Log in to see all content. Some content is hidden to the public.
Can't find what you're looking for? Help us improve the search functionality by reporting the expected results.
1509 Results
Purported Actively Exploited Vulnerability in Trend Micro Consumer-Based Products
Trend Micro released a security update for a purported actively exploited vulnerability in its consumer-based products. Attackers are trying to hijack various popular security products, including one from Trend Micro. For a complete description of the vulnerabilities and affected systems SECURITY ADVISORY: Trend Micro Response to Moshen Dragon Abuse. IT Security
Chrome Version 102.0.5005.61 for Windows, Mac, and Linux Released
Google has released Chrome version 102.0.5005.61 for Windows, Mac, and Linux. An attacker could exploit these vulnerabilities to take control of an affected system. For a complete description of the vulnerabilities and affected systems Chrome Release Note. IT Security Read more about IT Security service offerings.
High Vulnerabilities in Citrix ADC and Gateway
Citrix has released a security update to address High vulnerabilities in in ADC and Gateway. An attacker could exploit one of these vulnerabilities to cause a denial-of-service condition. For a complete description of the vulnerabilities and affected systems Citrix Security Update CTX457048. IT Security
Critical Vulnerabilities in Multiple Firefox Products
Mozilla has released security updates to address critical vulnerabilities in multiple firefox products. An attacker could exploit these vulnerabilities to take control of an affected system. For a complete description of the vulnerabilities and affected systems Mozilla Foundation Security Advisories. IT Security
Zero-day vulnerabilities on Android Used for Cyber Surveillance Attacks
Google recommends using good hygiene to address campaigns targeting Google Products for cyber surveillance attacks. Exploitation of some of these vulnerabilities could allow a remote attacker to perform surveillance from the affected device. For a complete description of the vulnerabilities and affected systems googleapis / google-oauth-java-client.
High Vulnerability in Red Hat OpenShift GitOps
Red Hat released security updates to address a vulnerability in Red Hat OpenShift GitOps. A flaw was found in the ArgoCD component of Red Hat GitOps, where an unauthenticated attacker can craft a malicious JWT token while ArgoCD's anonymous access is enabled and gains full access to the ArgoCD instance. This flaw allows the attacker to impersonate any ArgoCD user or role, fully compromising the targeted cluster's confidentiality, integrity, and availability. For a complete description of the vulnerabilities and affected systems:
High Vulnerability in Google's OAuth Client Library for Java
Google has released a security update to address a High vulnerability in Google's OAuth Client Library for Java. This vulnerability could be exploited by a malicious actor with a compromised token to deploy arbitrary payloads. For a complete description of the vulnerabilities and affected systems googleapis / google-oauth-java-client. IT Security
Vulnerabilities in the Jupiter and JupiterX Premium WordPress Themes
WordPress released security updates to address vulnerabilities in the Jupiter and JupiterX Premium WordPress themes. Exploitation of some of these vulnerabilities could allow a remote attacker to take control of an affected website.
Vulnerabilities in the Jupiter and JupiterX Premium WordPress Themes
WordPress released security updates to address vulnerabilities in the Jupiter and JupiterX Premium WordPress themes. Exploitation of some of these vulnerabilities could allow a remote attacker to take control of an affected website.
High Vulnerability Affecting ISC Berkeley Internet Name Domain (BIND)
The Internet Systems Consortium (ISC) has released security updates to address a High vulnerability affecting ISC Berkeley Internet Name Domain (BIND). Exploitation of this vulnerability could allow a remote attacker to cause a denial-of-service condition. For a complete description of the vulnerabilities and affected systems CVE-2022-1183: Destroying a TLS session early causes assertion failure.