Microsoft has warned of active exploits in the wild for an MSHTML RCE Vulnerability (CVE-2021-40444). The tech giant also released workarounds for the threat until a permanent fix is released.
Fortinet has patched a High risk use-after-free vulnerability (CVE-2021-32589) in FortiManager and FortiAnalyzer fgfmsd daemon. An attacker could exploit the vulnerability to launch remote code execution (RCE) as root and take control of an impacted system.
Microsoft has released the June 2021 Security updates that includes patches for 50 vulnerabilities, 5 of those rated Critical. The updates also include fixes for 6 zero-day flaws exploited in the wild.
A security researcher has published proof-of-concept (PoC) exploit code for a Windows HTTP protocol stack remote code execution (RCE) vulnerability CVE-2021-31166.
F5 has patched two Critical remote code execution (RCE) and another two buffer overflow vulnerabilities that impact BIG-IP and BIG-IQ devices. Moreover, the security firm also addressed two other High severity bugs and one Medium severity flaw.
Adobe has released security updates to address vulnerabilities in Adobe Framemaker, Creative Cloud Desktop Application and Connect products.
Drupal has released a security update that fixes a Critical RCE vulnerability CVE-2020-13671 in multiple versions of Drupal.
F5 has patched a Critical remote code execution (RCE) vulnerability (CVE-2020-5902) in the Configuration utility of BIG-IP. Researchers further discovered 8,000 devices were vulnerable on the internet and could result in full system compromise.
Netgear has released firmware updates to fix a high severity remote code execution (RCE) vulnerability in multiple Netgear routers and other network devices. A remote attacker could exploit to take control of an affected device.
Microsoft has issued a new security advisory for two remote code execution (RCE) vulnerabilities in Adobe Type Manager (ATM) Library exploited in the wild. Microsoft also published several workarounds to reduce risk until a patch is rolled out.