Apache patches Struts 2 RCE vulnerability (CVE-2021-31805)
The Apache Software Foundation has patched a Struts 2 vulnerability CVE-2021-31805 that may lead to remote code execution.
The Apache Software Foundation has patched a Struts 2 vulnerability CVE-2021-31805 that may lead to remote code execution.
Adobe has released security updates for Adobe Acrobat and Reader, Photoshop, Commerce and After Effects.
The Microsoft April 2022 Security Updates includes patches and advisories for 117 vulnerabilities, ten of those rated Critical and two zero-day flaws.
Google has released Chrome 100.0.4896.88 for Windows, Mac and Linux with fixes for 11 vulnerabilities, 8 rated High severity.
The Cybersecurity and Infrastructure Security Agency (CISA) has added 3 vulnerabilities to its Known Exploited Vulnerabilities Catalog, to include Sudo, SMBv1 and Microsoft HTTP Protocol Stack vulnerabilities.
The Mozilla Foundation has patched three High risk vulnerabilities in Firefox 99, as well as a number of other bug fixes.
Google has released Chrome 100.0.4896.75 for Windows, Mac and Linux with fixes for just one High risk vulnerability. In addition, Google also issued security updates for Chrome for iOS, Chrome for Android and LTS-96.
GitLab has issued a security update to address a Critical vulnerability CVE-2022-1162 where static passwords were inadvertently set during OmniAuth-based registration.
The Cybersecurity and Infrastructure Security Agency (CISA) has added 7 vulnerabilities to its Known Exploited Vulnerabilities Catalog. Recent additions include vulnerabilities affecting Trend Micro, Sophos, Windows, QNAP, Dell, and Dasan products.
Spring has published new security fixes for Spring Framework “Spring4Shell” and Spring Cloud Function vulnerabilities.