April 2020 - Securezoo

WordPress security release 5.4.1 fixes 7 vulnerabilities

Security Updates & Patches, Vulnerabilities & Exploits / Frank Crast / April 30, 2020 / WordPress

WordPress has released version 5.4.1 security update that fixes multiple bugs and security vulnerabilities. All WordPress versions 5.4 and earlier are affected.

WordPress security release 5.4.1 fixes 7 vulnerabilities Read More »

Samba releases security updates

Security Updates & Patches, Vulnerabilities & Exploits / Frank Crast / April 30, 2020 / AD, CVE-2020-170700, CVE-2020-170704, LDAP, Samba

Samba has released a software update and patches for two security vulnerabilities (CVE-2020-170704 and CVE-2020-170700) that impact Samba products. A remote attacker could take advantage of these bugs and exploit unpatched systems.

Samba releases security updates Read More »

VMware patches Stored XSS vulnerability (CVE-2020-3955) in ESXi

Security Updates & Patches, Vulnerabilities & Exploits / Frank Crast / April 29, 2020 / CVE-2020-3947, ESXi, VMware

VMware has released a patch for a High severity Stored cross-site scripting (XSS) vulnerability in VMware ESXi.

VMware patches Stored XSS vulnerability (CVE-2020-3955) in ESXi Read More »

Adobe releases security updates for Magento, Bridge and Illustrator

Security Updates & Patches, Vulnerabilities & Exploits / Frank Crast / April 29, 2020 / Bridge, CVE-2020-9576, CVE-2020-9578, CVE-2020-9579, CVE-2020-9580, CVE-2020-9582, CVE-2020-9583, Illustrator, Magento

Adobe has released security updates to address vulnerabilities in Magento, Bridge and Illustrator products. Successful exploitation could lead to arbitrary code execution or information disclosure.

Adobe releases security updates for Magento, Bridge and Illustrator Read More »

Juniper releases out-of-band security update to fix vulnerability in J-Web and web based services

Network Security, Security Updates & Patches, Vulnerabilities & Exploits / Frank Crast / April 28, 2020 / CVE-2020-1631, Dynamic-VPN, HTTPS, J-Web, Juniper, Junos, VPN

Juniper has released an out-of-band security update for a Junos OS vulnerability CVE-2020-1631 in J-Web and web based (HTTP/HTTPS) services.

Juniper releases out-of-band security update to fix vulnerability in J-Web and web based services Read More »

Google releases Chrome security update (81.0.4044.129)

Security Updates & Patches, Vulnerabilities & Exploits / Frank Crast / April 28, 2020 / Chrome, Chrome 81, CVE-2020-6461, CVE-2020-6462

Google has released Chrome 81.0.4044.129 for Windows, Mac and Linux. An attacker could exploit these vulnerabilities to take control of impacted systems.

Google releases Chrome security update (81.0.4044.129) Read More »

OpenSSL patches High risk vulnerability (CVE-2020-1967)

Security Updates & Patches, Vulnerabilities & Exploits / Frank Crast / April 24, 2020 / CVE-2020-1967, DOS, OpenSSL, SSL_check_chain, TLS 1.3

OpenSSL patched a high severity vulnerability CVE-2020-1967 in certain OpenSSL versions. As a result, a bad actor could exploit and launch a Denial of Service attack against impacted systems.

OpenSSL patches High risk vulnerability (CVE-2020-1967) Read More »