Cisco noticed a steep rise in the exploitation attempts of a critical vulnerability in Cisco Adaptive Security Appliance (ASA) and Firepower Appliance. Cisco ASA is a family of security devices which is known to have a million deployments around the world. CVE-2018-0296 is a denial of service vulnerability which has been abused by attackers a […]

Read More →

Drupal is a free, open source software that can be used to easily create and manage many types of Web sites. Drupal also includes a Content Management Platform and a development framework. A set of critical vulnerabilities was identified and fixed in Drupal, the most severe of which could allow an attacker to overwrite sensitive […]

Read More →

Apple has rolled out security patches for various products. There are a total of 59 CVEs addressing arbitrary code execution, privilege escalation, information disclosure and denial of service vulnerabilities. Five vulnerabilities in macOS are considered very critical as they allow an attacker to execute arbitrary code with kernel privileges. A majority of the security bugs […]

Read More →

Adobe released its monthly set of security updates addressing 25 vulnerabilities in Adobe Acrobat and Reader, Photoshop CC, Brackets and ColdFusion. Seventeen of these vulnerabilities are rated Critical and a majority of the them are in Adobe Acrobat and Reader. As is the case with most critical vulnerabilities, these allow an attacker to execute arbitrary […]

Read More →

Microsoft released its monthly set of security updates today. The December 2019 Patch Tuesday fixed a total of 36 vulnerabilities in various products. 7 flaws are rated critical for Remote Code Execution and 28 are rated important. All the critical vulnerabilities lead to Remote Code Execution. The other bugs could allow an attacker to cause […]

Read More →

A new vulnerability(CVE-2019-14899) was discovered in Linux and Unix-like systems which allows an attacker in the adjacent network to inject data into the TCP stream and hijack connections. This vulnerability is known to work against OpenVPN, WireGuard, and IKEv2/IPSec, but the vulnerability impacts all VPN implementations. The tor browser seems to be unaffected by this […]

Read More →

OpenBSD is a free and open-source Unix-like operating system based on the Berkeley Software Distribution (BSD). It is widely regarded as one of the most secure operating systems available due to many of its security features. Security researchers at Qualys Research Labs have discovered four high-severity security vulnerabilities in OpenBSD, which include one authentication bypass […]

Read More →

EmbedThis GoAhead is a simple and compact embedded web server which can be used to efficiently host embedded web applications. GoAhead is a very popular web server and is known to have 1.3 million installations worldwide. A researcher from Cisco Talos discovered two security bugs in GoAhead Embedded Web Server. The two vulnerabilities are tracked […]

Read More →

Mozilla has released security updates for Firefox, Firefox ESR and Thunderbird. Eleven vulnerabilities were identified and fixed in Firefox and eight in Firefox ESR and Thunderbird each. The advisories have been ranked high in severity which indicates that the vulnerabilities can be used to gather sensitive data from sites in other windows or inject data […]

Read More →