patch

OpenPaX: Open-source kernel patch that mitigates memory safety errors

Edera, GitHub, Linux, News, open source, patch /

OpenPaX: Open-source kernel patch that mitigates memory safety errors 2024-11-01 at 07:03 By Mirko Zorz OpenPaX is an open-source kernel patch that mitigates common memory safety errors, re-hardening systems against application-level memory safety attacks using a simple Linux kernel patch. It’s available under the same GPLv2 license terms as the Linux kernel. “We are pleased […]

React to this headline:

Loading spinner

OpenPaX: Open-source kernel patch that mitigates memory safety errors Read More »

Fortinet releases patches for undisclosed critical FortiManager vulnerability

Don't miss, enterprise, Fortinet, Hot stuff, News, patch, security update /

Fortinet releases patches for undisclosed critical FortiManager vulnerability 2024-10-21 at 16:48 By Zeljka Zorz In the last couple of days, Fortinet has released critical security updates for FortiManager, to fix a critical vulnerability that is reportedly being exploited by Chinese threat actors. Security updates are trickling out The company, which is known for pushing out

React to this headline:

Loading spinner

Fortinet releases patches for undisclosed critical FortiManager vulnerability Read More »

SolarWinds Leaks Credentials in Hotfix for Exploited Web Help Desk Flaw

exploited, patch, SolarWinds, Vulnerabilities /

SolarWinds Leaks Credentials in Hotfix for Exploited Web Help Desk Flaw 2024-08-23 at 11:17 By Ionut Arghire SolarWinds has issued a Web Help Desk hotfix to remove hardcoded credentials from last week’s hotfix for a critical-severity vulnerability. The post SolarWinds Leaks Credentials in Hotfix for Exploited Web Help Desk Flaw appeared first on SecurityWeek. This

React to this headline:

Loading spinner

SolarWinds Leaks Credentials in Hotfix for Exploited Web Help Desk Flaw Read More »

Apple Rolls Out Security Updates for iOS, macOS

apple, patch, Vulnerabilities /

Apple Rolls Out Security Updates for iOS, macOS 2024-07-30 at 12:01 By Ionut Arghire Apple has released security patches for dozens of vulnerabilities in iOS, macOS, tvOS, visionOS, watchOS, and Safari. The post Apple Rolls Out Security Updates for iOS, macOS appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View

React to this headline:

Loading spinner

Apple Rolls Out Security Updates for iOS, macOS Read More »

Zyxel patches critical flaws in EOL NAS devices

CVE, Don't miss, Hot stuff, NAS, News, Outpost24, patch, PoC, vulnerability, Zyxel /

Zyxel patches critical flaws in EOL NAS devices 2024-06-06 at 14:46 By Zeljka Zorz Zyxel has released patches for three critical vulnerabilities (CVE-2024-29972, CVE-2024-29973, and CVE-2024-29974) affecting two network-attached storage (NAS) devices that have recently reached end-of-vulnerability-support. About the vulnerabilities The three vulnerabilities are: A command injection vulnerability in the CGI program that could allow

React to this headline:

Loading spinner

Zyxel patches critical flaws in EOL NAS devices Read More »

May 2024 Patch Tuesday forecast: A reminder of recent threats and impact

Adobe, apple, Chrome, Don't miss, Expert analysis, Hot stuff, Ivanti, Microsoft, Mozilla, News, Office, patch, Patch Tuesday, security update /

May 2024 Patch Tuesday forecast: A reminder of recent threats and impact 2024-05-10 at 08:46 By Help Net Security The thunderstorms of April patches have passed, and it has been pretty calm leading up to May 2024 Patch Tuesday. April 2024 Patch Tuesday turned out to be a busy one with 150 new CVEs addressed

React to this headline:

Loading spinner

May 2024 Patch Tuesday forecast: A reminder of recent threats and impact Read More »

Horizon3.ai Introduces AI-Assisted Service to Prioritize and Patch Vulnerabilities Faster

Artificial Intelligence, patch, Vulnerabilities /

Horizon3.ai Introduces AI-Assisted Service to Prioritize and Patch Vulnerabilities Faster 2024-05-03 at 14:31 By Kevin Townsend SaaS-based, AI-assisted penetration service allows proactive defensive action against exploitation of new vulnerabilities. The post Horizon3.ai Introduces AI-Assisted Service to Prioritize and Patch Vulnerabilities Faster appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View

React to this headline:

Loading spinner

Horizon3.ai Introduces AI-Assisted Service to Prioritize and Patch Vulnerabilities Faster Read More »

March 2024 Patch Tuesday forecast: A popular framework updated

Adobe, apple, cybersecurity, Don't miss, Expert analysis, Expert corner, Google, Hot stuff, Ivanti, Microsoft, News, patch, Patch Tuesday, security update /

March 2024 Patch Tuesday forecast: A popular framework updated 2024-03-08 at 08:47 By Help Net Security We’re almost at our third Patch Tuesday and wrapping up the first quarter 2024. Time flies by! Microsoft is starting to push users to update their operating systems as their active version is approaching end-of-support. The February 2024 Patch

React to this headline:

Loading spinner

March 2024 Patch Tuesday forecast: A popular framework updated Read More »

February 2024 Patch Tuesday forecast: Zero days are back and a new server too

ACROS Security, Adobe Acrobat, apple, Chrome, cybersecurity, Don't miss, Expert analysis, Expert corner, Firefox, Google, Hot stuff, Ivanti, Microsoft, Mozilla, News, patch, Patch Tuesday, security update /

February 2024 Patch Tuesday forecast: Zero days are back and a new server too 2024-02-09 at 08:32 By Mirko Zorz January 2024 Patch Tuesday is behind us. A relatively light release from Microsoft with 39 CVEs addressed in Windows 10, 35 in Windows 11, and surprisingly no zero-day vulnerabilities from Microsoft to start the new

React to this headline:

Loading spinner

February 2024 Patch Tuesday forecast: Zero days are back and a new server too Read More »

EOL Sophos firewalls get hotfix for old but still exploited vulnerability (CVE-2022-3236)

Don't miss, enterprise, firewall, Hot stuff, News, patch, SMBs, Sophos, VulnCheck /

EOL Sophos firewalls get hotfix for old but still exploited vulnerability (CVE-2022-3236) 13/12/2023 at 14:17 By Zeljka Zorz Over a year has passed since Sophos delivered patches for a vulnerability affecting Sophos Firewalls (CVE-2022-3236) that was being actively exploited by attackers, and now they have pushed additional ones to protect vulnerable EOL devices. “In December

React to this headline:

Loading spinner

EOL Sophos firewalls get hotfix for old but still exploited vulnerability (CVE-2022-3236) Read More »

November 2023 Patch Tuesday forecast: Year 21 begins

Adobe, apple, Chrome, Don't miss, Expert analysis, Expert corner, Firefox, Hot stuff, Ivanti, Microsoft, Mozilla, News, patch, Patch Tuesday, patching, Windows, Windows Server /

November 2023 Patch Tuesday forecast: Year 21 begins 10/11/2023 at 09:03 By Help Net Security The October forecast for large numbers of CVEs addressed in Windows 10 and 11 and the recent record on the number fixed in Windows Server 2012 was spot on! Microsoft addressed 75 CVEs in Windows 11, 80 in Windows 10,

React to this headline:

Loading spinner

November 2023 Patch Tuesday forecast: Year 21 begins Read More »

F5 BIG-IP vulnerabilities leveraged by attackers: What to do?

Don't miss, enterprise, F5 Networks, Hot stuff, News, patch, PoC, Praetorian, Project Discovery, SQL injection, traffic monitoring, vulnerability /

F5 BIG-IP vulnerabilities leveraged by attackers: What to do? 02/11/2023 at 14:01 By Zeljka Zorz The two BIG-IP vulnerabilities (CVE-2023-46747, CVE-2023-46748) F5 Networks has recently released hotfixes for are being exploited by attackers in the wild, the company has confirmed. “It is important to note that not all exploited systems may show the same indicators,

React to this headline:

Loading spinner

F5 BIG-IP vulnerabilities leveraged by attackers: What to do? Read More »

F5 fixes critical BIG-IP vulnerability (CVE-2023-46747)

Don't miss, enterprise, F5 Networks, Hot stuff, News, patch, Praetorian, traffic monitoring, vulnerability /

F5 fixes critical BIG-IP vulnerability (CVE-2023-46747) 30/10/2023 at 18:46 By Helga Labus F5 Networks has released hotfixes for three vulnerabilities affecting its BIG-IP multi-purpose networking devices/modules, including a critical authentication bypass vulnerability (CVE-2023-46747) that could lead to unauthenticated remote code execution (RCE). About CVE-2023-46747 Discovered and reported by Thomas Hendrickson and Michael Weber of Praetorian

React to this headline:

Loading spinner

F5 fixes critical BIG-IP vulnerability (CVE-2023-46747) Read More »

Google “confirms” that exploited Chrome zero-day is actually in libwebp (CVE-2023-5129)

1Password, Alpine, Chrome, containers, Debian, Don't miss, Firefox, Google, Hot stuff, LibreOffice, Linux, macOS, Microsoft Teams, News, Opera, patch, patching, Rezilion, runZero, Signal, Slack, SUSE, Telegram, Ubuntu, Vivaldi, vulnerability, vulnerability management /

Google “confirms” that exploited Chrome zero-day is actually in libwebp (CVE-2023-5129) 27/09/2023 at 14:46 By Zeljka Zorz The Chrome zero-day exploited in the wild and patched by Google a few weeks ago has a new ID (CVE-2023-5129) and a description that tells the whole story: the vulnerability is not in Chrome, but the libwebp library,

React to this headline:

Loading spinner

Google “confirms” that exploited Chrome zero-day is actually in libwebp (CVE-2023-5129) Read More »

Critical Trend Micro vulnerability exploited in the wild (CVE-2023-41179)

Don't miss, Endpoint Security, enterprise, Hot stuff, News, patch, security update, Trend Micro, vulnerability /

Critical Trend Micro vulnerability exploited in the wild (CVE-2023-41179) 21/09/2023 at 11:46 By Zeljka Zorz Trend Micro has fixed a critical zero-day vulnerability (CVE-2023-41179) in several of its endpoint security products for enterprises that has been spotted being exploited in the wild. About CVE-2023-41179 The nature of the flaw hasn’t been revealed, but we know

React to this headline:

Loading spinner

Critical Trend Micro vulnerability exploited in the wild (CVE-2023-41179) Read More »

Microsoft, Adobe fix zero-days exploited by attackers (CVE-2023-26369, CVE-2023-36761, CVE-2023-36802)

Adobe, Automox, CVE, Don't miss, Hot stuff, Microsoft, Microsoft Exchange, News, patch, Patch Tuesday, security update, Tenable, Trend Micro /

Microsoft, Adobe fix zero-days exploited by attackers (CVE-2023-26369, CVE-2023-36761, CVE-2023-36802) 12/09/2023 at 22:01 By Zeljka Zorz September 2023 Patch Tuesday is here, with fixes for actively exploited vulnerabilities in Adobe Acrobat and Reader (CVE-2023-26369), Microsoft Word (CVE-2023-36761), and Microsoft Streaming Service Proxy (CVE-2023-36802). Microsoft vulnerabilities of note Microsoft has delivered fixes for 61 CVE-numbered flaws:

React to this headline:

Loading spinner

Microsoft, Adobe fix zero-days exploited by attackers (CVE-2023-26369, CVE-2023-36761, CVE-2023-36802) Read More »

Intel Addresses 80 Firmware, Software Vulnerabilities

Endpoint Security, Intel, patch, Patch Tuesday, Vulnerabilities /

Intel Addresses 80 Firmware, Software Vulnerabilities 09/08/2023 at 15:17 By Eduard Kovacs Intel has addressed 80 vulnerabilities affecting its products, including 18 high-severity privilege escalation and DoS flaws. The post Intel Addresses 80 Firmware, Software Vulnerabilities appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source React to this

React to this headline:

Loading spinner

Intel Addresses 80 Firmware, Software Vulnerabilities Read More »

Patch Tuesday: Microsoft (Finally) Patches Exploited Office Zero-Days

Cyberwarfare, Microsoft, Nation-State, patch, Patch Tuesday, Vulnerabilities /

Patch Tuesday: Microsoft (Finally) Patches Exploited Office Zero-Days 08/08/2023 at 23:17 By Ryan Naraine Patch Tuesday: A month after confirming active exploitation of Office code execution flaws, Microsoft has shipped patches for multiple affected products. The post Patch Tuesday: Microsoft (Finally) Patches Exploited Office Zero-Days appeared first on SecurityWeek. This article is an excerpt from

React to this headline:

Loading spinner

Patch Tuesday: Microsoft (Finally) Patches Exploited Office Zero-Days Read More »

VMware Aria Operations for Networks vulnerability exploited in the wild (CVE-2023-20887)

Don't miss, enterprise, GreyNoise, Hot stuff, News, patch, VMWare, vulnerability /

VMware Aria Operations for Networks vulnerability exploited in the wild (CVE-2023-20887) 21/06/2023 at 11:42 By Zeljka Zorz CVE-2023-20887, a pre-authentication command injection vulnerability in VMware Aria Operations for Networks (formerly vRealize Network Insight), has been spotted being exploited in the wild. There are no workarounds to mitigate the risk of exploitation – enterprise admins are

React to this headline:

Loading spinner

VMware Aria Operations for Networks vulnerability exploited in the wild (CVE-2023-20887) Read More »

Scroll to Top