by CIRT Team
by CIRT Team
Multiple Vulnerabilities in Adobe Products Could Allow for Arbitrary Code Execution
DESCRIPTION:Multiple vulnerabilities have been discovered in Adobe products, themost severe of which could allow for Arbitrary Code Execution. * Premiere Rush is a video editor.* Illustrator is a vector graphics editor and design program.* Photoshop is a graphics editor.* Adobe After Effects is a digital visual effects, motion graphics, andcompositing application.* Creative Cloud is a cloud service provided by Adobe where its softwarecan be accessed...
Read More
by CIRT Team
Critical Patches Issued for Microsoft Products, February 08, 2022
DESCRIPTION:Multiple vulnerabilities have been discovered in Microsoft products, themost severe of which could allow for remote code execution in thecontext of the logged on user. Depending on the privileges associatedwith the user, an attacker could then install programs; view, change, ordelete data; or create new accounts with full user rights. Users whoseaccounts are configured to have fewer user rights on the system could beless impacted...
Read More
by CIRT Team
A Vulnerability in Samba Could Allow for Arbitrary Code Execution
DESCRIPTION:A vulnerability has been discovered in Samba which could allow forarbitrary code execution. Samba is the standard Windows interoperabilitysuite of programs for Linux and Unix. Successful exploitation of thisvulnerability could result in arbitrary code execution as root onaffected Samba installations that use the VFS module vfs_fruit.Depending on the permission associated with the application running theexploit, an attacker could then install programs; view, change, ordelete data....
Read More
by CIRT Team
A Backdoor in WordPress AccessPress Plugins and Themes Could Allow an Attacker Access to a Targeted Website
DESCRIPTION:A backdoor has been discovered in WordPress AccessPress plugins andthemes, which could allow an attacker access to a targeted website.AccessPress plugins and themes are used to provide website functionalityand design options to website administrators. Successful exploitation ofthis backdoor could allow an attacker to redirect users to malicioussites as well as access to the vulnerable website. SYSTEM AFFECTED:* accesspress-anonymous-post 2.8.0* accesspress-custom-css 2.0.1* ** accesspress-custom-post-type 1.0.8* accesspress-facebook-auto-post...
Read More
by CIRT Team
Multiple Vulnerabilities in Cisco Products Could Allow for Arbitrary Code Execution
DESCRIPTION:Multiple vulnerabilities have been discovered in Cisco Products, themost severe of which could allow for arbitrary code execution.Successful exploitation of the most severe of these vulnerabilitiescould allow an unauthenticated, remote attacker to execute code on theaffected systems. Depending on the privileges associated with thetargeted user, an attacker could then install programs; view, change, ordelete data; or create new accounts with full user rights. Usersconfigured to...
Read More
by CIRT Team
Multiple Vulnerabilities in Google Chrome Could Allow for Arbitrary Code Execution
DESCRIPTION:Multiple vulnerabilities have been discovered in Google Chrome, the mostsevere of which could allow for arbitrary code execution. Google Chromeis a web browser used to access the Internet. Successful exploitation ofthe most severe of these vulnerabilities could allow an attacker toexecute arbitrary code in the context of the browser. Depending on theprivileges associated with the application, an attacker could view,change, or delete data. If this...
Read More
by CIRT Team
Multiple Vulnerabilities in Apple Products Could Allow for Arbitrary Code Execution
DESCRIPTION:Multiple vulnerabilities have been discovered in Apple Products, the most severe of which could allow for arbitrary code execution. * iOS is a mobile operating system for mobile devices, including the iPhone, iPad, and iPod touch.* iPadOS is the successor to iOS 12 and is a mobile operating system for iPads.* macOS Monterey is the 18th and current major release of macOS.* macOS Big Sur...
Read More
by CIRT Team
Multiple Vulnerabilities in SonicWall SMA 100 Series Could Allow for Arbitrary Code Execution
DESCRIPTION:Multiple vulnerabilities in SonicWall SMA 100 Series could allow for arbitrary code execution. Successful exploitation of these vulnerabilities could allow for arbitrary code execution. The SonicWall SMA 100 Series is a unified secure access gateway that enables organizations to provide access to any application, anytime, from anywhere, and any devices, including managed and unmanaged. Depending on the privileges associated with the application, an attacker could...
Read More
by CIRT Team
A Vulnerability in Polkit’s pkexec Component Could Allow For Local Privilege Escalation
DESCRIPTION:A vulnerability in Polkit’s pkexec component could allow for localprivilege escalation. Polkit (formerly PolicyKit) is a component forcontrolling system-wide privileges in Unix-like operating systems. Itprovides an organized way for non-privileged processes to communicatewith privileged ones. Polkit is installed by default on all major Linuxdistributions. Successful exploitation of this vulnerability couldresult in privilege escalation to root privileges. IMPACT:A vulnerability in Polkit ‘s pkexec component could allow...
Read More