Security Advisories & Alerts


Critical Patches Issued for Microsoft Products, May 11, 2021

DESCRIPTION:Multiple vulnerabilities have been discovered in Microsoft products, themost severe of which could allow for arbitrary code execution in thecontext of the logged on user. Depending on the privileges associatedwith the user, an attacker could then install programs; view, change, ordelete data; or create new accounts with full user rights. Users whoseaccounts are configured to have fewer user rights on the system could beless impacted...

Read More


Multiple Vulnerabilities in Google Chrome Could Allow for Arbitrary Code Execution

DESCRIPTION:Multiple vulnerabilities have been discovered in Google Chrome, the mostsevere of which could allow for arbitrary code execution. Google Chromeis a web browser used to access the Internet. Successful exploitation ofthe most severe of these vulnerabilities could allow an attacker toexecute arbitrary code in the context of the browser. Depending on theprivileges associated with the application, an attacker could view,change, or delete data. If this...

Read More


Multiple Vulnerabilities in Cisco SD-WAN vManage Software Could Allow for Arbitrary Code Execution

DESCRIPTION:Multiple vulnerabilities have been discovered in Cisco SD-WAN vManageSoftware, the most severe of which could allow for arbitrary codeexecution. Cisco SD-WAN provides a centralized management interface ofan organization’s WAN including their cloud and data center environment.Successful exploitation of the most severe of these vulnerabilitiescould allow an unauthenticated, remote attacker to executeadministrative functions and obtain an admin account. An attacker couldthen view, change, or delete data;...

Read More


Multiple Vulnerabilities in Exim Could Allow for Remote Code Execution

DESCRIPTION:Multiple vulnerabilities have been discovered in Exim, the most severeof which could allow for remote code execution. Exim is a mail transferagent used to deploy mail servers on Unix-like systems. Successfulexploitation of the most severe of these vulnerabilities will enable theattacker to perform command execution as root in the context of the mailserver. An attacker could then install programs; view, change, or deletedata; or create...

Read More


Multiple Vulnerabilities in Cisco HyperFlex HX Software Could Allow for Arbitrary Code Execution

DESCRIPTION:Multiple vulnerabilities have been discovered in Cisco HyperFlex HXsoftware, the most severe of which could allow for arbitrary codeexecution. The Cisco HyperFlex HX Series is Cisco’s a convergedinfrastructure system that integrates computing, networking and storageresources to increase efficiency and enable centralized management. Thisproduct contains a web-based interface which allows user can access tomanage the device. Successful exploitation of the most severe of thesevulnerabilities within the...

Read More


A Vulnerability in HPE Edgeline Infrastructure Manager Software Could Allow for Remote Code Execution

DESCRIPTION:A vulnerability has been discovered in HPE Edgeline InfrastructureManager Software that could allow for remote code execution. HPEEdgeline Infrastructure Manager Software was made to aggregate themanagement of Edgeline ComputeDevices. It is delivered as a VirtualMachine image (OVA) targeted at running on VMware ESXi, workstation,orplayer. Edgeline Infrastructure Manager supports discovery, monitoring,and management of EdgelineConverged Edge Systems. Successful exploitation of this vulnerability could result in remotecode execution...

Read More


Multiple Vulnerabilities in Google Android OS Could Allow for Remote Code Execution

DESCRIPTION:Multiple vulnerabilities have been discovered in the Google Android operating system (OS), the most severe of which could allow for remote code execution. Android is an operating system developed by Google for mobile devices, including, but not limited to, smartphones, tablets, and watches. Successful exploitation of the most severe of these vulnerabilities could allow for remote code execution within the context of a privileged process....

Read More


Multiple Vulnerabilities in Apple Products Could Allow for Arbitrary Code Execution

DESCRIPTION:Multiple vulnerabilities have been discovered in Apple Products, the most severe of which could allow for arbitrary code execution. Details of these vulnerabilities are as follows: iOS 14.5.1 and iPadOS 14.5.1* A memory corruption issue was addressed with improved state management. (CVE-2021-30665)* An integer overflow was addressed with improved input validation. (CVE-2021-30663) iOS 12.5.3* A buffer overflow issue was addressed with improved memory handling. (CVE-2021-30666)*...

Read More


21Nails: Multiple Critical Vulnerabilities in Exim Mail Server

The Qualys Research Team has discovered multiple critical vulnerabilities in the Exim mail server, some of the which can be chained together to obtain full remote unauthenticated code execution and gain root privileges. The 21Nails vulnerabilities, if left unpatched, could allow threat actors to take over these systems and then intercept or tamper with email communications passing through the Exim server. 11 issues are local...

Read More


Multiple Vulnerabilities in Apple Products Could Allow for Arbitrary Code Execution

DESCRIPTION:Multiple vulnerabilities have been discovered in Apple Products, themost severe of which could allow for arbitrary code execution. * iCloud for Windows is a cloud storage and cloud computing service.* Xcode is an integrated development environment (IDE) for macOS.* Safari is a graphical web browser developed by Apple, based on theWebKit engine.* macOS Big Sur is the 17th and current major release of macOS.* macOS...

Read More


Page 15 of 66« First...10...1314151617...203040...Last »