Microsoft has issued a new security advisory for two remote code execution (RCE) vulnerabilities in Adobe Type Manager (ATM) Library exploited in the wild. Microsoft also published several workarounds to reduce risk until a patch is rolled out.
A recently patched vulnerability in newer versions of the PHP programming language is being exploited in the wild. The remote code execution (RCE) bug could allow an attacker to take over NGINX servers.
In case you missed it in the May security updates, Microsoft also provided patches to plug a critical remote code execution (RCE) vulnerability in older Windows XP and Windows Server 2003 operating systems (OS).
Drupal updated the severity of a remote code execution (RCE) vulnerability to "Highly Critical" after known exploits were discovered.
Cisco's Talos security group disclosed four vulnerabilities that impact the TP-Link TL-R600VPN router. Several of the discovered bugs could lead to remote code execution.
The Apache Software Foundation has released a security advisory that fixes a vulnerability in Commons FileUpload library in Apache Struts versions 2.3.36 and prior.
A proof-of-concept (POC) has been released for an exploit of a recently patched Microsoft Edge vulnerability.
Microsoft issued the October 2018 Security Updates that include nearly 50 unique vulnerability fixes, 12 of them rated critical.
Cisco released a security update to address three high severity remote code execution vulnerabilities in Cisco Webex Network Recording Player.
Security researchers have discovered proof-of-concept code of an Apache Struts vulnerability exploit, to include a Python script that makes it easier to exploit.