let
-
Apple created a Virtual Research Environment to allow public access to testing the security of its Private Cloud Compute system, and released the source code for some “key components” to help researchers analyze the privacy and safety features on the architecture.
-
Multiple Xerox printer models have been found to have a severe security vulnerability, which allows attackers with administrative access to completely take control of the devices.
-
Google has announced it will soon allow organizations to create their own curated “Enterprise Web Store” of company-sanctioned browser extensions for Chrome and ChromeOS, aimed at improving productivity, security, and management for businesses.
-
A serious security vulnerability has been discovered in Red Hat’s NetworkManager-libreswan plugin that could allow local attackers to escalate privileges and gain root access to Linux systems. The flaw tracked as CVE-2024-9050 has received a CVSS base score of 7.8, indicating its high severity.
-
Mallox Ransomware Flaw Lets Victims Recover Files Without Ransom Payment. Previously known as TargetCompany, ransomware has undergone several evolutionary changes since its initial appearance.
-
A critical vulnerability has been identified in the OneDev DevOps platform, posing significant security risks to organizations relying on this tool for their software development and deployment processes.
-
Researchers discovered vulnerabilities in the Chromium web browser that allowed malicious extensions to escape the sandbox and execute arbitrary code on the user’s system.
-
Broadcom has released critical security updates to address severe vulnerabilities in VMware vCenter Server that could allow attackers to execute remote code and escalate privileges.
-
WebRTC (Web Real-Time Communication) is an open-source project that facilitates real-time audio, video, and data sharing directly between web browsers and mobile applications without the need for plugins.
-
Cisco has disclosed multiple vulnerabilities affecting its ATA 190 Series Analog Telephone Adapter firmware, posing significant user risks.
-
A critical security flaw in SAP NetWeaver AS Java has been uncovered, potentially allowing attackers to upload malicious files and execute unauthorized commands.
-
Trend Micro has issued an urgent security bulletin warning users of a critical vulnerability in its Cloud Edge appliance that could allow remote attackers to execute arbitrary code without authentication.
-
VMware has disclosed a critical security vulnerability in its HCX platform, a key component for hybrid cloud extension solutions.
-
The Kubernetes Security Response Committee has disclosed two critical vulnerabilities in the Kubernetes Image Builder that could allow attackers to gain root access to virtual machines (VMs).
-
A critical security vulnerability in Microsoft Dataverse has been discovered, allowing authorized attackers to elevate their privileges over a network.
-
A recently identified vulnerability in Ubuntu’s Authd, CVE-2024-9312, has raised significant security concerns.
-
Security researchers have uncovered critical vulnerabilities in several popular Netgear WiFi extender models that could allow attackers to execute malicious commands on affected devices.
-
Splunk has disclosed multiple vulnerabilities affecting its Enterprise product, which could allow attackers to execute remote code.
-
Splunk has released patches for several high-severity vulnerabilities in its Enterprise product that could allow attackers to execute remote code on affected systems. The vulnerabilities impact multiple versions of Splunk Enterprise and Splunk Cloud Platform.