Xen security updates issued

According to a Google Security Researcher who was able to defeat all of the current patches and make the vulnerability easier to exploit, they are now recommending the following unofficial patch until it is pushed upstream: http://www.openwall.com/lists/oss-security/2014/09/25/13 Further Information: “http://www.itnews.com.au/News/396256,further-flaws-render-shellshock-patch-ineffective.aspx source: hostingseclist

A serious vulnerability has been discovered in older versions of the popular Code Snippets plugin for WordPress. The flaw allowed anybody to forge a request on behalf of an administrator and inject executable code on a vulnerable site. This is a Cross-Site Request Forgery (CSRF) to Remote Code Execution…

cPanel has released new builds for all public update tiers. These updates provide targeted changes to address security concerns with the cPanel & WHM product. These builds are currently available to all customers via the standard update system. cPanel has rated these updates as having CVSSv2 scores ranging from…

An update for OpenSSL on RHEL was just released to help address the Poodle OpenSSL security vulnerability and it is recommended that you update as soon as possible. This update adds support for the TLS Fallback Signaling Cipher Suite Value (TLS_FALLBACK_SCSV), which can be used to prevent protocol downgrade…

An update for LiteSpeed 4 & 5 was just released to address a security vulnerability within OpenSSL (CVE-2015-1793) and it is recommended that you update as soon as possible.

An update for Xen was just released to address two major security vulnerabilities and it is recommended that you update as soon as possible.

aaPanel is a free and Open source Hosting Control Panel for RHEL and Debian based systems. It is the Internationalized version for the BAOTA panel(www.bt.cn), developed in China. It allows users to manage their web server through a web-based GUI (Graphical User Interface).

An update for cPanel was just released and it is recommended that you update as soon as possible. These updates provide targeted changes to address security concerns with the cPanel & WHM product. These builds are currently available to all customers via the standard update system.

cPanel has released new builds for all public update tiers. These updates provide targeted changes to address security concerns with the cPanel & WHM product. These builds are currently available to all customers via the standard update system. cPanel has rated these updates as having CVSSv3 scores ranging from…

VMware has fixed a critical flaw in its vCenter Server that could be exploited to execute code remotely. The vulnerability affects vCenter versions 6.5 and 6.0. Users are urged to upgrade to versions 6.5c or 6.0U3b. US-CERT warned about the vulnerability, stressing exploitation could result in an attacker taking…

An update for Plesk 12 (Windows) was just released to address various security vulnerabilities and it is recommended that you update as soon as possible. Official Link: http://download1.parallels.com/Plesk/PP12/12.0/release-notes/parallels-plesk-12.0-for-windows-change-log.html#12018-mu52

A vulnerability that VMware patched recently in some of its products, is currently being exploited and Russian threat actors are leveraging this vulnerability to install malware on corporate systems and access protected data, the National Security Agency (NSA) warned on Monday.

Due to an exploit discovered in our billing and support system, our system was taken offline temporarily. This was done to ensure client data safety. The exploit was patched a short time afterwards, however we have decided to keep the billing portal temporarily offline until validity of this patch…

An update for CloudLinux CageFS was just released to address a security vulnerability and it is recommended that you update as soon as possible. (This update was found by RACK911 Labs.)

 Adobe’s first round of security updates for 2019 resolve two critical flaws for Adobe Acrobat and Reader for Windows and MacOS. These updates address critical vulnerabilities, CVE-2018-16011 and CVE-2018-19725.