The Apache Software Foundation has patched a Struts 2 vulnerability CVE-2020-17530 that may lead to remote code execution.
Microsoft has released the December 2020 Security updates that includes patches for 58 vulnerabilities, 9 of them rated Critical.
OpenSSL patched a high severity vulnerability CVE-2020-1971 in certain OpenSSL versions. As a result, a bad actor could exploit and launch a Denial of Service attack against impacted systems.
The Apache Software Foundation has patched a Tomcat HTTP/2 Request header mix-up vulnerability CVE-2020-17527.
Google has released Chrome 87 security update (87.0.4280.88) for Windows, Mac and Linux with fixes for 8 vulnerabilities. The tech giant also released a new Chrome OS version and Chrome browser update for Android.
Apple has released a security update to fix multiple vulnerabilities in iCloud for Windows 11.5. A hacker could exploit some of these vulnerabilities to take control of affected devices.
VMware has issued a workaround for a Critical command injection vulnerability CVE-2020-4006 in multiple VMware products.
Google has released Chrome OS 86.0.4240.199 security update for Chrome OS devices, as well as a new Chrome for Android update.
Cybersecurity experts are warning hackers are targeting nearly 50,000 vulnerable unpatched Fortinet VPNs to steal passwords.
Drupal has released a security update that fixes two Critical arbitrary PHP code execution vulnerabilities (CVE-2020-28949 and CVE-2020-28948) in multiple versions of Drupal.