Samba has released software updates to fix five vulnerabilities in multiple Samba software products. One of the fixed issues could allow Samba AD users to forge password change requests for any user.
The Microsoft June 2022 Security Updates includes patches and advisories for 55 vulnerabilities, three of those rated Critical severity.
GitLab has issued a security update to address a Critical vulnerability CVE-2022-1162 where static passwords were inadvertently set during OmniAuth-based registration.
Researchers discover Critical RCE 0-day “Log4Shell” vulnerability (CVE-2021-44228) in Apache Log4j logging utility (update)
Researchers have discovered a Critical 0-day vulnerability (CVE-2021-44228) in Apache Log4j logging utility that can result in remote code execution (RCE). In addition, CISA and Microsoft also issue new guidance for log4j vulnerability remediation.
Samba has released software updates to fix two High severity security vulnerabilities (CVE-2020-27840 and CVE-2021-20277) that impact Samba products. A remote attacker could take advantage of these bugs and exploit unpatched systems.
Samba has released a software update and patches for two security vulnerabilities (CVE-2020-170704 and CVE-2020-170700) that impact Samba products. A remote attacker could take advantage of these bugs and exploit unpatched systems.
Cisco has patched a critical vulnerability CVE-2019-16028 in the web-based management interface of Cisco Firepower Management Center (FMC). An unauthenticated, remote attacker could bypass authentication and execute arbitrary code on impacted FMC devices.
Cisco released an updated security advisory warning of active scanning activity for a highly critical remote code execution (RCE) vulnerability in the web-based VPN management interface of Cisco RV110W, RV130W, and RV215W Routers.