Google has released a security advisory for its Chrome users on Windows, Mac, and Linux, addressing two very critical Zero-Day exploits being exploited in the wild. These Vulnerabilities can be tracked as CVE-2020-16013 and CVE-2020-16017. Endpoints that have not been patched are advised to deploy the patches ASAP. The flaws were reported by “anonymous” sources to […]

Read More →

Microsoft has rolled out November Patch Tuesday security updates for 112 vulnerabilities in its product line including Windows operating system, Edge browser, and developer tools. Out of these one vulnerability is identified as a zero-day, 17 are classified as critical and 93 are classified as important. The vulnerabilities are in the categories of elevation of privilege, […]

Read More →

Oracle has addressed a critical Remote Code Execution (RCE) vulnerability in the rare out-of-band patch in numerous versions of Oracle WebLogic Server. The vulnerability is assigned CVE-2020-14750 which has a CVSS base score of 9.8 out of 10 and it is remotely exploitable without any authentication or user interaction.  According to Eric Maurice, director of security […]

Read More →

Critical Remote Code Execution (RCE) vulnerability CVE-2020-14882 in the console component of the WebLogic Server allows unauthenticated, remote attackers to execute commands on the affected servers. Oracle has assigned its CVSSv3 score of 9.8 out of 10 which clearly shows this vulnerability’s criticality and should be patched ASAP. Johannes B. Ullrich, dean of research at […]

Read More →

We all know the popularity and intensively large audience of the Google Chrome browser which can be used on Windows, Mac, or Linux computers and Android devices. To the ones who are currently using the same and have not yet deployed the patch, it’s time to update their Chrome browsers to the latest version 86.0.4240.111 […]

Read More →

Microsoft has released October Patch Tuesday security updates, addressing a total of 87 vulnerabilities in the family of Windows operating systems and related products. In which, 11 are classified as Critical that can be used by the attackers to get complete control over an unpatched victim system. All of the critical bugs are remote code […]

Read More →

Microsoft has released September Patch Tuesday security updates with a total release of 129 vulnerabilities, In which 23 are classified as Critical with Remote Code Execution(RCE) 105 are classified as important and 1 is classified as moderate that reside in the Microsoft Windows, Microsoft Exchange Server, Internet Explorer (IE), Microsoft Edge (EdgeHTML-based and Chromium-based in […]

Read More →

A high-severity ‘use-after-free’ vulnerability tracked as CVE-2020-6492 with a CVSSv3 base score of 8.3 exists in WebGL [Web Graphics Library] component of the Google Chrome web browser that could be used to execute arbitrary code in the context of the browser process. WebGL (Web Graphics Library) is a JavaScript API for rendering high-performance interactive 3D […]

Read More →

Microsoft has released patches to fix two remote code execution vulnerabilities in Microsoft Windows Codecs Library. HEVC or Windows codecs library is responsible for handling large media files and decoding them for playback. HEVC is used by developers as it supports a multitude of different file formats. This Windows Extension is designed to take advantage […]

Read More →

Treck TCP/IP is a high-performance TCP/IP protocol suite designed for embedded systems. A set of 19 critical and high-severity security vulnerabilities have been discovered by Israeli security research firm JSOF in a low-level TCP/IP software library developed by Treck. Dubbed “Ripple20“, affecting hundreds of millions of internet of things (IoT) and industrial control devices. If […]

Read More →