Apple has fixed a zero-day vulnerability CVE-2021-30807 in macOS Big Sur and iOS versions that is under active attack.
Microsoft has issued a workaround for a serious zero-day vulnerability CVE-2021–36934 dubbed "SeriousSAM" that could allow an attacker to read any registry hives as a non-administrator.
Adobe has released security updates to address multiple vulnerabilities in Adobe Photoshop, Audition, Character Animator, Prelude, Premiere Pro, After Effects, and Media Encoder.
Drupal has patched a Critical third-party library vulnerability that affects multiple versions of Drupal Core. A remote attacker could exploit this vulnerability to compromise an affected system.
Apple has released security updates to fix vulnerabilities in iOS 14.7, macOS Big Sur 11.5, Safari 14.1.2, tvOS 14.7, watchOS 7.6, and other products.
Researchers have discovered a 16-year-old printer driver vulnerability CVE-2021-3438 that affects millions of printers worldwide, to include HP, Samsung and Xerox printer models.
Google has released Chrome 92 security update (92.0.4515.107) for Windows, Mac and Linux with fixes for 35 vulnerabilities.
Fortinet has patched a High risk use-after-free vulnerability (CVE-2021-32589) in FortiManager and FortiAnalyzer fgfmsd daemon. An attacker could exploit the vulnerability to launch remote code execution (RCE) as root and take control of an impacted system.
A researcher has discovered a Critical SQL-injection vulnerability in WooCommerce, an open-source e-commerce plugin for WordPress. WooCommerce promptly provided an emergency patch for the plugin to fix the issue.
Citrix has patched a vulnerability (CVE-2021-22928) in Virtual Apps and Desktops that could result in privilege escalation on a Windows Virtual Delivery Agent (VDA).