Vulnerabilities Archives

SECURITYWEEK NETWORK:

Security Experts:

Hi, what are you looking for?

Vulnerabilities

Chrome 110 Patches 15 Vulnerabilities

The first stable release of Chrome 110 brings 15 security fixes, including 10 for externally reported vulnerabilities.

Ionut Arghire13 hours ago

Ransomware

CISA Releases Open Source Recovery Tool for ESXiArgs Ransomware

It may be possible to recover some virtual machines impacted by the ESXiArgs ransomware and CISA has released a tool for the task.

Eduard Kovacs16 hours ago

Vulnerabilities

OpenSSL Ships Patch for High-Severity Flaws

The most serious of the vulnerabilities may allow an attacker to read memory contents or launch denial-of-service exploits.

Ryan Naraine1 day ago

Vulnerabilities

Vulnerability Provided Access to Toyota Supplier Management Network

Security researcher finds severe vulnerability providing system admin access to Toyota’s global supplier management network.

Ionut Arghire2 days ago

Vulnerabilities

Patch Released for Actively Exploited GoAnywhere MFT Zero-Day

A patch has been released for the GoAnywhere MFT zero-day vulnerability that has been exploited in attacks.

Eduard Kovacs2 days ago

Ransomware

VMware Says No Evidence of Zero-Day Exploitation in ESXiArgs Ransomware Attacks

ESXiArgs ransomware attacks continue, with thousands of unpatched ESXi servers compromised within a few days via CVE-2021-21974.

Eduard Kovacs2 days ago

Vulnerabilities

BIND Updates Patch High-Severity, Remotely Exploitable DoS Flaws

The latest BIND updates patch multiple remotely exploitable vulnerabilities that could lead to denial-of-service (DoS).

Ionut ArghireJanuary 27, 2023

Email Security

Microsoft Urges Customers to Patch Exchange Servers

Microsoft is urging customers to install the latest Exchange Server updates and harden their environments to prevent malicious attacks.

Ionut ArghireJanuary 27, 2023

Vulnerabilities

Security Update for Chrome 109 Patches 6 Vulnerabilities

Google has awarded more than $25,000 to the researchers who reported the vulnerabilities patched with the release of the latest Chrome update.

Eduard KovacsJanuary 25, 2023

Cloud Security

VMware Plugs Critical Code Execution Flaws

VMware vRealize Log Insight vulnerability allows an unauthenticated attacker to take full control of a target system.

Ryan NaraineJanuary 24, 2023

Apple patches exploited vulnerability in old iPhones

Mobile & Wireless

Apple Patches Exploited iOS Vulnerability in Old iPhones

Apple’s iOS 12.5.7 update patches CVE-2022-42856, an actively exploited vulnerability, in old iPhones and iPads.

Eduard KovacsJanuary 24, 2023

Mobile & Wireless

Arm Vulnerability Leads to Code Execution, Root on Pixel 6 Phones

Technical details published for an Arm Mali GPU flaw leading to arbitrary kernel code execution and root on Pixel 6.

Ionut ArghireJanuary 24, 2023

Vulnerabilities

Attacks Targeting Realtek SDK Vulnerability Ramping Up

Security researchers have observed an uptick in attacks targeting CVE-2021-35394, an RCE vulnerability in Realtek Jungle SDK.

Ionut ArghireJanuary 24, 2023

Mobile & Wireless

Apple Patches WebKit Code Execution in iPhones, MacBooks

Apple rolled out iOS 16.3 and macOS Ventura 13.2 to cover serious security vulnerabilities.

Ryan NaraineJanuary 23, 2023

Mobile & Wireless

Samsung Galaxy Store Flaws Can Lead to Unwanted App Installations, Code Execution

Two vulnerabilities in Samsung’s Galaxy Store that could be exploited to install applications or execute JavaScript code by launching a web page.

Ionut ArghireJanuary 23, 2023

Vulnerabilities

Critical Vulnerabilities Patched in OpenText Enterprise Content Management System

Several vulnerabilities have been patched in OpenText’s enterprise content management (ECM) product.

Eduard KovacsJanuary 20, 2023

Vulnerabilities

In-the-Wild Exploitation of Recent ManageEngine Vulnerability Commences

Organizations are being compromised in attacks exploiting a recently patched Zoho ManageEngine vulnerability.

Ionut ArghireJanuary 20, 2023

Application Security

Drupal Patches Vulnerabilities Leading to Information Disclosure

Drupal released updates that resolve four vulnerabilities in Drupal core and three plugins.

Ionut ArghireJanuary 20, 2023

Page 3 of 558‹ Previous 1 234 5 6 7 Next ›Last »

SECURITYWEEK NETWORK:

Security Experts:

Vulnerabilities

Chrome 110 Patches 15 Vulnerabilities

Ransomware

CISA Releases Open Source Recovery Tool for ESXiArgs Ransomware

Vulnerabilities

OpenSSL Ships Patch for High-Severity Flaws

Vulnerabilities

Vulnerability Provided Access to Toyota Supplier Management Network

Vulnerabilities

Patch Released for Actively Exploited GoAnywhere MFT Zero-Day

Ransomware

VMware Says No Evidence of Zero-Day Exploitation in ESXiArgs Ransomware Attacks

Vulnerabilities

BIND Updates Patch High-Severity, Remotely Exploitable DoS Flaws

Email Security

Microsoft Urges Customers to Patch Exchange Servers

Vulnerabilities

Security Update for Chrome 109 Patches 6 Vulnerabilities

Cloud Security

VMware Plugs Critical Code Execution Flaws

Mobile & Wireless

Apple Patches Exploited iOS Vulnerability in Old iPhones

Mobile & Wireless

Arm Vulnerability Leads to Code Execution, Root on Pixel 6 Phones

Vulnerabilities

Attacks Targeting Realtek SDK Vulnerability Ramping Up

Mobile & Wireless

Apple Patches WebKit Code Execution in iPhones, MacBooks

Mobile & Wireless

Samsung Galaxy Store Flaws Can Lead to Unwanted App Installations, Code Execution

Vulnerabilities

Critical Vulnerabilities Patched in OpenText Enterprise Content Management System

Vulnerabilities

In-the-Wild Exploitation of Recent ManageEngine Vulnerability Commences

Application Security

Drupal Patches Vulnerabilities Leading to Information Disclosure

Featured

Cybercrime

UN Experts: North Korean Hackers Stole Record Virtual Assets

Funding/M&A

SecurityWeek Analysis: Over 450 Cybersecurity M&A Deals Announced in 2022

Cyberwarfare

US Downs Chinese Balloon Off Carolina Coast

Nation-State

Microsoft: Iran Unit Behind Charlie Hebdo Hack-and-Leak Op

Cybersecurity Funding

Cyber Insights 2023: Venture Capital

Vulnerabilities

Exploitation of Oracle E-Business Suite Vulnerability Starts After PoC Publication

Vulnerabilities

GoAnywhere MFT Users Warned of Zero-Day Exploit

Latest News

Cybercrime

Minister: Cybercrimes Now 20% of Spain’s Registered Offenses

Funding/M&A

Skybox Security Raises $50M, Hires New CEO

Cyberwarfare

Spies, Hackers, Informants: How China Snoops on the US

Cybercrime

Australian Man Sentenced for Scam Related to Optus Hack

Application Security

Application Security Protection for the Masses

Privacy

Tor Network Under DDoS Pressure for 7 Months

ICS/OT

Siemens License Manager Vulnerabilities Allow ICS Hacking