CVSSv2 scores ranging from…

VMware has fixed a critical flaw in its vCenter Server that could be exploited to execute code remotely. The vulnerability affects vCenter versions 6.5 and 6.0. Users are urged to upgrade to versions 6.5c or 6.0U3b. US-CERT warned about the vulnerability, stressing exploitation could result in an attacker taking…

Joomla! 3.7.1 is now available. This is a security release for the 3.x series of Joomla! which addresses one critical security vulnerability and several bug fixes. The security issue was found to be the result of inadequate filtering of requested data that lead to a SQL Injection vulnerability. We…

Over the past two years, processors, in particular processors made by Intel, have been targeted by an unending series of attacks that have made it possible for skilled attackers to intercept passwords, encryption keys, and other secrets out of data stored in resident memory.

Researchers have discovered authorization bypass bugs in three WordPress plugins, making a total of 400,000 WordPress websites vulnerable to cyber attacks. The affected plugins are InfiniteWP, WP Time Capsule and the WP Database Reset plugin.

Researchers have found a serious bug in the WP Live Chat Support plugin. This is the second time in six weeks that a vulnerability has been found in the plugin which is being used on thousands of WordPress websites. The latest bug allows hackers to inject their own code…

Product Description: MariaDB Server is one of the most popular database servers in the world. It is developed by the original creators of the ubiquitous MySQL server and it is guaranteed by the developers to remain open source software. Notable users of MariaDB include Wikipedia, WordPress.com and Google. MariaDB…