Ripple20: Multiple Zero Day Vulnerabilities in Treck TCP/IP stack

Treck IP stack implementations for embedded systems are affected by multiple zero-day vulnerabilities. Total 19 vulnerabilities  in a widely used low-level TCP/IP software library developed by Treck, Inc have been discovered by the JSOF research lab, who calls them Ripple20.  Treck TCP/IP Stack  Treck IP network stack is designed for and used in a variety of embedded systems. The software is often licensed and integrated … Continue reading “Ripple20: Multiple Zero Day Vulnerabilities in Treck TCP/IP stack”

PhpUnit Remote Command Execution Vulnerability

Summary: PHPUnit is widely used testing framework for PHP. A remote code execution vulnerability was discovered in Util/PHP/eval-stdin.php in that allows remote attackers to execute arbitrary PHP code. This issue was assigned under CVE-2017-9841. Affected Versions: PHPUnit versions from 4.8.19 before 4.8.28 and from 5.0.10 before 5.6.3 Description: CVE-2017-9841 is a code execution vulnerability in … Continue reading “PhpUnit Remote Command Execution Vulnerability”