September 4, 2024 at 08:36AM Zyxel has released patches addressing critical vulnerabilities in their networking devices. The patches cover multiple access point and security router models, as well as firewall series devices. The vulnerabilities could allow remote attackers to execute arbitrary commands or cause a denial-of-service condition. Zyxel advises affected product owners to obtain the … Read more
August 22, 2024 at 02:51PM New security fixes are being rolled out for Chrome to address a high-severity type confusion bug, identified as CVE-2024-7971, in the V8 JavaScript engine. Google reported the presence of an exploit for this vulnerability. The updated version 128 of Chrome will address 38 vulnerabilities, including CVE-2024-7971, and is expected to … Read more
August 20, 2024 at 07:18AM In August 2024, F5 released patches for nine vulnerabilities, including high-severity flaws in BIG-IP and NGINX Plus. The most severe issue, CVE-2024-39809, impacts BIG-IP Next Central Manager, allowing attackers to access systems after user logout. F5 also addressed CVE-2024-39778, CVE-2024-39792, and CVE-2024-41727, as well as five medium-severity flaws. Mitigation actions … Read more
July 24, 2024 at 08:39AM Google released Chrome 127, addressing 24 vulnerabilities, with memory safety bugs and high-severity flaws the most prevalent. The update includes patches for high and medium-severity vulnerabilities, as well as low-severity issues, awarding over $55,000 in bug bounty rewards. Users are encouraged to update promptly, with specifics on vulnerabilities withheld until … Read more
July 2, 2024 at 09:22AM Splunk announced patches for 16 vulnerabilities in Splunk Enterprise and Cloud Platform, including six high-severity bugs. The vulnerabilities include remote code execution flaws, command injection flaw, path traversal, and denial-of-service. Splunk also addressed medium-severity flaws. No mention of exploitation in the wild was made. Additional information is available on Splunk’s … Read more
June 27, 2024 at 10:04AM GitLab released security patches for GitLab Community Edition and Enterprise Edition, addressing 14 vulnerabilities, including critical and high-severity flaws. The critical issue, CVE-2024-5655, could allow unauthorized pipeline triggering. The updates also address various vulnerabilities, including cross-site scripting and improper authorization. Users are advised to update to versions 17.1.1, 17.0.3, or … Read more
April 3, 2024 at 06:24AM Google released patches for 28 Android vulnerabilities and 25 Pixel device bugs, including two actively exploited issues (CVE-2024-29745 and CVE-2024-29748). Notable among the flaws is CVE-2024-23704, a high-severity vulnerability in the System component. The update also addressed security issues in Qualcomm and MediaTek components and resolved bugs in Android Automotive … Read more
March 20, 2024 at 02:57PM GitHub introduced a new AI-powered feature, Code Scanning Autofix, which automatically provides potential fixes for vulnerabilities in JavaScript, Typescript, Java, and Python. The feature aims to speed up vulnerability fixes, reduce security risks, and reclaim developers’ time. GitHub plans to expand language support and has also enabled push protection for … Read more
January 9, 2024 at 12:54PM On the first Patch Tuesday of 2024, Siemens and Schneider Electric released a total of seven security advisories, fixing 22 vulnerabilities. Siemens addressed critical vulnerabilities in Simatic IPCs, CN 4100, Solid Edge 2023, Teamcenter Visualization, JT2Go, Spectrum Power 7, and Sicam A8000 devices. Schneider Electric addressed a high-severity Easergy Studio … Read more
December 13, 2023 at 01:48AM Microsoft’s final 2023 Patch Tuesday update addressed 33 flaws, with 4 rated Critical and 29 rated Important. This year, they’ve patched over 900 flaws, including vulnerabilities like remote code execution and information disclosure. Akamai also discovered attacks against Active Directory domains using Microsoft DHCP servers, prompting recommendations from Microsoft. Other … Read more