Security Updates in Multiple Products of Adobe
THREAT LEVEL: Amber. For a detailed advisory, download the pdf file here. Multiple vulnerabilities have been discovered in Adobe Products: 16 critical vulnerabilities have been fixed in Adobe Acrobat and Reader which are listed below: Code execution: CVE-2021-44701, CVE-2021-44704, CVE-2021-44705, CVE-2021-44706, CVE-2021-44707, CVE-2021-44710, CVE-2021-44711, CVE-2021-45061, CVE-2021-45062, CVE-2021-45064, …
Mozilla Firefox patches multiple vulnerabilities
THREAT LEVEL: Amber. For a detailed advisory, download the pdf file here. Mozilla Firefox has released a major security update which patches 9 high, 6 moderate and 3 low impact vulnerabilities. Vulnerabilities classified as high are: CVE-2022-22746: Callnnto reportValdty could ave lead to fullscreen wndow spoof CVE-2022-22743: …
Privilege escalation vulnerability in Citrix Workspace for Linux
THREAT LEVEL: Amber. For a detailed advisory, download the pdf file here. A local privilege escalation vulnerability could allow a local user to gain root privileges on the computer running Citrix Workspace app for Linux. This vulnerability (CVE-2022-21825) affects the Citrix Workspace app for Linux 2012 – 2111 and only …
Microsoft Patch Tuesday fixes critical zero-days along with 97 other flaws
THREAT LEVEL: Red. For a detailed advisory, download the pdf file here. Microsoft has fixed 97 vulnerabilities, with nine classified as Critical and 88 as Important and among them 6 zero-days. Following are the type of security vulnerabilities reported in multiple Microsoft products: 41 Elevation of Privilege …
WordPress fixes multiple security vulnerabilities
THREAT LEVEL: Amber. For a detailed advisory, download the pdf file here. WordPress development team has released the security update to patch the following four vulnerabilities out of which three of them have high severity. CVE-2022-21661: A vulnerability exists in WP_Query class which is caused due to …
A similar vulnerability like Log4shell discovered in H2 database console
THREAT LEVEL: Red. For a detailed advisory, download the pdf file here. An unauthenticated remote code execution vulnerability similar to Log4shell has been discovered in H2 Database (a popular Java SQL database) console and has been assigned CVE-2021-42392. It is claimed to be similar to the log4shell …
High severity vulnerability in VMware Workstation, Fusion, and ESXi
THREAT LEVEL: Amber. For a detailed advisory, download the pdf file here. A heap buffer overflow vulnerability has been discovered in multiple products of VMware. This bug has been tracked as CVE-2021-22045, if exploited would result in the execution of arbitrary code by the attacker. Heap overflows …
New rootkit iLOBleed targets HP servers
THREAT LEVEL: Red. For a detailed advisory, download the pdf file here. The rootkit known as iLOBleed has been active since 2020 that is targeting Hewlett-Packard (HP) enterprises’ Integrated Lights-Out (iLO) server management technology to delete data from infected machines and corrupt firmware. The malware family …