Database Security

Identity & Access Management

Security Monitoring

Advanced Threats

Insider Threats

Vulnerability Management

To InformationWeek

Network Computing Darkreading

Advertise

LIVE EVENTS

INsecurity: A Dark Reading Conference

October 22-25, 2018 | Sheraton Grand Chicago

INsecurity is a 2-day conference for learning, skill building and networking. Whether you're an IT manager looking to flesh out an enterprise-wide security operations program, a security staffer who needs to learn best practices for incident response or endpoint protection, or a risk manager seeking ways to measure potential cyber risk and insurance, you will find critical best practices, advice, and technology tips at INsecurity.

Trending Hot Topics include:

Cloud Security: Automate or Die
AI: Boon or Boondoggle?
Non-Lethal Active Defense for Enterprises: A Better Alternative to "Hacking Back"

Learn More Here!

ONLINE EVENTS

Check out these online events that are available from the comfort of your computer! View our complete list of Upcoming Webinars so you can attend a live session or our Webinar Archives for webinars that are available On-Demand!

Upcoming Online Events

07/24

The Latest In Domain Fraud Trends And How To Secure Your Brand's Domain Footprint

08/16

AI & Machine Learning - How to Improve Enterprise Security With Them

08/21

The Latest Social Engineering Attacks and How To Understand and Prevent Them

Don't forget to view our complete list of Webinar Archives for webinars that are available On-Demand!

Editors' Choice

White House Cybersecurity Strategy at a Crossroads

Kelly Jackson Higgins, Executive Editor at Dark Reading, 7/17/2018

The Fundamental Flaw in Security Awareness Programs

Ira Winkler, CISSP, President, Secure Mentem, 7/19/2018

Singapore Health Services Data Breach Exposes Info on 1.5 Million People

Jai Vijayan, Freelance writer, 7/20/2018

Live Events

Webinars

More UBM Tech
Live Events

INsecurity Conference - An Event Like No Other

Black Hat Trainings - October 22 & 23

Are You Looking to Learn About New Cybersecurity Threats & Challenges? Then INsecurity Is For You!

White Papers

The Next Gen of IT Support

Distributed Defense: How Government Agencies Deploy Hacker-Powered Security

Hacker-Powered Pen Tests and the Power of More

Cyber Threat Brief: The 2018 FIFA World Cup

Combat the Top 5 Cyberattacks with Managed Detection and Response

More White Papers

Video

Cartoon Contest

Write a Caption, Win a Starbucks Card! Click Here

Latest Comment: This comment is waiting for review by our moderators.

Cartoon Archive

Current Issue

The Changing Role of the CISO

Download This Issue!

Back Issues | Must Reads

Flash Poll

All Polls

Reports

The State of IT and Cybersecurity

The State of IT and Cybersecurity

IT and security are often viewed as different disciplines - and different departments. Find out what our survey data revealed, read the report today!

Download Now!

[Strategic Security Report] Navigating the Threat Intelligence Maze

[Strategic Security Report] Cloud Security's Changing Landscape

The State of Ransomware

More Reports

Twitter Feed

Tweets about "from:DarkReading OR @DarkReading OR #DarkReading"

Dark Reading - Bug Report

Bug Report

Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database

CVE-2018-3770
PUBLISHED: 2018-07-20

A path traversal exists in markdown-pdf version <9.0.0 that allows a user to insert a malicious html code that can result in reading the local files.

CVE-2018-3771
PUBLISHED: 2018-07-20

An XSS in statics-server <= 0.0.9 can be used via injected iframe in the filename when statics-server displays directory index in the browser.

CVE-2018-5065
PUBLISHED: 2018-07-20

Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have a Use-after-free vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user.

CVE-2018-5066
PUBLISHED: 2018-07-20

Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have an Out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.

CVE-2018-5067
PUBLISHED: 2018-07-20

Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have a Heap Overflow vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user.

Terms of Service
Privacy Statement
Legal Entities
Copyright © 2018 UBM, All rights reserved

To save this item to your list of favorite Dark Reading content so you can find it later in your Profile page, click the "Save It" button next to the item.

If you found this interesting or useful, please use the links to the services below to share it with other readers. You will need a free account with each service to share an item via that service.
Tweet This
[close this box]