Vulnerabilities

Microsoft Patch Tuesday: Critical Spoofing and Remote Code Execution Flaws

Microsoft, Patch Tuesday, phishing, remote code execution, Vulnerabilities, Windows MSHTML /

Microsoft Patch Tuesday: Critical Spoofing and Remote Code Execution Flaws 12/12/2023 at 23:47 By Ryan Naraine Microsoft warns of critical spoofing and remote code execution bugs in the Windows MSHTML Platform and Microsoft Power Platform Connector. The post Microsoft Patch Tuesday: Critical Spoofing and Remote Code Execution Flaws appeared first on SecurityWeek. This article is […]

React to this headline:

Loading spinner

Microsoft Patch Tuesday: Critical Spoofing and Remote Code Execution Flaws Read More »

Adobe Patches 207 Security Bugs in Mega Patch Tuesday Bundle

Adobe, Application Security, Illustrator, Malware & Threats, Patch Tuesday, Vulnerabilities /

Adobe Patches 207 Security Bugs in Mega Patch Tuesday Bundle 12/12/2023 at 23:47 By Ryan Naraine Adobe warned users on both Windows and macOS systems about exposure to code execution, memory leaks and denial-of-service security issues. The post Adobe Patches 207 Security Bugs in Mega Patch Tuesday Bundle appeared first on SecurityWeek. This article is

React to this headline:

Loading spinner

Adobe Patches 207 Security Bugs in Mega Patch Tuesday Bundle Read More »

SAP Patches Critical Vulnerability in Business Technology Platform

SAP, Vulnerabilities /

SAP Patches Critical Vulnerability in Business Technology Platform 12/12/2023 at 22:01 By Ionut Arghire SAP patches multiple vulnerabilities in the Business Technology Platform, including a critical elevation of privilege bug. The post SAP Patches Critical Vulnerability in Business Technology Platform appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original

React to this headline:

Loading spinner

SAP Patches Critical Vulnerability in Business Technology Platform Read More »

Flaws in Backup Migration and Elementor WordPress Plugins Allow Remote Code Execution

Vulnerabilities, WordPress /

Flaws in Backup Migration and Elementor WordPress Plugins Allow Remote Code Execution 12/12/2023 at 17:31 By Ionut Arghire Critical remote code execution flaws in Backup Migration and Elementor plugins expose WordPress sites to attacks. The post Flaws in Backup Migration and Elementor WordPress Plugins Allow Remote Code Execution appeared first on SecurityWeek. This article is

React to this headline:

Loading spinner

Flaws in Backup Migration and Elementor WordPress Plugins Allow Remote Code Execution Read More »

Apple Ships iOS 17.2 With Urgent Security Patches

apple, Application Security, iOS 16.7.3, iOS 17.2, iPhone, Mobile & Wireless, Vulnerabilities, WebKit /

Apple Ships iOS 17.2 With Urgent Security Patches 12/12/2023 at 01:31 By Ryan Naraine Cupertino’s flagship mobile OS vulnerable to arbitrary code execution and data exposure security vulnerabilities. The post Apple Ships iOS 17.2 With Urgent Security Patches appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source React

React to this headline:

Loading spinner

Apple Ships iOS 17.2 With Urgent Security Patches Read More »

‘5Ghoul’ Vulnerabilities Haunt Qualcomm, MediaTek 5G Modems

5G, CVE-2023-33042, CVE-2023-33043, IoT Security, MediaTek, Mobile & Wireless, Qualcomm, Vulnerabilities /

‘5Ghoul’ Vulnerabilities Haunt Qualcomm, MediaTek 5G Modems 12/12/2023 at 00:31 By Ionut Arghire Researchers call attention to 14 security defects taht can be exploited to drop and freeze 5G connections on smartphones and routers. The post ‘5Ghoul’ Vulnerabilities Haunt Qualcomm, MediaTek 5G Modems appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS

React to this headline:

Loading spinner

‘5Ghoul’ Vulnerabilities Haunt Qualcomm, MediaTek 5G Modems Read More »

Google Patches Chromecast Vulnerabilities Exploited at Hacking Contest

Chromecast, hacking competition, Vulnerabilities /

Google Patches Chromecast Vulnerabilities Exploited at Hacking Contest 11/12/2023 at 18:16 By Eduard Kovacs Google has patched several high and moderate-severity Chromecast vulnerabilities demonstrated earlier this year at a hacking competition.  The post Google Patches Chromecast Vulnerabilities Exploited at Hacking Contest appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View

React to this headline:

Loading spinner

Google Patches Chromecast Vulnerabilities Exploited at Hacking Contest Read More »

Apache Patches Critical RCE Vulnerability in Struts 2

Apache, Vulnerabilities /

Apache Patches Critical RCE Vulnerability in Struts 2 11/12/2023 at 15:49 By Ionut Arghire Apache has addressed a critical-severity Struts 2 file upload vulnerability that could lead to remote code execution. The post Apache Patches Critical RCE Vulnerability in Struts 2 appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View

React to this headline:

Loading spinner

Apache Patches Critical RCE Vulnerability in Struts 2 Read More »

WordPress 6.4.2 Patches Remote Code Execution Vulnerability

Vulnerabilities, WordPress /

WordPress 6.4.2 Patches Remote Code Execution Vulnerability 08/12/2023 at 18:32 By Ionut Arghire WordPress 6.4.2 patches a flaw that could be chained with another vulnerability to execute arbitrary code. The post WordPress 6.4.2 Patches Remote Code Execution Vulnerability appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source React

React to this headline:

Loading spinner

WordPress 6.4.2 Patches Remote Code Execution Vulnerability Read More »

Russian APT Used Zero-Click Outlook Exploit

APT28, Cyberwarfare, Microsoft Outlook, Russia, Vulnerabilities /

Russian APT Used Zero-Click Outlook Exploit 08/12/2023 at 18:32 By Ionut Arghire Russian threat actor APT28 has been exploiting a no-interaction Outlook vulnerability in attacks against 14 countries. The post Russian APT Used Zero-Click Outlook Exploit appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source React to this

React to this headline:

Loading spinner

Russian APT Used Zero-Click Outlook Exploit Read More »

Atlassian Patches Critical Remote Code Execution Vulnerabilities

Atlassian, Vulnerabilities /

Atlassian Patches Critical Remote Code Execution Vulnerabilities 07/12/2023 at 13:32 By Ionut Arghire Atlassian has released patches for critical-severity remote code execution flaws in Confluence and other products. The post Atlassian Patches Critical Remote Code Execution Vulnerabilities appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source React to

React to this headline:

Loading spinner

Atlassian Patches Critical Remote Code Execution Vulnerabilities Read More »

Exploitation of Recent Cisco IOS XE Vulnerabilities Spikes

Cisco, exploited, Vulnerabilities /

Exploitation of Recent Cisco IOS XE Vulnerabilities Spikes 06/12/2023 at 19:03 By Ionut Arghire The Shadowserver Foundation warns of an increase in the number of devices hacked via recent Cisco IOS XE vulnerabilities. The post Exploitation of Recent Cisco IOS XE Vulnerabilities Spikes appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS

React to this headline:

Loading spinner

Exploitation of Recent Cisco IOS XE Vulnerabilities Spikes Read More »

Enterprise, Consumer Devices Exposed to Attacks via Malicious UEFI Logo Images

Endpoint Security, UEFI, Vulnerabilities, vulnerability /

Enterprise, Consumer Devices Exposed to Attacks via Malicious UEFI Logo Images 06/12/2023 at 19:03 By Eduard Kovacs LogoFAIL is an UEFI image parser attack allowing hackers to compromise consumer and enterprise devices using malicious logo images. The post Enterprise, Consumer Devices Exposed to Attacks via Malicious UEFI Logo Images appeared first on SecurityWeek. This article

React to this headline:

Loading spinner

Enterprise, Consumer Devices Exposed to Attacks via Malicious UEFI Logo Images Read More »

Chrome 120 Patches 10 Vulnerabilities

Chrome, Vulnerabilities /

Chrome 120 Patches 10 Vulnerabilities 06/12/2023 at 17:46 By Ionut Arghire Chrome 120 was released in the stable channel with patches for 10 vulnerabilities, including five externally reported flaws. The post Chrome 120 Patches 10 Vulnerabilities appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source React to this

React to this headline:

Loading spinner

Chrome 120 Patches 10 Vulnerabilities Read More »

CISA Urges Federal Agencies to Patch Exploited Qualcomm Vulnerabilities

CISA KEV, Qualcomm, Vulnerabilities /

CISA Urges Federal Agencies to Patch Exploited Qualcomm Vulnerabilities 06/12/2023 at 16:01 By Ionut Arghire CISA has added to its Known Exploited Vulnerabilities Catalog four Qualcomm bugs, including three exploited as zero-days. The post CISA Urges Federal Agencies to Patch Exploited Qualcomm Vulnerabilities appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS

React to this headline:

Loading spinner

CISA Urges Federal Agencies to Patch Exploited Qualcomm Vulnerabilities Read More »

Apple Patches WebKit Flaws Exploited on Older iPhones

apple, CVE-2023-42916, CVE-2023-42917, Endpoint Security, Featured, iOS, macOS, Malware & Threats, Vulnerabilities /

Apple Patches WebKit Flaws Exploited on Older iPhones 30/11/2023 at 23:02 By Ryan Naraine Apple’s security response team warns that flaws CVE-2023-42916 and CVE-2023-42917 were already exploited against versions of iOS before iOS 16.7.1. The post Apple Patches WebKit Flaws Exploited on Older iPhones appeared first on SecurityWeek. This article is an excerpt from SecurityWeek

React to this headline:

Loading spinner

Apple Patches WebKit Flaws Exploited on Older iPhones Read More »

Major Security Flaws in Zyxel Firewalls, Access Points, NAS Devices

CISA KEV, firewall, NAS, Network Security, Ransomware, Vulnerabilities, Zyxel /

Major Security Flaws in Zyxel Firewalls, Access Points, NAS Devices 30/11/2023 at 20:18 By Ryan Naraine Zyxel patches at least 15 security flaws that expose users to authentication bypass, command injection and denial-of-service attacks. The post Major Security Flaws in Zyxel Firewalls, Access Points, NAS Devices appeared first on SecurityWeek. This article is an excerpt

React to this headline:

Loading spinner

Major Security Flaws in Zyxel Firewalls, Access Points, NAS Devices Read More »

Google Patches Seventh Chrome Zero-Day of 2023

Chrome, exploited, Featured, Vulnerabilities, Zero-Day /

Google Patches Seventh Chrome Zero-Day of 2023 29/11/2023 at 16:46 By Ionut Arghire The latest Chrome security update addresses the seventh exploited zero-day vulnerability documented in the browser in 2023. The post Google Patches Seventh Chrome Zero-Day of 2023 appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source

React to this headline:

Loading spinner

Google Patches Seventh Chrome Zero-Day of 2023 Read More »

Exploitation of Critical ownCloud Vulnerability Begins

exploited, Featured, Malware & Threats, ownCloud, Vulnerabilities /

Exploitation of Critical ownCloud Vulnerability Begins 28/11/2023 at 18:01 By Ionut Arghire Threat actors have started exploiting a critical ownCloud vulnerability leading to sensitive information disclosure. The post Exploitation of Critical ownCloud Vulnerability Begins appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source React to this headline:

React to this headline:

Loading spinner

Exploitation of Critical ownCloud Vulnerability Begins Read More »

Critical ownCloud Flaws Lead to Sensitive Information Disclosure, Authentication Bypass

CVSS 10, Data Protection, Endpoint Security, GraphAPI, ownCloud, Vulnerabilities /

Critical ownCloud Flaws Lead to Sensitive Information Disclosure, Authentication Bypass 27/11/2023 at 19:46 By Ionut Arghire Three critical vulnerabilities in ownCloud could lead to sensitive information disclosure and authentication and validation bypass. The post Critical ownCloud Flaws Lead to Sensitive Information Disclosure, Authentication Bypass appeared first on SecurityWeek. This article is an excerpt from SecurityWeek

React to this headline:

Loading spinner

Critical ownCloud Flaws Lead to Sensitive Information Disclosure, Authentication Bypass Read More »

Scroll to Top