privileges
-
A critical vulnerability identified as CVE-2024–53614 has been discovered in the Thinkware Cloud APK version 4.3.46.
-
A critical use-after-free vulnerability called CVE-2024-38193 is found in the Windows driver afd.sys. It affects the Registered I/O (RIO) extension for Windows sockets and lets attachers take over the whole system remotely. The August 2024 Patch Tuesday update has addressed the vulnerability.
-
Several vulnerabilities affecting MediaTek processors have been identified, potentially allowing attackers to escalate privileges on affected devices.
-
A critical vulnerability in Microsoft’s Active Directory Certificate Services (AD CS) that could allow attackers to escalate privileges and potentially gain domain admin access.
-
A new vulnerability has been discovered in Windows 11, specifically affecting the 23H2 version. This vulnerability is identified in the ksthunk.sys driver, allows attackers to exploit an integer overflow in the CKSAutomationThunk::ThunkEnableEventIrp function to escalate their privileges on the system. Technical Details The flaw was highlighted during the TyphoonPWN 2024 event, where an independent security researcher successfully demonstrated an…
-
Protect Websites & APIs from Malware Attack Malware targeting customer-facing websites and API applications poses significant risks, including compliance violations, defacements, and even blacklisting.
-
A critical security flaw in Windows 11 has been discovered, allowing attackers to gain elevated system privileges through an integer overflow vulnerability.
-
GitLab, a widely used platform for DevOps lifecycle management, has released critical security updates for its Community Edition (CE) and Enterprise Edition (EE).
-
A high-severity vulnerability has been disclosed recently on November 26, 2024 by NVIDIA affecting its UFM Enterprise, UFM Appliance, and UFM CyberAI products.
-
Several high-severity vulnerabilities have been identified in Android and Google Pixel devices, exposing millions of users to potential security risks. These flaws, categorized under various CVEs (Common Vulnerabilities and Exposures), range from privilege escalation to data theft and unauthorized access to sensitive features. While some of these vulnerabilities have been patched, others remain a concern,…
-
Seven critical vulnerabilities affecting Android and Google Pixel devices were recently uncovered during a recent analysis of mobile applications.
-
Protect Websites & APIs from Malware Attack Malware targeting customer-facing websites and API applications poses significant risks, including compliance violations, defacements, and even blacklisting.
-
CVE-2024-10217Allows an attacker who performs an XSS attack to manipulate the system with user privileges.
-
Recent discoveries by Binary Security have revealed critical vulnerabilities in Azure API Management (APIM) that could allow attackers with minimal privileges to escalate their access and take full control over the APIM service. These vulnerabilities were reported to Microsoft, leading to some fixes. However, certain issues remain unresolved, exposing many users unless they manually disable legacy API…
-
The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent warning about critical vulnerabilities identified in PTZOptics PT30X-SDI/NDI cameras.
-
Recent security bulletins have disclosed high-severity vulnerabilities in MediaTek smartphone chipsets, which could enable attackers to escalate privileges and gain unauthorized access to the affected devices.
-
In its recent MediaTek Product Security Bulletin, the chipmaker disclosed two high-severity security vulnerabilities that affect multiple devices, including smartphones, tablets, AIoT (Artificial Intelligence of Things), smart displays, and more.
-
A critical security vulnerability has been discovered in IBM’s Flexible Service Processor (FSP), potentially allowing unauthorized network users to gain service privileges.
-
A critical security vulnerability has been identified in the Common Log File System (CLFS) driver of Windows 11, allowing local users to gain elevated privileges.
-
SailPoint Technologies today added a bevy of capabilities that makes it possible for organizations to manage identities on a more granular level.