Tag: flaws

November 30, 2022

Researchers have disclosed details of three new security vulnerabilities affecting operational technology (OT) products from CODESYS and Festo that could lead to source code tampering and denial-of-service (DoS). The vulnerabilities, reported by Forescout Vedere Labs, are the latest in a […]

November 9, 2022

Citrix has released a fix for three high-severity vulnerabilities discovered in two of its popular products, and is now urging users to apply the patch immediately. The company has fixed three flaws found in Citrix ADC and Citrix Gateway. ADC […]

October 26, 2022

The US Cybersecurity and Infrastructure Security Agency (CISA) this week added two flaws affecting Cisco’s AnyConnect product to its Known Exploited Vulnerabilities catalog. The vulnerabilities, tracked as CVE-2020-3433 and CVE-2020-3153, affect the AnyConnect Secure Mobility Client for Windows, and they […]

October 3, 2022

Atlassian Bitbucket is a Git-based repository management solution that provides source code hosting and sharing capabilities. Tracked as CVE-2022-36804 (CVSS score of 9.9), the now-exploited vulnerability is described as a command injection bug that impacts multiple API endpoints of Bitbucket […]

September 21, 2022

The vulnerabilities affecting the iBoot-PDU product were identified by researchers at industrial cybersecurity firm Claroty, who found a total of seven issues, including ones allowing a remote, unauthenticated attacker to execute arbitrary code. iBoot PDU vulnerabilitiesThe impacted PDU provides a […]

September 14, 2022

Tech giant Microsoft on Tuesday shipped fixes to quash 64 new security flaws across its software lineup, including one zero-day flaw that has been actively exploited in real-world attacks. Of the 64 bugs, five are rated Critical, 57 are rated […]

August 31, 2022

Google’s latest Chrome browser, version 105, is out, though the full version number is annoyingly different depending on whether you are on Windows, Mac or Linux. On Unix-like systems (Mac and Linux), you want 105.0.5195.52, but on Windows, you’re looking […]

August 12, 2020

Microsoft August 2020 Patch Tuesday updates have addressed 120 flaws, including two zero-day vulnerabilities that have been exploited in attacks in the wild. The two issues are a Windows spoofing bug and a remote code execution flaw in Internet Explorer. […]

August 7, 2020

Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. Based on research that Trend Micro released during Black Hat USA this past week, […]

April 29, 2020

Adobe has released security updates that address multiple vulnerabilities in Adobe Illustrator, Bridge, and Magento, including some critical remote code execution flaws. The remote code execution flaws could be exploited by an attacker to execute commands in the security context […]

March 13, 2020

The Popup Builder WordPress plugin is affected by security flaws that could be exploited by unauthenticated attackers to inject malicious JavaScript code into popups displayed on websites using it. More than 100,000 websites are exposed to cyber attacks that could […]

October 17, 2019

Cisco Systems has released a security update stomping out critical and high-severity flaws impacting its Aironet access points, which are entry-level wireless access points (APs) used by mid-size enterprises in their offices or small warehouses. It also issued a slew […]

August 22, 2019

Cisco has fixed over 30 vulnerabilities in various solutions, including Cisco UCS Director, Cisco UCS Director Express for Big Data, Cisco IMC Supervisor, and the Cisco 220 Series smart switches. Cisco 220 Series exploit Users of Cisco UCS Director and […]

August 13, 2019

Attackers have learned that vulnerabilities can hide in the gaps: gaps between components of a system or gaps in a process or procedure. A researcher last week at DEF CON in Las Vegas showed that device drivers — the small […]

August 12, 2019

5G technology is almost ready to take off in the U.S. While the upgrade was set to go live in 2020, some major cities have, or will soon have, access to the faster wireless speeds — if your device is […]

November 21, 2018

Security experts have found several vulnerabilities affecting Dell EMC Avamar and Integrated Data Protection Appliance products. They also warn that VMware’s vSphere Data Protection, which is based on Avamar, is also affected by the issues. Dell EMC released security updates […]

October 12, 2018

An audit commissioned by Mozilla for the Firefox update system revealed no critical vulnerabilities and the flaws rated “high severity” were not easy to exploit. Experts at Germany-based X41 spent 27 days analyzing the Firefox Application Update Service (AUS), including […]

September 18, 2018

Facebook announced on Monday that it has expanded its bug bounty program to introduce rewards for reports describing vulnerabilities that involve the exposure of user access tokens. Access tokens allow users to log into third-party applications and websites through Facebook. […]

September 14, 2018

A team of security researchers demonstrated that the firmware running on nearly all modern computers is vulnerable to cold boot attacks. A team of experts from cybersecurity firm F-Secure has discovered security flaws affecting firmware in modern computers that could […]

September 10, 2018

Google has released its September 2018 security patches for Android, which resolves more than 50 vulnerabilities in the operating system. The September 2018 Android Security Bulletin is split into two parts, the 2018-09-01 security patch level, which resolves 24 bugs, […]