Vulnerabilities & Exploits Archives - Page 18 of 106

Cisco issues Critical security updates for Spring Framework vulnerability

Network Security, Security Updates & Patches, Vulnerabilities & Exploits / Frank Crast / April 14, 2022 / Cisco, CVE-2022-22965, Spring, Spring4Shell, VMware

Cisco has issued an updated Critical security advisory for a Spring Framework vulnerability CVE-2022-22965 that affects multiple Cisco products. The networking giant also released a security update for a Critical LAN wireless controller vulnerability.

Cisco issues Critical security updates for Spring Framework vulnerability Read More »

CISA adds Critical VMware Workspace ONE Access and Identity Manager vulnerability to Catalog of exploited vulnerabilities

Cybersecurity Attacks, Vulnerabilities & Exploits / Frank Crast / April 14, 2022 / CISA, CVE-2022-22954, Exploit, VMware, Workspace ONE

The Cybersecurity and Infrastructure Security Agency (CISA) has added a Critical VMware Workspace ONE Access and Identity Manager vulnerability to its Known Exploited Vulnerabilities Catalog. VMware also confirmed known exploits in the wild have been detected for CVE-2022-22954.

CISA adds Critical VMware Workspace ONE Access and Identity Manager vulnerability to Catalog of exploited vulnerabilities Read More »

VMware releases Critical security updates (updated with known exploits for CVE-2022-22954)

Security Updates & Patches, Vulnerabilities & Exploits / Frank Crast / April 14, 2022 / CVE-2022-22954, CVE-2022-22955, CVE-2022-22956, CVE-2022-22957, CVE-2022-22958, Identity Manager, VMware, vRealize, Workspace, Workspace ONE

VMware has released Critical updates for VMware Workspace ONE Access, Identity Manager and vRealize that address multiple vulnerabilities. VMware also updated the advisory to confirm there is known exploits in the wild for one of those vulnerabilities CVE-2022-22954.

VMware releases Critical security updates (updated with known exploits for CVE-2022-22954) Read More »

Juniper patches multiple vulnerabilities in Junos OS and other products (April 2022)

Network Security, Security Updates & Patches, Vulnerabilities & Exploits / Frank Crast / April 14, 2022 / Jun OS, Juniper, Networking

Juniper Networks has released security advisories to fix many vulnerabilities on Junos OS and multiple other products.

Juniper patches multiple vulnerabilities in Junos OS and other products (April 2022) Read More »

Apache patches Struts 2 RCE vulnerability (CVE-2021-31805)

Security Updates & Patches, Vulnerabilities & Exploits / Frank Crast / April 13, 2022 / Apache, CVE-2021-31805, OGNL, Struts 2

The Apache Software Foundation has patched a Struts 2 vulnerability CVE-2021-31805 that may lead to remote code execution.

Apache patches Struts 2 RCE vulnerability (CVE-2021-31805) Read More »

Adobe has released security updates for Adobe Acrobat and Reader, Photoshop, Commerce and After Effects

Security Updates & Patches, Vulnerabilities & Exploits / Frank Crast / April 12, 2022 / Acrobat, Adobe, After Effects, Commerce, Photoshop

Adobe has released security updates for Adobe Acrobat and Reader, Photoshop, Commerce and After Effects.

Adobe has released security updates for Adobe Acrobat and Reader, Photoshop, Commerce and After Effects Read More »

Microsoft April 2022 Security Updates addresses 117 vulnerabilities (to include 2 zero-days)

Security Updates & Patches, Vulnerabilities & Exploits, Zero-days / Frank Crast / April 12, 2022 / CVE-2022-22008, CVE-2022-23257, CVE-2022-23259, CVE-2022-24491, CVE-2022-24497, CVE-2022-24500, CVE-2022-24521, CVE-2022-24537, CVE-2022-24541, CVE-2022-26809, CVE-2022-26904, CVE-2022-26919, Zero-day

The Microsoft April 2022 Security Updates includes patches and advisories for 117 vulnerabilities, ten of those rated Critical and two zero-day flaws.

Microsoft April 2022 Security Updates addresses 117 vulnerabilities (to include 2 zero-days) Read More »

Google releases Chrome 100 security update (100.0.4896.88) with fixes for 11 vulnerabilities

Security Updates & Patches, Vulnerabilities & Exploits / Frank Crast / April 12, 2022 / Chrome, Chrome 100, CVE-2022-1305, CVE-2022-1306, CVE-2022-1307, CVE-2022-1308, CVE-2022-1309, CVE-2022-1310, CVE-2022-1311, CVE-2022-1312

Google has released Chrome 100.0.4896.88 for Windows, Mac and Linux with fixes for 11 vulnerabilities, 8 rated High severity.

Google releases Chrome 100 security update (100.0.4896.88) with fixes for 11 vulnerabilities Read More »

cyber security, information security, data privacy-3400657.jpg

CISA adds Critical WatchGuard and Microsoft AD flaws to Catalog of exploited vulnerabilities

Cybersecurity Attacks, Vulnerabilities & Exploits / Frank Crast / April 11, 2022 / Active Directory, CVE-2017-11317, CVE-2020-2509, CVE-2021-22600, CVE-2021-27852, CVE-2021-39793, CVE-2021-42278, CVE-2021-42287, CVE-2022-23176, Firebox, Microsoft, QNAP, WatchGuard, XTM

The Cybersecurity and Infrastructure Security Agency (CISA) has added a Critical WatchGuard and two Microsoft Active Directory flaws, along with five other vulnerabilities to its Known Exploited Vulnerabilities Catalog.

CISA adds Critical WatchGuard and Microsoft AD flaws to Catalog of exploited vulnerabilities Read More »

Threat actors exploit Spring4Shell to weaponize and execute Mirai botnet

Cybersecurity Attacks, Malware, Vulnerabilities & Exploits / Frank Crast / April 8, 2022 / botnet, CVE-2022-22963, CVE-2022-22965, Mirai, Spring, Spring Framework, Spring4Shell

Researchers from Trend Micro have spotted threat actors exploiting the Spring4Shell vulnerability CVE-2022-22965 to weaponize and execute Mirai botnet.

Threat actors exploit Spring4Shell to weaponize and execute Mirai botnet Read More »