An external threat landscape management platform company, Cyfirma last Friday issued a bulletin warning of a critical vulnerability affecting Windows systems that is currently being actively exploited in the wild....
A critical security flaw in a family of text editors GNU Emacs could be exploited by a remote adversary to perform arbitrary commands on the system. The flaw, tracked as...
Recently, security researcher Carlos Bello from the Offensive Team of Fluid Attacks revealed a high sensitive vulnerability in the Microweber content management system that allows an attacker to take control...
Security researcher Mohamed Ghannam (@_simo36) has published the exploit code for a vulnerability in the iOS kernel that could help an attacker execute arbitrary code with kernel privileges. Tracked as...
Google on Thursday shipped emergency patches to address a security vulnerability in its Chrome web browser, which it says is being actively exploited in the wild. Tracked as CVE-2022-4135, Google...
The maintainers of the RubyGems package manager have addressed a high-risk security vulnerability in the CGI class that could have been abused to launch HTTP response-splitting attacks. Security researcher Hiroshi...
Recently, Redhat issued a risk notice for the Linux Kernel local privilege escalation vulnerability, the vulnerability tracked as CVE-2022-3910 (CVSS score: 7.4). This flaw is a use-after-free bug that exists...
Networking equipment maker Zyxel has pushed security updates for a critical vulnerability affecting some of its router products that could enable an attacker to take control of the devices. “A...
The developers of the free and open-source forum software MyBB last week revealed three vulnerabilities patched in their products. MyBB is a free and open source, community-based forum software project...
Apache Solr developers informed users on Tuesday that the product is affected by an XML external entity injection (XXE) attack (CVE-2022-39135). The security researcher Andreas Hubold at CoreMedia GmbH has...
Veritas informed customers last week that it has patched a high vulnerability in its NetBackup product. NetBackup is powered by Cloud Scale Technology—Cloud Scale Technology is a new generation of...
On November 2, Cisco announced the release of patches for two vulnerabilities across its product portfolio, including high-severity defects in Cisco Email Security Appliance, Cisco Secure Email and Web Manager,...
Three newly discovered security vulnerabilities in Zoom can let the attacker run arbitrary code and escalate their privileges to root or SYSTEM users, according to the latest findings. The vulnerabilities...
Atlassian has rolled out fixes to remediate a critical security vulnerability affecting its Bitbucket Server and Data Center product. Tracked as CVE-2022-43781, the issue has been characterized as a command...
Billions of servers and workstations, laptops, desktops, and IoT systems running nearly any Linux distribution are affected by two GRUB2 bootloader vulnerabilities that can be exploited to circumvent the secure...
Support Securityonline.info site. Thanks!
LNK Stomping (CVE-2024-38217): Microsoft Patches Years-Old Zero-Day Flaw
September 11, 2024
CISA Warns of Actively Exploited Adobe Flash Player Vulnerabilities
September 17, 2024
