Cisco has released a Security Advisory for the actively exploited worldwide CVE-2020-3452. Cisco Read-Only Path Traversal Vulnerability in the web services interface of Adaptive Security Appliance (ASA) Software and Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to perform directory traversal attacks & read sensitive files on the system. Rapid 7 Researchers found […]
Read More →Microsoft has released patches to fix two remote code execution vulnerabilities in Microsoft Windows Codecs Library. HEVC or Windows codecs library is responsible for handling large media files and decoding them for playback. HEVC is used by developers as it supports a multitude of different file formats. This Windows Extension is designed to take advantage […]
Read More →Treck TCP/IP is a high-performance TCP/IP protocol suite designed for embedded systems. A set of 19 critical and high-severity security vulnerabilities have been discovered by Israeli security research firm JSOF in a low-level TCP/IP software library developed by Treck. Dubbed “Ripple20“, affecting hundreds of millions of internet of things (IoT) and industrial control devices. If […]
Read More →The Server Message Block Protocol (SMB protocol) which runs over TCP port 445 is a client-server communication protocol used for sharing access to files, printers, network browsing, and inter-process communication over a network. Security researchers from ZecOps have discovered a new critical vulnerability ‘SMBleed’ affecting the Server Message Block (SMB) protocol that could allow attackers to […]
Read More →The SAP Adaptive Server Enterprise (ASE), previously known as Sybase SQL Server, is a high-performance relational database server that can be hosted on-premise or cloud structure that is used by over 30,000 organizations worldwide, including banking institutions, healthcare companies, security firms, according to SAP marketing materials. In May, SAP released a security update fixing several […]
Read More →Apple released security updates for multiple products. A total of 59 vulnerabilities were addressed. The exploitation of some of these security flaws could allow an attacker to take control of an affected system. The update for macOS includes fixes for 48 vulnerabilities which could allow an attacker to execute arbitrary code with kernel privileges, cause […]
Read More →Adobe had released security updates providing fixes for 16 critical vulnerabilities in Adobe Acrobat, Reader, and Adobe DNG Software Development Kit. A total of 36 security bugs were patched in this release. The critical vulnerabilities could allow the attackers to execute arbitrary code or bypass the target machine’s security features. These flaws affect Windows and […]
Read More →Although its not a Patch Tuesday, Adobe has released some of the emergency security updates to its products like Adobe Bridge, Illustrator, and Magento. So its time for all the users of these applications to be heedful. The software giant has announced the release of patches to its products in order to patch multiple […]
Read More →Microsoft has released March Patch Tuesday security updates, addressing a total of 113 vulnerabilities in the family of Windows operating systems and related products. Out of these, 26 are classified as Critical and 86 as Important which includes Office Services and Web Apps, Internet Explorer, Microsoft Windows, Edge (EdgeHTML-based and Chromium-based), Microsoft Exchange Server, Azure […]
Read More →Microsoft has released February Patch Tuesday security updates, addressing total 101 vulnerabilities in the family of Windows operating systems and related products. Out of these, 13 are classified as Critical and 88 as Important which includes Office Services and Web Apps, Internet Explorer, Edge, Microsoft Exchange Server, Malicious Software Removal Tool, and Surface Hub. The […]
Read More →