Ivanti Patches Critical Flaws in Connect Secure, Cloud Services Application

December 11, 2024 at 06:19AM Ivanti announced patches for 11 vulnerabilities, including five critical-severity bugs affecting Cloud Services Application, Connect Secure, and Policy Secure. Notably, CVE-2024-11639, with a CVSS score of 10, allows authentication bypass. Users are urged to update their systems. No evidence of exploitation has been reported. ### Meeting Takeaways 1. **Ivanti Vulnerability … Read more

QNAP and Veritas dump 30-plus vulns over the weekend

November 26, 2024 at 05:33AM QNAP addressed 24 vulnerabilities in its products, with two critical and nine high-severity flaws identified. The most affected was the Notes Station 3 app. Meanwhile, Veritas disclosed seven critical vulnerabilities in its Enterprise Vault software, with patches expected long-term, raising concerns about security management and response efficiency. ### Meeting Takeaways … Read more

Patch Tuesday: Critical Flaws in Adobe Commerce, Photoshop, InDesign, Illustrator

November 12, 2024 at 01:04PM Adobe has released patches for critical vulnerabilities in several products, including Adobe Commerce and Magento Open Source, as part of its Patch Tuesday updates. This addresses significant security flaws to enhance user protection in applications like Photoshop, InDesign, and Illustrator. **Meeting Takeaways:** 1. Adobe has released patches addressing critical-severity bugs. … Read more

Cisco Patches Critical Vulnerabilities in Secure Email Gateway, SSM

July 18, 2024 at 07:45AM Cisco announced software updates for around a dozen vulnerabilities, which included critical-severity bugs in Secure Email Gateway and Smart Software Manager On-Prem. The flaws could allow an attacker to execute arbitrary code, initiate denial-of-service conditions, or access the web UI with compromised user privileges. Cisco also addressed high-severity vulnerabilities in … Read more