Open and composable observability and data visualization platform Grafana received an emergency update today to fix a high-severity, zero-day vulnerability that allows an attacker to elevate privileges from Editor to Admin. Tracked as CVE-2022-31097,...
The Apache Fineract project patched the high-severity security vulnerability in Apache Fineract that, if left unaddressed, could be exploited to gain remote code execution (RCE) on affected installations. Apache Fineract is open-source software for...
A high-risk security vulnerability has been found in the open-source Prometheus systems and service monitoring system that could be exploited by an attacker to access systems and data. Prometheus, a Cloud Native Computing Foundation...
Recently, the ESET security team discovered a new high-risk vulnerability in Acer UEFI firmware which may allow changes to Secure Boot settings by creating NVRAM variables, and the exploit is relatively uncomplicated. This will...
An external threat landscape management platform company, Cyfirma last Friday issued a bulletin warning of a critical vulnerability affecting Windows systems that is currently being actively exploited in the wild. The flaw, tracked as...
A critical security flaw in a family of text editors GNU Emacs could be exploited by a remote adversary to perform arbitrary commands on the system. The flaw, tracked as CVE-2022-45939 affects GNU Emacs...
Earlier we mentioned that researchers found that Intel and ARM processors are still affected by speculative execution-related vulnerabilities. These vulnerabilities are mainly Spectre and Meltdown series, and the industry was actively responding to them...
Recently, security researcher Carlos Bello from the Offensive Team of Fluid Attacks revealed a high sensitive vulnerability in the Microweber content management system that allows an attacker to take control of the administration account....
Google on Thursday shipped emergency patches to address a security vulnerability in its Chrome web browser, which it says is being actively exploited in the wild. Tracked as CVE-2022-4135, Google described the high-severity flaw...
Security researcher Mohamed Ghannam (@_simo36) has published the exploit code for a vulnerability in the iOS kernel that could help an attacker execute arbitrary code with kernel privileges. Tracked as CVE-2022-32898 (CVSS score of...
