Exploits and vulnerabilities – Page 18 – Computer Security Articles

Update now! Proof of concept code to be released for Zoho ManageEngine vulnerability

January 17, 2023 admin apache santuario, cve-2022-35405, cve-2022-47966, Exploits and vulnerabilities, manageengine, news, poc, RCE, saml, zoho

Categories: Exploits and vulnerabilities

Categories: News

Tags: Zoho

Tags: ManageEngine

Tags: PoC

Tags: RCE

Tags: CVE-2022-47966

Tags: CVE-2022-35405

Tags: SAML

Tags: Apache Santuario

Proof of Concept code is about to be released for a vulnerability in many ManageEngine products which could enable RCE with SYSTEM privileges.

MalwareBytes Security

Update now! Patch Tuesday January 2023 includes one actively exploited vulnerability

January 12, 2023 admin aplc, bitlocker, cve-2023-21563, cve-2023-21674, cve-2023-21743, Exploits and vulnerabilities, news, Patch Tuesday, Sharepoint

Categories: Exploits and vulnerabilities

Categories: News

Tags: patch Tuesday

Tags: CVE-2023-21674

Tags: APLC

Tags: CVE-2023-21743

Tags: Sharepoint

Tags: CVE-2023-21563

Tags: BitLocker

The second Tuesday of the year brings us many updates, including one for an actively exploited vulnerability that could lead to elevation of privileges

MalwareBytes Security

Update VPN Plus Server now! Synology patches vulnerability with a CVSS of 10

January 4, 2023 admin cve-2022-43931, Exploits and vulnerabilities, news, out-of-bounds write, synology, vpl plus server

Categories: Exploits and vulnerabilities

Categories: News

Tags: Synology

Tags: VPL Plus Server

Tags: CVE-2022-43931

Tags: out-of-bounds write

Synology has patched a critical vulnerability in the Remote Desktop feature of VPN Plus Server

MalwareBytes Security

4 over-hyped security vulnerabilities of 2022

December 19, 2022 admin cve-2022-22963, cve-2022-22965, cve-2022-27492, cve-2022-34718, cve-2022-36934, Exploits and vulnerabilities, log4j, news, OpenSSL, spring4shell, wormable, Zero-Day

Categories: Exploits and vulnerabilities

Categories: News

Tags: wormable

Tags: zero-day

Tags: spring4shell

Tags: cve-2022-34718

Tags: log4j

Tags: openssl

Tags: cve-2022-36934

Tags: cve-2022-27492

Tags: cve-2022-22965

Tags: cve-2022-22963

What does it take to make the discussion of vulnerabilities useful? And where did this go wrong in 2022?

(Read more…)

The post 4 over-hyped security vulnerabilities of 2022 appeared first on Malwarebytes Labs.

MalwareBytes Security

Update now! Apple patches active exploit vulnerability for iPhones

December 16, 2022 admin apple, cve-2022-42856, Exploits and vulnerabilities, ios 16.1.2, news, safari 16.2, Type Confusion

Categories: Exploits and vulnerabilities

Categories: News

Tags: Apple

Tags: iOS 16.1.2

Tags: Safari 16.2

Tags: CVE-2022-42856

Tags: type confusion

Apple has released new security content for iOS 16.1.2 and Safari 16.2. to fix a zero-day security vulnerability that was actively exploited

MalwareBytes Security

Update now! Two zero-days fixed in 2022’s last patch Tuesday

December 14, 2022 admin Android, apple, Cisco, Citrix, cve-2022-41076, cve-2022-44670, cve-2022-44676, cve-2022-44698, cve-2022-44710, Exploits and vulnerabilities, fortinet, google, microsoft, motw, Mozilla, news, Patch Tuesday, race condition, remote powershell, SAP

Categories: Exploits and vulnerabilities

Categories: News

Tags: patch Tuesday

Tags: Microsoft

Tags: Android

Tags: Apple

Tags: Mozilla

Tags: Google

Tags: Sap

Tags: Citrix

Tags: Fortinet

Tags: Cisco

Tags: CVE-2022-44698

Tags: MotW

Tags: CVE-2022-44710

Tags: race condition

Tags: CVE-2022-44670

Tags: CVE-2022-44676

Tags: CVE-2022-41076

Tags: remote powershell

The last patch Tuesday of 2022 is here—find out what Microsoft and many others have fixed

MalwareBytes Security

Update now! NetGear routers’ default configuration allows remote attacks

December 8, 2022 admin Exploits and vulnerabilities, ipv6, Netgear, news, nighthawk, ports, remote

Categories: Exploits and vulnerabilities

Categories: News

Tags: NetGear

Tags: Nighthawk

Tags: remote

Tags: ports

Tags: IPv6

NetGear has issued a hotfix that has to be installed manually, after researchers found a vulnerability that could allow remote attacks.

MalwareBytes Security

Update now! Google patches Android vulnerability that allows remote code execution over Bluetooth

December 8, 2022 admin Android, Exploits and vulnerabilities, news

Categories: Android

Categories: Exploits and vulnerabilities

Categories: News

Google has issued its December round of patches, which includes a fix for a critical vulnerability that allows RCE over Bluetooth