June 2020

Palo Alto Networks patches Critical PAN-OS authentication bypass vulnerability (CVE-2020-2021)

Palo Alto Networks has issued a Critical security advisory for PAN-OS authentication bypass in SAML authentication vulnerability CVE-2020-2021.

Palo Alto Networks patches Critical PAN-OS authentication bypass vulnerability (CVE-2020-2021) Read More »

Netgear fixes high risk vulnerability in multiple routers and network devices

Netgear has released firmware updates to fix a high severity remote code execution (RCE) vulnerability in multiple Netgear routers and other network devices. A remote attacker could exploit to take control of an affected device.

Netgear fixes high risk vulnerability in multiple routers and network devices Read More »

VMware security updates for ESXi, Workstation, Fusion, and Cloud Foundation (VMSA-2020-0015)

VMware issued a security advisory for ten vulnerabilities that impact VMware ESXi, Workstation, Fusion and Cloud Foundation products. An attacker could exploit one of these vulnerabilities and take control of an unpatched system.

VMware security updates for ESXi, Workstation, Fusion, and Cloud Foundation (VMSA-2020-0015) Read More »

Adobe releases security updates for Magento (APSB20-41) and EOL reminder

Adobe has released security updates to address vulnerabilities in Magento Commerce 1 and Magento Open Source 1. The company also warned that older Magento 1.x versions will be end of life (EOL) and no longer get software support after this patch update.

Adobe releases security updates for Magento (APSB20-41) and EOL reminder Read More »

Microsoft releases out-of-band patch for Windows 10 vulnerability (CVE-2020-1441)

Microsoft has released an out-of-band patch to fix a Windows 10 spatial data service vulnerability. An attacker could exploit the vulnerability to overwrite or modify a protected file leading to privilege escalation.

Microsoft releases out-of-band patch for Windows 10 vulnerability (CVE-2020-1441) Read More »

Drupal patches two critical security vulnerabilities

Drupal has released security updates to address Critical cross site request forgery (CSRF) and Arbitrary PHP code execution vulnerabilities affecting multiple versions of Drupal. A remote attacker could exploit these vulnerabilities to compromise an affected system. In the first security advisory SA-CORE-2020-004, Drupal patched one Critical CSRF vulnerability CVE-2020-13663. This issues exists when Drupal core Form

Drupal patches two critical security vulnerabilities Read More »