September 17, 2024 at 01:15AM SolarWinds released fixes for two security flaws in its Access Rights Manager (ARM) software. The critical vulnerability (CVE-2024-28991) with a 9.0 CVSS score allows remote code execution. A medium-severity flaw (CVE-2024-28990) was also addressed. Security researcher Piotr Bazydlo discovered the flaws, and updates to ARM version 2024.3.1 are recommended to … Read more
July 19, 2024 at 04:33AM SolarWinds has addressed critical security flaws in its Access Rights Manager (ARM) software, including 11 vulnerabilities and their severity ratings. These flaws could allow attackers to access sensitive information and execute code with elevated privileges. The vulnerabilities have been fixed in version 2024.3 after responsible disclosure by the Trend Micro … Read more
July 18, 2024 at 11:57AM SolarWinds addressed critical vulnerabilities in its Access Rights Manager software, including RCE and directory traversal flaws. These flaws could allow unprivileged attackers to execute code, delete files, and obtain sensitive information. The company released version 2024.3 with security fixes. SolarWinds has yet to confirm if exploits for the flaws are … Read more
June 11, 2024 at 06:18AM Arm warns of CVE-2024-4610, a memory safety bug in Mali GPU kernel drivers exploited in the wild, potentially allowing local users improper GPU memory processing operations. The bug impacts Bifrost and Valhall drivers, was introduced in r34p0, and addressed in r41p0. Arm urges prompt device updates and notes past exploit … Read more
June 11, 2024 at 03:21AM Arm has warned of a security vulnerability in Mali GPU Kernel Driver, CVE-2024-4610, actively exploited in the wild. The issue affects certain products, allowing improper GPU memory processing operations for unauthorized access. The vulnerability has been addressed in Bifrost and Valhall GPU Kernel Driver r41p0, with reports of exploitation in … Read more