Vulnerabilities & Exploits

Frank Crast

Adobe releases security updates for Adobe Acrobat and Reader, Adobe DNG SDK

Security Updates & Patches, Vulnerabilities & Exploits / Frank Crast / May 13, 2020 / Acrobat, Acrobat and Reader, Adobe, CVE-2020-9589, CVE-2020-9590, CVE-2020-9592, CVE-2020-9594, CVE-2020-9596, CVE-2020-9597, CVE-2020-9604, CVE-2020-9605, CVE-2020-9606, CVE-2020-9607, CVE-2020-9612, CVE-2020-9613, CVE-2020-9614, CVE-2020-9615, CVE-2020-9620, CVE-2020-9621, DNG, Reader

Adobe has released security updates to address vulnerabilities in Adobe Acrobat and Reader, as well as Adobe DNG Software Development Kit (SDK). Successful exploitation could lead to arbitrary code execution or information disclosure.

Adobe releases security updates for Adobe Acrobat and Reader, Adobe DNG SDK Read More »

Frank Crast

Microsoft May 2020 Security Updates (16 Critical vulnerabilities fixed)

Security Updates & Patches, Vulnerabilities & Exploits / Frank Crast / May 13, 2020 / .NET, .NET Core, Autodesk, ChakraCore, CVE-2020-1023, CVE-2020-1024, CVE-2020-1028, CVE-2020-1037, CVE-2020-1062, CVE-2020-1064, CVE-2020-1065, CVE-2020-1069, CVE-2020-1093, CVE-2020-1102, CVE-2020-1117, CVE-2020-1126, CVE-2020-1136, CVE-2020-1153, Edge, Internet Explorer, Microsoft Dynamics, OpenSSL, Power BI, Visual Studio, Windows Defender

Microsoft released the May 2020 Security Updates that includes 111 unique vulnerability fixes, 16 of those rated critical.

Microsoft May 2020 Security Updates (16 Critical vulnerabilities fixed) Read More »

Frank Crast

SaltStack, multiple vendors fix Critical vulnerabilities in Salt

Security Updates & Patches, Vulnerabilities & Exploits / Frank Crast / May 12, 2020 / CVE-2020-11651, CVE-2020-11652, Debian, F-Secure, OpenSUSE, Salt, Salt Stack, VMware

In case you missed it last week, SaltStack released security updates to fix two critical Salt vulnerabilities. Multiple vendors that integrate Salt into their products have also released patches or workarounds to address the flaws.

SaltStack, multiple vendors fix Critical vulnerabilities in Salt Read More »

Frank Crast

vBulletin patches Critical ‘incorrect access control’ vulnerability

Security Updates & Patches, Vulnerabilities & Exploits / Frank Crast / May 11, 2020 / CVE-2020-12720, Palo Alto Networks, vBulletin

Popular internet forum software maker vBulletin has patched a Critical vulnerability that affects multiple vBulletin 5 versions.

vBulletin patches Critical ‘incorrect access control’ vulnerability Read More »

Frank Crast

Cisco releases 12 High severity advisories for multiple products

Security Updates & Patches, Vulnerabilities & Exploits / Frank Crast / May 8, 2020 / ASA, Cisco, CVE-2020-3125, CVE-2020-3179, CVE-2020-3187, CVE-2020-3189, CVE-2020-3191, CVE-2020-3195, CVE-2020-3196, CVE-2020-3254, CVE-2020-3255, CVE-2020-3259, CVE-2020-3283, CVE-2020-3298, Firepower, FTD

Cisco has released 12 High severity security advisories for Cisco Adaptive Security Appliance (ASA) Software and Firepower products. In addition, a security fix was also released to address a Snort HTTP detection engine file policy bypass Vulnerability.

Cisco releases 12 High severity advisories for multiple products Read More »

Frank Crast

Mozilla releases Firefox 76 with new account password protections and security updates

Security Updates & Patches, Vulnerabilities & Exploits / Frank Crast / May 6, 2020 / CVE-2020-12387, CVE-2020-12388, CVE-2020-12395, Firefox, Firefox 76, Mozilla

The Mozilla Foundation has released Firefox 76 with new security protections for online account logins and passwords. The update also includes fixes for multiple vulnerabilities.

Mozilla releases Firefox 76 with new account password protections and security updates Read More »

Frank Crast

Google releases Chrome security update (81.0.4044.138)

Security Updates & Patches, Vulnerabilities & Exploits / Frank Crast / May 6, 2020 / Android, Chrome, Chrome 81, CVE-2020-6464, CVE-2020-6831

Google has released Chrome 81.0.4044.138 for Windows, Mac and Linux. An attacker could exploit these vulnerabilities to take control of impacted systems.

Google releases Chrome security update (81.0.4044.138) Read More »

Frank Crast

Alert: Weblogic vulnerability exploited in the wild (apply April CPUs without delay)

Cybersecurity Attacks, Vulnerabilities & Exploits / Frank Crast / May 3, 2020 / CVE-2020-2883, Fusion, Oracle, WebLogic

Oracle released a new warning that a previously patched Weblogic vulnerability CVE-2020-2883 is being exploited in the wild. The company further urged organizations should apply April CPUs without delay.

Alert: Weblogic vulnerability exploited in the wild (apply April CPUs without delay) Read More »

Frank Crast

Cisco patches IOS XE SD-WAN software command injection vulnerability

Network Security, Security Updates & Patches, Vulnerabilities & Exploits / Frank Crast / May 1, 2020 / Cisco, CVE-2019-16009, CVE-2019-16011, iOS, IOS XE, Networking, SD-WAN

Cisco has released a High severity security update that fixes an IOS XE SD-WAN software command injection vulnerability CVE-2019-16011.

Cisco patches IOS XE SD-WAN software command injection vulnerability Read More »

Frank Crast

WordPress security release 5.4.1 fixes 7 vulnerabilities

Security Updates & Patches, Vulnerabilities & Exploits / Frank Crast / April 30, 2020 / WordPress

WordPress has released version 5.4.1 security update that fixes multiple bugs and security vulnerabilities. All WordPress versions 5.4 and earlier are affected.

WordPress security release 5.4.1 fixes 7 vulnerabilities Read More »