to see all content. Some content is hidden to the public. Log in
Can't find what you're looking for? Help us improve the search functionality by reporting the expected results.
497 Results
- Other Content
Apache Kylin Command Injection Vulnerability
A command injection vulnerability exists within Apache Kylin. For a complete description of the vulnerabilities and affected systems go to Apache Kylin CVE-2022-24697. IT Security Read more about IT Security service offerings.
Vulnerability in Aruba Network InstantOS
A classic buffer overflow vulnerability exists within Aruba Networks InstantOS 8.10.0.1. Successful exploitation of these vulnerabilities results in the ability to execute arbitrary code as a privileged user.
PoC Code Published for High-Severity macOS Sandbox Escape Vulnerability
Tracked as CVE-2022-26696 (CVSS score of 7.8), the security defect was identified and reported last year, with a patch available since the release of macOS Monterey 12.4 in May. Apple notes that the flaw allowed a sandboxed process to circumvent sandbox restrictions, and that improved environment sanitization resolved the issue.
Trend Micro Apex One for SaaS Improper Authentication Vulnerability
An improper authentication vulnerability exists within Trend Micro Apex One for SaaS. Successful exploitation of this vulnerability could allow an attacker to bypass the product’s login authentication by falsifying request parameters on affected installations. For a complete description of the vulnerabilities and affected systems go to Trend Micro Security Bulletin September 2022. IT Security
Vulnerability within Moodle 4.0.2.
Mandiant reveals vulnerability within Moodle 4.0.2. A remote code execution risk when restoring backup files originating from Moodle 1.9 For a complete description of the vulnerabilities and affected systems go to Moodle Security Announcement. IT Security Read more about IT Security service offerings.
IBM InfoSphere Information Server on Cloud 11.7 Command Injection Vulnerability
IBM released a patch to address a vulnerability in the IBM InfoSphere Information Server on Cloud 11.7. IBM InfoSphere DataStage 11.7 is vulnerable to a command injection vulnerability due to improper neutralization of special elements. For a complete description of the vulnerabilities and affected systems go to IBM Security Bulletin. IT Security Read more about IT Security service offerings.
Malware is Targeting VMWare VSphere
VMWare has released guidance on protecting vSphere From Specialized Malware. Specialized Malware is being used to exploit and gain persistent access to instances of ESXi. For a complete description of the vulnerabilities and affected systems go to Protecting vSphere From Specialized Malware. IT Security
Google Released Chrome 106.0.5249.61 for Mac/Linux and 106.0.5249.61/62 for Windows
Google released Chrome 106.0.5249.61 for Mac/Linux and 106.0.5249.61/62 for Windows. A remote attacker could exploit this vulnerability to take control of an affected system. For a complete description of the vulnerabilities and affected systems go to Chrome Release Note. IT Security
Apple Patches Zero-Day Vulnerability That is Being Actively Exploited in the Wild
Apple releases security updates to address multiple vulnerabilities in iOS and macOS, including a zero-day flaw that is being actively exploited in the wild. An attacker could exploit some of these vulnerabilities to take control of an affected device. For a complete description of the vulnerabilities and affected systems go to Apple Security Updates. IT Security
Zero-Day Flaw in WPGateway is Being Actively Exploited in the Wild
A zero-day flaw in the latest version of a WordPress premium plugin known as WPGateway is being actively exploited in the wild. Exploitation of some of this vulnerability could allow a remote attacker to take control of an affected website. For a complete description of the vulnerabilities and affected systems go to Over 280,000 WordPress Sites Attacked. IT Security