Strbleed is a critical flaw in the implementation of Simple Network Management Protocol (SNMP). It leads to access-control bypass, possibly involving an ISP customization in some cases. The authentication bypass vulnerability affects several IoT devices, which can be exploited by attackers by sending random values in specific requests. The vulnerability is tracked as CVE 2017-5135. SNMP […]

Read More →

Oracle has released 300 security updates as part of the quarterly patch release cycle. The Oracle Critical Patch Update – April 2017 provides fixes for: Database Server, Oracle Secure Backup, Oracle Berkeley DB, Oracle API Gateway, Oracle Fusion Middleware Products,  Enterprise Manager Base Platform, Oracle E-Business Suite, Oracle Transportation Manager, PeopleSoft Applications, JD Edwards EnterpriseOne […]

Read More →

Microsoft January 2017 Patch Tuesday brings 4 Security bulletins addressing 16 Vulnerabilities. One bulletin is rated as Critical and three are rated as Important. The critical bulletin MS17-003 for Adobe Flash Player covering 13 CVE’s. Critical vulnerabilities allow remote attackers to perform Remote Code Execution and Information Disclosure. The other bulletins which are marked as important […]

Read More →

Adobe has released one critical security update for Adobe Flash Player (APSB16-37) and one security update for Adobe Connect (APSB16-35). The security updates for Adobe Flash Player resolves critical vulnerabilities that allow attackers to execute arbitrary code and take control of the affected systems. The security updates for the Adobe Connect resolves an input validation […]

Read More →

Microsoft November 2016 Patch Tuesday brings 14 Security bulletins addressing 75 Vulnerabilities. Six bulletins are rated as Critical, eight are rated as Important. The Six Critical bulletins are as follows: MS16-129 for Microsoft’s Edge browser covers 17 CVE’s MS16-130 for Microsoft Windows covers 3 CVE’s MS16-131 for Microsoft Video Control covers 1 CVE’s MS16-132 for […]

Read More →