Drupal has released a security update that fixes a Critical RCE vulnerability CVE-2020-13671 in multiple versions of Drupal.
F5 has patched a Critical remote code execution (RCE) vulnerability (CVE-2020-5902) in the Configuration utility of BIG-IP. Researchers further discovered 8,000 devices were vulnerable on the internet and could result in full system compromise.
Netgear has released firmware updates to fix a high severity remote code execution (RCE) vulnerability in multiple Netgear routers and other network devices. A remote attacker could exploit to take control of an affected device.
Microsoft has issued a new security advisory for two remote code execution (RCE) vulnerabilities in Adobe Type Manager (ATM) Library exploited in the wild. Microsoft also published several workarounds to reduce risk until a patch is rolled out.
A recently patched vulnerability in newer versions of the PHP programming language is being exploited in the wild. The remote code execution (RCE) bug could allow an attacker to take over NGINX servers.
In case you missed it in the May security updates, Microsoft also provided patches to plug a critical remote code execution (RCE) vulnerability in older Windows XP and Windows Server 2003 operating systems (OS).
Drupal updated the severity of a remote code execution (RCE) vulnerability to "Highly Critical" after known exploits were discovered.
Cisco's Talos security group disclosed four vulnerabilities that impact the TP-Link TL-R600VPN router. Several of the discovered bugs could lead to remote code execution.
The Apache Software Foundation has released a security advisory that fixes a vulnerability in Commons FileUpload library in Apache Struts versions 2.3.36 and prior.
A proof-of-concept (POC) has been released for an exploit of a recently patched Microsoft Edge vulnerability.