Researchers have discovered a Critical authentication bypass vulnerability and two other flaws in multiple models of some Smart Switches.
Cisco has fixed a Critical authentication bypass vulnerability CVE-2021-34746 in NFV Infrastructure Software (NFVIS) TACACS+ authentication, authorization and accounting (AAA) feature.
Researchers have discovered a series of Bluetooth vulnerabilities dubbed BrakTooth that may affect over 1400 product listings.
The Internet Systems Consortium (ISC) has released a security update that fixes a High risk vulnerability CVE-2021-25218 in multiple versions of ISC Berkeley Internet Name Domain (BIND).
Cisco has released a security update for a Critical UPnP vulnerability CVE-2021-34730 in Small Business router models, as well as multiple vulnerabilities in other Cisco products.
Researchers have discovered a new eCh0raix ransomware variant that targets QNAP and Synology network-attached storage (NAS) devices.
Pulse Secure has fixed multiple Critical and High risk vulnerabilities as part of 9.1R12 update for Pulse Connect Secure (PCS) system software.
Fortinet has patched a High risk use-after-free vulnerability (CVE-2021-32589) in FortiManager and FortiAnalyzer fgfmsd daemon. An attacker could exploit the vulnerability to launch remote code execution (RCE) as root and take control of an impacted system.
Juniper Networks has released security advisories to fix many vulnerabilities on Junos OS, EX4300, PTX Series, QFX Series, SRX Series network devices and multiple other products.
Cisco issued an updated advisory warning of active exploits in the wild against a Cisco security appliance XSS vulnerability CVE-2020-3580. Proof of concept (PoC) exploit code has also been released to the public.