Microsoft Fixes LPE Vulnerability Impacting Windows 7 and Server 2008 – E Hacking News
Microsoft quietly patched a local privilege escalation (LPE) flaw that affects both Windows 7 and Server 2008 R2 computers. This LPE flaw (which...
Tagged: vulnerability
Vulnerability in CocoaPod Dependency Manager Exposed Millions of Apps
A remote code execution vulnerability identified on the central CocoaPods server could have allowed an attacker to poison any package download, security researcher Max...
Critical Vulnerability Can Allow Attackers to Hijack or Disrupt Juniper Devices
A critical vulnerability patched recently by networking and cybersecurity solutions provider Juniper Networks could allow an attacker to remotely hijack or disrupt affected devices....
Google Project Zero Announces 2021 Updates to Vulnerability Disclosure Policy
Google’s Project Zero cybersecurity research unit on Thursday announced that it’s making some changes to its vulnerability disclosure policies, giving users 30 days to...
Another Critical Vulnerability Patched in SAP Commerce
On Tuesday, as part of its April 2021 Security Patch Day, SAP announced the release of 14 new security notes and 5 updates to...
Exploit Released for Critical Vulnerability Affecting QNAP NAS Devices
An exploit is now publicly available for a remote code execution vulnerability affecting QNAP network-attached storage (NAS) devices that run the Surveillance Station video...
Critical security alert: If you haven’t patched this old VPN vulnerability, assume your network is compromised
Cyber criminals and nation-state cyber-espionage operations are actively scanning for unpatched vulnerabilities in Fortinet VPNs; organisations that use Fortigate firewalls on their network, and...
Critical Zoom vulnerability triggers remote code execution without user input
A zero-day vulnerability in Zoom which can be used to launch remote code execution (RCE) attacks has been disclosed by researchers. Pwn2Own, organized by...
Vulnerability in ‘Domain Time II’ Could Lead to Server, Network Compromise
A vulnerability residing in the “Domain Time II” network time solution can be exploited in Man-on-the-Side (MotS) attacks, cyber-security firm GRIMM warned on Tuesday....
Google Patches Critical Code Execution Vulnerability in Android
The April 2021 Android security bulletin published this week by Google describes more than 30 vulnerabilities in the mobile operating system, including a remote...