Vulnerabilities & Exploits Archives - Page 23 of 106

Drupal fixes 2 Moderately Critical vulnerabilities(CVE-2022-25271 and CVE-2022-25270)

Security Updates & Patches, Vulnerabilities & Exploits / Frank Crast / February 19, 2022 / CVE-2022-25270, CVE-2022-25271, Drupal

Drupal has patched two Moderately Critical improper input validation and information disclosure vulnerabilities that affect multiple versions of Drupal Core.

Drupal fixes 2 Moderately Critical vulnerabilities(CVE-2022-25271 and CVE-2022-25270) Read More »

BlackByte Ransomware compromised multiple entities in US critical infrastructure sectors

Cybersecurity Attacks, Malware, Vulnerabilities & Exploits / Frank Crast / February 19, 2022 / BlackByte, Exchange, FBI, Infrastructure, RaaS, Ransomware, USSS

The Federal Bureau of Investigation (FBI) and the U.S. Secret Service (USSS) issued a joint Cybersecurity Advisory warning of BlackByte ransomware compromising multiple entities in US critical infrastructure sectors.

BlackByte Ransomware compromised multiple entities in US critical infrastructure sectors Read More »

VMware releases Critical ESXi, Workstation, and Fusion security updates

Security Updates & Patches, Vulnerabilities & Exploits / Frank Crast / February 17, 2022 / CVE-2021-22040, CVE-2021-22041, CVE-2021-22042, CVE-2021-22043, CVE-2021-22050, ESXi, Fusion, VMware, Workstation

VMware has released Critical ESXi, Workstation, and Fusion security updates that address multiple vulnerabilities.

VMware releases Critical ESXi, Workstation, and Fusion security updates Read More »

CISA adds 9 vulnerabilities to Known Exploited Vulnerabilities Catalog (to include new Adobe and Chrome zero-days)

Security Updates & Patches, Vulnerabilities & Exploits, Zero-days / Frank Crast / February 16, 2022 / CVE-2013-3906, CVE-2014-1761, CVE-2017-9841, CVE-2018-15982, CVE-2018-20250, CVE-2018-8174, CVE-2019-0752, CVE-2022-0609, CVE-2022-24086

The Cybersecurity and Infrastructure Security Agency (CISA) has added 9 vulnerabilities to its Known Exploited Vulnerabilities Catalog. The issues include recently patched Adobe and Chrome zero-days.

CISA adds 9 vulnerabilities to Known Exploited Vulnerabilities Catalog (to include new Adobe and Chrome zero-days) Read More »

Google releases Chrome 98 security update with fix for zero-day vulnerability (CVE-2022-0609) exploited in the wild

Security Updates & Patches, Vulnerabilities & Exploits, Zero-days / Frank Crast / February 16, 2022 / Chrome, CVE-2022-0603, CVE-2022-0604, CVE-2022-0605, CVE-2022-0606, CVE-2022-0607, CVE-2022-0608, CVE-2022-0609, Zero-day

Google has released Chrome 98.0.4758.102 for Windows, Mac and Linux with fixes for multiple vulnerabilities, to include one zero-day (CVE-2022-0609) exploited in the wild.

Google releases Chrome 98 security update with fix for zero-day vulnerability (CVE-2022-0609) exploited in the wild Read More »

Adobe fixes Critical zero-day Commerce,  Magento vulnerability exploited in the wild

Security Updates & Patches, Vulnerabilities & Exploits, Zero-days / Frank Crast / February 14, 2022 / Adobe, Adobe Commerce, Commerce, CVE-2022-24086, Magento

Adobe has released security update that fixes a zero-day vulnerability CVE-2022-24086 for Adobe Commerce and Magento Open Source with reported exploits in the wild.

Adobe fixes Critical zero-day Commerce,  Magento vulnerability exploited in the wild Read More »

CISA adds 16 new vulnerabilities to Known Exploited Vulnerabilities Catalog

Security Updates & Patches, Vulnerabilities & Exploits / Frank Crast / February 11, 2022 / CISA, CVE-2018-1000861, CVE-2020-0796, CVE-2021-36934, CVE-2022-22620, SAM, SeriousSAM, SMBv1, Watchbog, Windows

The Cybersecurity and Infrastructure Security Agency (CISA) has added 16 vulnerabilities to its Known Exploited Vulnerabilities Catalog. The issues include recently patched Apple WebKit zero-day, SeriousSAM, SMBv3, and Jenkins vulnerabilities among others.

CISA adds 16 new vulnerabilities to Known Exploited Vulnerabilities Catalog Read More »

Apple releases iOS 15.3.1, macOS Monterey 12.2.1 and Safari 15.3 security updates for zero-day exploited in wild

Security Updates & Patches, Vulnerabilities & Exploits, Zero-days / Frank Crast / February 11, 2022 / CVE-2022-22620, iOS 15.3.1

Apple has released security updates for iOS 15.3.1, macOS Monterey 12.2.1, and Safari 15.3 with fixes for a zero-day vulnerability CVE-2022-22620 exploited in the wild.

Apple releases iOS 15.3.1, macOS Monterey 12.2.1 and Safari 15.3 security updates for zero-day exploited in wild Read More »

SAP February 2022 Security Patch Day addresses Critical log4j and ICMAD vulnerabilities

Security Updates & Patches, Vulnerabilities & Exploits / Frank Crast / February 11, 2022 / CVE-2021-44228, CVE-2022-22536, ICMAD, Log4j, log4Shell, SAP

Software giant SAP has released February 2022 Security Patch Day that includes 19 separate security advisories and patches, to include fixes for critical log4j and ICMAD vulnerabilities.

SAP February 2022 Security Patch Day addresses Critical log4j and ICMAD vulnerabilities Read More »

Android 12 patch addresses Critical ‘remote escalation of privilege’ vulnerability

Mobile Security, Security Updates & Patches, Vulnerabilities & Exploits / Frank Crast / February 9, 2022 / Android, Android 12, CVE-2021-39675

Google has released a new Android Security Bulletin that contains patches and details of security vulnerabilities affecting Android devices. One of the fixed issues is a Critical ‘remote escalation of privilege’ vulnerability CVE-2021-39675.

Android 12 patch addresses Critical ‘remote escalation of privilege’ vulnerability Read More »