A high-severity ‘use-after-free’ vulnerability tracked as CVE-2020-6492 with a CVSSv3 base score of 8.3 exists in WebGL [Web Graphics Library] component of the Google Chrome web browser that could be used to execute arbitrary code in the context of the browser process. WebGL (Web Graphics Library) is a JavaScript API for rendering high-performance interactive 3D […]
Read More →Microsoft has released August Patch Tuesday security updates, addressing a total number of 120 vulnerabilities, including two Zero-days in the family of Windows operating systems and related products. Out of these, 17 are classified as Critical and 103 as Important which includes Microsoft Windows, Edge EdgeHTML-based, Chromium-based, ChakraCore, Internet Explorer, Microsoft Office, and Microsoft Office Services […]
Read More →A high-risk vulnerability was found in TeamViewer for Windows. It is tracked as “CVE-2020-13699“, with a CVSS base score of “8.8” that could be exploited by remote attackers to crack users’ password and thereupon, lead to the further system exploitation. TeamViewer is a software application for remote control, desktop sharing, online meetings, web conferencing and […]
Read More →Microsoft has released July Patch Tuesday security updates, addressing a massive number of 123 vulnerabilities and one advisory in the family of Windows operating systems and related products. Out of these, 18 are classified as Critical and 105 as Important which includes Microsoft Windows, Edge EdgeHTML-based, Chromium-based, ChakraCore, Internet Explorer, Microsoft Office, and Microsoft Office […]
Read More →Palo Alto Network(PAN) has recently fixed a critical vulnerability, related to the PAN-OS operating systems. The operating systems are known to power Palo Alto’s next-generation firewall. The vulnerability is tracked as CVE-2020-2021 with a CVSSv3 base score of 10. PAN-OS is the custom operating system (OS) that Palo Alto Networks (PAN) uses in their next-generation […]
Read More →Security researchers at Check Point have uncovered multiple critical reverse RDP vulnerabilities in the Apache Guacamole. Apache Guacamole is a clientless remote desktop gateway. It supports standard protocols like VNC, RDP, and SSH, together with MFA (Multi-Factor Authentication), compliance checks on the BYOD side, and several security controls like IPS, SOC anomaly detections and more. […]
Read More →Treck TCP/IP is a high-performance TCP/IP protocol suite designed for embedded systems. A set of 19 critical and high-severity security vulnerabilities have been discovered by Israeli security research firm JSOF in a low-level TCP/IP software library developed by Treck. Dubbed “Ripple20“, affecting hundreds of millions of internet of things (IoT) and industrial control devices. If […]
Read More →The Server Message Block Protocol (SMB protocol) which runs over TCP port 445 is a client-server communication protocol used for sharing access to files, printers, network browsing, and inter-process communication over a network. Security researchers from ZecOps have discovered a new critical vulnerability ‘SMBleed’ affecting the Server Message Block (SMB) protocol that could allow attackers to […]
Read More →The SAP Adaptive Server Enterprise (ASE), previously known as Sybase SQL Server, is a high-performance relational database server that can be hosted on-premise or cloud structure that is used by over 30,000 organizations worldwide, including banking institutions, healthcare companies, security firms, according to SAP marketing materials. In May, SAP released a security update fixing several […]
Read More →Apple released security updates for multiple products. A total of 59 vulnerabilities were addressed. The exploitation of some of these security flaws could allow an attacker to take control of an affected system. The update for macOS includes fixes for 48 vulnerabilities which could allow an attacker to execute arbitrary code with kernel privileges, cause […]
Read More →