Monday, 13 December, 2021 |
|
SonicWall has addressed eight vulnerabilities rated critical and medium severity (CVSS 5.3-9.8) in SMA 100 series appliances, which include the SMA 200, 210, 400, 410 and 500v models. Majority of these vulnerabilities affect WAF enabled appliances as well.
Out of eight reported vulnerabilities, CVE-2021-20038, CVE-2021-20043 and CVE-2021-20045 are most severe in nature.
Sunday, 12 December, 2021 |
|
December 15, 2021
The Summary section was updated to include more confirmed impacted products and remove non-vulnerable products.
The Recommendation section was modified to recommend updating to log4j 2.16.0 as a related vulnerability was discovered in 2.15.0.
The content of the Mitigation sub-section was modified, and two more related vulnerabilities’ mitigations were added.
Thursday, 9 December, 2021 |
|
Grafana Labs has released an emergency security update to patch vulnerability CVE-2021-43798 .
The Grafana dashboard is used for monitoring and aggregating network logs and other parameters.
This vulnerability is categorized as path traversal attack. An attacker can read files outside of Grafana's root folder using a path traversal vulnerability.
CVE/Vulnerability |
|
Tuesday, 7 December, 2021 |
|
There is an authentication bypass vulnerability (CVE-2021-44515) in ManageEngine Desktop Central Product that has been exploited in the wild. Moreover, there is a patch released for (CVE-202144526), another authentication bypass vulnerability in ServiceDesk Plus (help desk application and asset management tool).
An attacker could bypass authentication and execute arbitrary code in the Desktop Central Product server and ServiceDesk Plus by exploiting mentioned vulnerability.
Thursday, 11 November, 2021 |
|
A memory corruption vulnerability exists in Palo Alto Networks Global-Protect portal and gateway interfaces that enables an unauthenticated network-based attacker to disrupt system processes and potentially execute arbitrary code with root privileges. The attacker must have network access to the Global-Protect interface to exploit this issue.
This issue impacts PAN-OS 8.1 versions earlier than PAN-OS 8.1.17.
As per Palo Alto Networks, Prisma Access customers are not impacted by this issue.
Thursday, 11 November, 2021 |
|
Microsoft has released 55 security fixes for software including patches that resolve zero-day vulnerabilities actively exploited in the wild. Its includes fixes for six critical vulnerabilities, 15 remote code execution (RCE) bugs, information leaks, and elevation of privilege security flaws, as well as issues that could lead to spoofing and tampering.
Some notable vulnerabilities in this update are:
CVE-2021-42321-Microsoft Exchange Server Remote Code Execution Vulnerability
CVE-2021-42292-Microsoft Excel Security Feature Bypass Vulnerability
Tuesday, 2 November, 2021 |
|
Adobe has issued security update for October 2021, that address 92 vulnerabilities in 14 products, with 66 classified as Critical.
Some notable products that are patched in October security update includes- Adobe After Effects, Animate, Audition, Bridge, Character Animator, Illustrator, InDesign, Lightroom Classic, Media Encoder, Photoshop, Prelude, Premiere Pro, Premiere Elements and the XMP Toolkit SDK.
Adobe has fixed problem of arbitrary code execution (ACE), privilege escalation, denial-of-service and memory leaks/information disclosure.
Monday, 1 November, 2021 |
|
As of October 2021, Google has updated Chrome to address high and critical vulnerabilities. The Stable channel has been updated to 95.0.4638.69 for Windows, Mac, and Linux. This update fixes two zeroday vulnerabilities numbered as CVE-2021-38000 and CVE-2021-38003.
As Google reports, the update will roll out over the coming days or weeks.
CVE/Vulnerability | Description |
Thursday, 14 October, 2021 |
|
Microsoft has released patches for 74 vulnerabilities (81 including Microsoft Edge), with three classified as Critical and seventy as Important, including four Zero-days with one actively exploited in the wild "CVE-2021-40449".
Some notable vulnerabilities resolved in this update are:
CVE-2021-41335- Windows Kernel Elevation of Privilege Vulnerability
CVE-2021-41338- Windows App Container Firewall Rules Security Feature Bypass Vulnerability
CVE-2021-40449- Win32k Elevation of Privilege Vulnerability
Thursday, 7 October, 2021 |
|
A path traversal and file disclosure vulnerability is found in Apache HTTP Server version 2.4.49. Reported vulnerability is exploited in wild and tracked as CVE-2021-41773.
This vulnerability was introduced due to change made in path normalization in version 2.4.49.
An attacker could exploit this weakness to gain access to arbitrary files outside of the document root, as well as leak the source code of interpreted files like CGI scripts that may contain sensitive information.
Tuesday, 5 October, 2021 |
|
VMware published a security advisory addressing 19 vulnerabilities impacte VMware vCenter Server (vCenter Server) and VMware Cloud Foundation (Cloud Foundation).
In addition to VMware has confirmed reports that CVE-2021-22005 is being exploited in the wild.
CVE | Description | CVSS3.0 Score |
CVE-2021-22005 |
Monday, 4 October, 2021 |
|
Autodiscover is a protocol used by Microsoft Exchange for automatic configuration of clients such as Microsoft Outlook.
It has a design flaw that causes the protocol to “leak” web requests to Autodiscover domains outside of the user’s domain but in the same TLD (i.e. Autodiscover.com).
This is a severe security issue, since if an attacker can control such domains or has the ability to “sniff” traffic in the same network, they can capture domain credentials in plain text (HTTP basic authentication) that are being transferred over the wire.
Wednesday, 29 September, 2021 |
|
Zoho ManageEngine ADSelfService Plus version 6113 and prior is vulnerable to REST API authentication bypass vulnerability that could result in remote code execution (RCE).
This vulnerability allows an attacker to gain unauthorized access to the product through REST API endpoints by sending a specially crafted request. This would allow the attacker to carry out subsequent attacks resulting in RCE.
Wednesday, 29 September, 2021 |
|
The vulnerabilities, which are collectively referred to as “OMIGOD,” are found within OMI agents that are installed on Microsoft’s Azure Linux virtual machines (VMs) by default.
An unauthenticated, remote attacker can exploit the vulnerability (CVE-2021-38647) by sending a specially crafted request to a vulnerable host over a publicly accessible remote management port (ports 5986, 5985 and 1270). Successful exploitation would grant an attacker the ability to execute arbitrary code with root privileges on the vulnerable Linux VM.
Wednesday, 29 September, 2021 |
|
Adobe has released security update to address the multiple Critical and Important vulnerabilities affecting both Windows and macOS for Adobe Acrobat and Reader. Successful exploitation could lead to arbitrary code execution in the context of the current user.
Organizations are advised to apply patches as soon as possible, particularly patches for critical and important vulnerabilities.
CVE |
Wednesday, 29 September, 2021 |
|
In a security update of September 2021, Google issued security fixes for 11 flaws total, including two zero-day vulnerabilities that have already been exploited in the wild. The first, tracked as CVE-202130632, is described as an "out of bounds write in V8," an open-source JavaScript engine for Chrome. The second is being tracked as CVE-2021-30633 and affects the "use after free indexed DB application programming interface (API)."
CVE |
Wednesday, 29 September, 2021 |
|
Microsoft has released patches for 60 vulnerabilities (86 including Microsoft Edge), with 3 classified as Critical and 56 as Important, including 2 Zero-days with one actively exploited in the wild.
Some notable vulnerabilities resolved in this update are:
CVE-2021-40444- Microsoft MSHTML Remote Code Execution Vulnerability
CVE-2021-36968- Windows DNS Elevation of Privilege Vulnerability
Multiple CVEs - Windows Print Spooler Vulnerabilities
Tuesday, 28 September, 2021 |
|
A vulnerability in the TACACS+ authentication, authorization and accounting (AAA) feature of Cisco Enterprise NFV Infrastructure Software (NFVIS) could allow an unauthenticated, remote attacker to bypass authentication and log in to an affected device as an administrator.
This vulnerability is due to incomplete validation of user-supplied input that is passed to an authentication script. An attacker could exploit this vulnerability by injecting parameters into an authentication request.
Thursday, 9 September, 2021 |
|
Tuesday, 31 August, 2021 |
|
An information disclosure vulnerability (CVE-2021-33766) in Microsoft Exchange Server could allow an unauthenticated attacker to access and steal emails from a target’s mailbox.
If exploited, could reveal victims’ personal information, sensitive company data and more.
With this vulnerability, an unauthenticated attacker can perform configuration actions on mailboxes belonging to arbitrary users.
Description |
