October 20, 2023 at 04:34PM Eight critical vulnerabilities have been discovered in SolarWinds’ Access Rights Manager Tool, exposing unpatched systems to potential privilege escalation by attackers. The vulnerabilities range from allowing remote code execution to performing local privilege escalation. A new ARM version, 2023.2.1, has been released to fix the vulnerabilities, and SolarWinds clients are … Read more
October 20, 2023 at 11:06AM Researchers discovered three critical remote code execution vulnerabilities in SolarWinds Access Rights Manager (ARM), allowing attackers to run code with SYSTEM privileges. SolarWinds ARM helps organizations manage and audit user access rights. The vendor promptly released a patch in version 2023.2.1 of the system. The vulnerabilities’ severity ratings are all … Read more
October 18, 2023 at 08:48AM Oracle has released 387 new security patches as part of the October 2023 CPU. Over 40 patches address critical-severity flaws and more than 200 resolve bugs that can be remotely exploited. The patches cover various Oracle products, with Financial Services Applications receiving the most fixes. Oracle advises customers to apply … Read more