Researchers have discovered a Critical 0-day vulnerability (CVE-2021-44228) in Apache Log4j logging utility that can result in remote code execution (RCE). In addition, CISA and Microsoft also issue new guidance for log4j vulnerability remediation.
Samba has released software updates to fix two High severity security vulnerabilities (CVE-2020-27840 and CVE-2021-20277) that impact Samba products. A remote attacker could take advantage of these bugs and exploit unpatched systems.
Samba has released a software update and patches for two security vulnerabilities (CVE-2020-170704 and CVE-2020-170700) that impact Samba products. A remote attacker could take advantage of these bugs and exploit unpatched systems.
Cisco has patched a critical vulnerability CVE-2019-16028 in the web-based management interface of Cisco Firepower Management Center (FMC). An unauthenticated, remote attacker could bypass authentication and execute arbitrary code on impacted FMC devices.
Cisco released an updated security advisory warning of active scanning activity for a highly critical remote code execution (RCE) vulnerability in the web-based VPN management interface of Cisco RV110W, RV130W, and RV215W Routers.