Log in to see all content. Some content is hidden to the public.
Can't find what you're looking for? Help us improve the search functionality by reporting the expected results.
1412 Results
Vulnerabilities Identified in UEFI Firmware Code Used by the World's Largest Device Makers
Nearly two dozen vulnerabilities identified in UEFI firmware code used by the world's largest device makers. This vulnerability allows a remote attacker to perform arbitrary code execution with elevated privileges.
Critical Vulnerability in the Wordpress Essential Addons for Elementor Plugin
WordPress announced a security update to address a Critical Vulnerability in the Essential Addons for Elementor plugin. This vulnerability allows any user to perform a local file inclusion attack. The attack then could lead to remote code execution.
Vulnerabilities in Multiple Versions of Samba
The Samba Team has released security updates to address vulnerabilities in multiple versions of Samba. A remote attacker could exploit this vulnerability to to take control of an affected system. For a complete description of the vulnerabilities and effected systems, visit Samba Security Releases.
Critical Code Injection Vulnerability Exists within H2 Database H2 2.0.202
A Critical code injection vulnerability exists within H2 Database H2 2.0.202. A remote attacker could exploit this vulnerability to execute arbitrary code For a complete description of the vulnerabilities and effected systems, visit CVE-2022-23221 Detail. IT Security Read more about IT Security service offerings.
Vulnerabilities in Multiple Xerox Products
Xerox has released security updates to address vulnerabilities in multiple products. The critical-severity issue can be triggered to at least partially brick a vulnerable device by causing a denial of service (DoS) condition in which the printer asks for a reboot. The error is triggered again immediately after rebooting, in a continuous loop.
Vulnerabilities in Multiple Apple Products
Apple has released security updates to address vulnerabilities in multiple products. A remote attacker could exploit this vulnerability to take control of an affected system. For a complete description of the vulnerabilities and effected systems, visit Apple Security Updates. IT Security Read more about IT Security service offerings.
Let’s Encrypt Active Certificates were Mis-Issued - Revocation Begins Tomorrow
Let’s Encrypt active certificates were mis-issued. Revocation of the affected certificates and will begin at 16:00 UTC on 28 January 2022. For a complete description of the vulnerabilities and effected systems, visit 2022.01.25 Issue with TLS-ALPN-01 Validation Method.
A vulnerability (CVE-2021-4034) in Polkit's Pkexec has been Weaponized in the Wild
A vulnerability (CVE-2021-4034) in Polkit's pkexec has been weaponized in the wild. This vulnerability is present in the default configuration of all major Linux distributions and can be exploited to gain full root privileges on the system.
Cisco Releases Critical-risk Vulnerability within Cisco RCM for Cisco StarOS Software
Cisco has released security updates to address a Critical-risk vulnerability that was detected within Cisco Redundancy Configuration Manager (RCM) for Cisco StarOS Software. A remote attacker could exploit these vulnerabilities to take control of an affected system. For a complete description of the vulnerabilities and effected systems, visit Cisco Security Advisory.
F5 Releases Security Advisory to Address Vulnerabilities Affecting Multiple Products
F5 has released a security advisory to address High, Medium, and Low vulnerabilities affecting multiple products. A remote attacker could exploit these vulnerabilities to either deny service to, or take control of, an affected system. For a complete description of the vulnerabilities and effected systems, visit F5 security advisory.