- Vulnerebility 2020 -

Vulnerebility List -  2024  2023  2021  2020  2019  2018


Date

Name

Category

Web

31.12.20

Critical bugs in Dell Wyse ThinOS allow thin client take over

Vulnerebility

Bleepingcomputer

30.12.20

A Google Docs Bug Could Have Allowed Hackers See Your Private Documents

Vulnerebility

Thehackernews

24.12.20

WordPress plugin with 5 million installs has a critical vulnerability

Vulnerebility

Bleepingcomputer

24.12.20

HPE discloses critical zero-day in server management software

Vulnerebility

Bleepingcomputer

24.12.20

Google outage caused by critical system running out of storage

Vulnerebility

Bleepingcomputer

24.12.20

Critical Golang XML parser bugs can cause SAML authentication bypass

Vulnerebility

Bleepingcomputer

24.12.20

Adobe releases final Flash Player update, warns of 2021 kill switch

Vulnerebility

Bleepingcomputer

24.12.20

Microsoft Office security updates fix critical SharePoint RCE bugs

Vulnerebility

Bleepingcomputer

23.12.20

VMware and Cisco also impacted by the SolarWinds hack

Vulnerebility

Securityaffairs

23.12.20

Dell Wyse ThinOS flaws allow hacking think clients

Vulnerebility

Securityaffairs

23.12.20

Critical Vulnerabilities Expose Dell Wyse Thin Client Devices to Attacks

Vulnerebility

Securityweek

23.12.20

New Critical Flaws in Treck TCP/IP Stack Affect Millions of IoT Devices

Vulnerebility

Thehackernews

23.12.20

Two Critical Flaws — CVSS Score 10 — Affect Dell Wyse Thin Client Devices

Vulnerebility

Thehackernews

19.12.20

Authentication Bypass Vulnerability Patched in Bouncy Castle Library

Vulnerebility

Securityweek

18.12.20

Sophos fixes SQL injection vulnerability in their Cyberoam OS

Vulnerebility

Bleepingcomputer

18.12.20

Cisco fixes new critical code execution bug in Jabber for Windows

Vulnerebility

Bleepingcomputer

18.12.20

Adobe fixes critical security vulnerabilities in Lightroom, Prelude

Vulnerebility

Bleepingcomputer

18.12.20

A slightly optimistic tale of how patching went for CVE-2019-19781

Vulnerebility

SANS

18.12.20

5 million WordPress sites potentially impacted by a Contact Form 7 flaw

Vulnerebility

Securityaffairs

18.12.20

Trend Micro Patches Serious Flaws in Product Used by Companies, Governments

Vulnerebility

Securityweek

17.12.20

HPE discloses critical zero-day in Systems Insight Manager

Vulnerebility

Securityaffairs

16.12.20

Easy WP SMTP Security Bug Can Reveal Admin Credentials

Vulnerebility

Threatpost

16.12.20

Firefox Patches Critical Mystery Bug, Also Impacting Google Chrome

Vulnerebility

Threatpost

16.12.20

Vast Majority of OT Devices Affected by Urgent/11 Vulnerabilities Still Unpatched

Vulnerebility

Securityweek

13.12.20

Severe MDHexRay bug affects 100+ GE Healthcare imaging systems

Vulnerebility

Bleepingcomputer

13.12.20

Adobe fixes critical security vulnerabilities in Lightroom, Prelude

Vulnerebility

Bleepingcomputer

13.12.20

All Kubernetes versions affected by unpatched MiTM vulnerability

Vulnerebility

Bleepingcomputer

13.12.20

D-Link VPN routers get patch for remote command injection bugs

Vulnerebility

Bleepingcomputer

13.12.20

Intel driver updates fix Windows 10 BSODs, Bluetooth issues

Vulnerebility

Bleepingcomputer

12.12.20

Cisco Patches Wormable, Zero-Click Vulnerability in Jabber

Vulnerebility

Securityweek

11.12.20

Critical Steam Flaws Could Let Gamers Crash Opponents’ Computers

Vulnerebility

Threatpost

11.12.20

Zero-Click Wormable RCE Vulnerability in Cisco Jabber Gets Fixed, Again

Vulnerebility

Threatpost

11.12.20

Cisco addresses critical RCE vulnerability in Jabber

Vulnerebility

Securityaffairs

11.12.20

Cybersecurity Agencies Warn of High-Severity OpenSSL Vulnerability

Vulnerebility

Securityweek

11.12.20

Cisco Reissues Patches for Critical Bugs in Jabber Video Conferencing Software

Vulnerebility

Thehackernews

10.12.20

Microsoft Office November 2020 updates fix Outlook, Skype issues

Vulnerebility

Bleepingcomputer

10.12.20

2020 to reach vulnerability disclosure levels similar to those in 2019

Vulnerebility

Net-security

10.12.20

D-Link Routers at Risk for Remote Takeover from Zero-Day Flaws

Vulnerebility

Threatpost

10.12.20

Microsoft December 2020 Patch Tuesday fixes 58 bugs, 9 are critical

Vulnerebility

Securityaffairs

10.12.20

December 2020 Android Updates Patch 46 Vulnerabilities

Vulnerebility

Securityweek

10.12.20

SAP Releases Four 'Hot News' Notes on December 2020 Patch Day

Vulnerebility

Securityweek

10.12.20

'AMNESIA:33' Vulnerabilities in TCP/IP Stacks Expose Millions of Devices to Attacks

Vulnerebility

Securityweek

10.12.20

Amnesia:33 — Critical TCP/IP Flaws Affect Millions of IoT Devices

Vulnerebility

Thehackernews

9.12.20

Microsoft Wraps Up a Lighter Patch Tuesday for the Holidays

Vulnerebility

Threatpost

9.12.20

‘Amnesia:33’ TCP/IP Flaws Affect Millions of IoT Devices

Vulnerebility

Threatpost

9.12.20

Critical, Unpatched Bugs Open GE Radiological Devices to Remote Code Execution

Vulnerebility

Threatpost

9.12.20

Adobe Warns Windows, macOS Users of Critical-Severity Flaws

Vulnerebility

Threatpost

9.12.20

Apache Software Foundation fixes code execution flaw in Apache Struts 2

Vulnerebility

Securityaffairs

9.12.20

OpenSSL is affected by a ‘High Severity’ security flaw, update it now

Vulnerebility

Securityaffairs

9.12.20

Unauthenticated Command Injection bug opens D-Link VPN routers to hack

Vulnerebility

Securityaffairs

9.12.20

Possible Code Execution Flaw in Apache Struts

Vulnerebility

Securityweek

9.12.20

Microsoft Patches Critical SharePoint, Exchange Security Holes

Vulnerebility

Securityweek

9.12.20

Over 100 GE Healthcare Devices Affected by Critical Vulnerability

Vulnerebility

Securityweek

9.12.20

Adobe Patches Code Execution Flaws in Prelude, Experience Manager, Lightroom

Vulnerebility

Securityweek

9.12.20

OpenSSL Ships ‘High Severity’ Security Patch

Vulnerebility

Securityweek

9.12.20

Unauthenticated Command Injection Flaw Exposes D-Link VPN Routers to Attacks

Vulnerebility

Securityweek

9.12.20

Microsoft Releases Windows Update (Dec 2020) to Fix 58 Security Flaws

Vulnerebility

Thehackernews

9.12.20

A light December 2020 Patch Tuesday for a no-stress end of the year

Vulnerebility

Net-security

9.12.20

D-Link routers vulnerable to remotely exploitable root command injection flaw

Vulnerebility

Net-security

8.12.20

Expert discloses zero-click, wormable flaw in Microsoft Teams

Vulnerebility

Securityaffairs

8.12.20

Critical remote code execution fixed in PlayStation Now

Vulnerebility

Securityaffairs

8.12.20

QNAP fixed eight flaws that could allow NAS devices takeover

Vulnerebility

Securityaffairs

8.12.20

Researcher Awarded $15,000 for Code Execution Flaw in PlayStation Now App

Vulnerebility

Securityweek

8.12.20

WARNING — Critical Remote Hacking Flaws Affect D-Link VPN Routers

Vulnerebility

Thehackernews

8.12.20

QNAP High-Severity Flaws Plague NAS Systems

Vulnerebility

Threatpost

8.12.20

Cisco fixes exploitable RCEs in Cisco Security Manager

Vulnerebility

Securityaffairs

8.12.20

WARNING — Critical Remote Hacking Flaws Affect D-Link VPN Routers

Vulnerebility

Thehackernews

8.12.20

Wormable, Zero-Click Vulnerability in Microsoft Teams

Vulnerebility

Securityweek

8.12.20

Zero-Click Wormable RCE Vulnerability Reported in Microsoft Teams

Vulnerebility

Thehackernews

7.12.20

Google Launches XS-Leaks Vulnerability Knowledge Base

Vulnerebility

Securityweek

7.12.20

Techno-nationalism isn’t going to solve our cyber vulnerability problem

Vulnerebility

Net-security

6.12.20

CBS Last.fm fixes admin password leakage via Symfony profiler

Vulnerebility

Bleepingcomputer

5.12.20

VMware Rolls a Fix for Formerly Critical Zero-Day Bug

Vulnerebility

Threatpost

5.12.20

High-Severity Chrome Bugs Allow Browser Hacks

Vulnerebility

Threatpost

5.12.20

Recently disclosed CVE-2020-4006 VMware zero-day was reported by NSA

BigBrothers  Vulnerebility

Securityaffairs

5.12.20

VMware Patches Workspace ONE Access Vulnerability Reported by NSA

BigBrothers  Vulnerebility

Securityweek

4.12.20

GitHub Says Vulnerabilities in Some Ecosystems Take Years to Fix

Vulnerebility

Securityweek

4.12.20

December 2020 Patch Tuesday forecast: Always consider the risk

Vulnerebility

Net-security

4.12.20

ControlFlag: Machine programming research tool detects bugs in code

Vulnerebility

Net-security

4.12.20

Open source vulnerabilities go undetected for over four years

Vulnerebility

Net-security

3.12.20

A scan of 4 Million Docker images reveals 51% have critical flaws

Vulnerebility

Securityaffairs

3.12.20

UK urges orgs to patch critical MobileIron CVE-2020-15505 RCE bug

Vulnerebility

Bleepingcomputer

2.12.20

Analysis of 4 Million Docker Images Shows Half Have Critical Vulnerabilities

Vulnerebility

Securityweek

2.12.20

Electronic Medical Records Cracked Open by OpenClinic Bugs

Vulnerebility

Threatpost

2.12.20

Consumers vastly misjudge the vulnerability of their home networks

Vulnerebility

Net-security

1.12.20

Talos reported WebKit flaws in WebKit that allow Remote Code Execution

Vulnerebility

Securityaffairs

1.12.20

Exclusive: Experts from TIM’s Red Team Research (RTR) found 6 zero-days

Vulnerebility

Securityaffairs

1.12.20

WebKit Vulnerabilities Allow Remote Code Execution via Malicious Websites

Vulnerebility

Securityweek

30.11.20

SD-WAN Product Vulnerabilities Allow Hackers to Steer Traffic, Shut Down Networks

Vulnerebility

Securityweek

29.11.20

TikTok fixes bugs allowing account takeover with one click

Vulnerebility

Bleepingcomputer

29.11.20

VMware discloses critical zero-day vulnerability in Workspace One

Vulnerebility

Bleepingcomputer

29.11.20

Hacker posts exploits for over 49,000 vulnerable Fortinet VPNs

Vulnerebility

Bleepingcomputer

29.11.20

VMWare releases fix for critical ESXi, Workstation vulnerability

Vulnerebility

Bleepingcomputer

28.11.20

Drupal emergency updates fix critical arbitrary PHP code execution

Vulnerebility

Securityaffairs

27.11.20

Unofficial Patch Released for Windows 7 Zero-Day Vulnerability

Vulnerebility

Securityweek

27.11.20

Cisco fixes WebEx bugs allowing 'ghost' attackers in meetings

Vulnerebility

Bleepingcomputer

26.11.20

Critical MobileIron RCE Flaw Under Active Attack

Vulnerebility

Threatpost

25.11.20

2FA Bypass Vulnerability Patched in cPanel & WebHost Manager

Vulnerebility

Securityweek

25.11.20

VMware Working on Patches for Critical Workspace ONE Access Vulnerability

Vulnerebility

Securityweek

25.11.20

2-Factor Authentication Bypass Flaw Reported in cPanel and WHM Software

Vulnerebility

Thehackernews

25.11.20

VMware releases workarounds for another critical flaw (CVE-2020-4006)

Vulnerebility

Net-security

25.11.20

Drupal-based sites open to attack via double extension files (CVE-2020-13671)

Vulnerebility

Net-security

24.11.20

Critical VMware Zero-Day Bug Allows Command Injection; Patch Pending

Vulnerebility

Threatpost

24.11.20

VMware discloses critical zero-day CVE-2020-4006 in Workspace One

Vulnerebility

Securityaffairs

24.11.20

Critical Unpatched VMware Flaw Affects Multiple Corporates Products

Vulnerebility

Thehackernews

23.11.20

VMware fixed SD-WAN flaws that could allow hackers to target enterprise networks

Vulnerebility

Securityaffairs

21.11.20

VMware Fixes Critical Flaw in ESXi Hypervisor

Vulnerebility

Threatpost

20.11.20

Intel fixes 95 vulnerabilities in November 2020 Platform Update

Vulnerebility

Bleepingcomputer

20.11.20

Office November security updates fix remote code execution bugs

Vulnerebility

Bleepingcomputer

20.11.20

NVIDIA fixes severe flaw in GeForce NOW cloud gaming service

Vulnerebility

Bleepingcomputer

20.11.20

Adobe releases security update for Adobe Reader for Android

Vulnerebility

Bleepingcomputer

20.11.20

German COVID-19 Contact-Tracing Vulnerability Allowed RCE

Vulnerebility

Threatpost

20.11.20

Drupal addressed CVE-2020-13671 Remote Code Execution flaw

Vulnerebility

Securityaffairs

20.11.20

Financial services lead when it comes to fixing open source flaws

Vulnerebility

Net-security

20.11.20

Cisco Webex vulnerabilities may enable attackers to covertly join meetings

Vulnerebility

Net-security

19.11.20

Remote Code Execution Vulnerability Patched in Drupal

Vulnerebility

Securityweek

19.11.20

Cisco Webex Vulnerability Allows Ghost Access to Meetings

Vulnerebility

Securityweek

19.11.20

Cisco Webex ‘Ghost’ Flaw Opens Meetings to Snooping

Vulnerebility

Threatpost

19.11.20

Widespread Scans Underway for RCE Bugs in WordPress Websites

Vulnerebility

Threatpost

19.11.20

Cisco fixed flaws in WebEx that allow ghost participants in meetings

Vulnerebility

Threatpost

19.11.20

The effectiveness of vulnerability disclosure and exploit development

Vulnerebility

Net-security

18.11.20

Cisco Patches Critical Flaw After PoC Exploit Code Release

Vulnerebility

Threatpost

18.11.20

Multiple Industrial Control System Vendors Warn of Critical Bugs

Vulnerebility

Threatpost

18.11.20

Large-scale campaign targets vulnerable Epsilon Framework WordPress themes

Vulnerebility

Securityaffairs

18.11.20

Expert publicly discloses PoC code for critical RCE issues in Cisco Security Manager

Vulnerebility

Securityaffairs

18.11.20

Cisco Patches Publicly Disclosed Vulnerabilities in Security Manager

Vulnerebility

Securityweek

18.11.20

Critical vulnerabilities in Cisco Security Manager fixed, researcher discloses PoCs

Vulnerebility

Net-security

17.11.20

Cisco Patches Publicly Disclosed Vulnerabilities in Security Manager

Vulnerebility

Securityaffairs

17.11.20

Citrix SD-WAN Bugs Allow Remote Code Execution

Vulnerebility

Securityaffairs

17.11.20

Researcher Discloses Critical RCE Flaws In Cisco Security Manager

Vulnerebility

Thehackernews

16.11.20

Heartbleed, BlueKeep and other vulnerabilities that didn't disappear just because we don't talk about them anymore

Vulnerebility

SANS

12.11.20

Nvidia Warns Windows Gamers of GeForce NOW Flaw

Vulnerebility

Threatpost

12.11.20

Silver Peak SD-WAN Bugs Allow for Network Takeover

Vulnerebility

Threatpost

12.11.20

High-Severity Cisco DoS Flaw Can Immobilize ASR Routers

Vulnerebility

Threatpost

12.11.20

Google addresses two new Chrome zero-day flaws

Vulnerebility

Securityaffairs

12.11.20

SAP Patches Several Critical Vulnerabilities With November 2020 Security Updates

Vulnerebility

Securityweek

11.11.20

Microsoft Patch Tuesday fixes CVE-2020-17087 currently under active exploitation

Vulnerebility

Securityaffairs

11.11.20

Vulnerabilities Exploited at Chinese Hacking Contest Patched in Firefox, Chrome

Vulnerebility

Securityweek

11.11.20

Microsoft Releases Windows Security Updates For Critical Flaws

Vulnerebility

Thehackernews

11.11.20

Microsoft Patch Tuesday Update Fixes 17 Critical Bugs

Vulnerebility

Threatpost

11.11.20

Adobe fixes flaws in Connect and Reader Mobile

Vulnerebility

Securityaffairs

11.11.20

Flaws in WordPress Ultimate Member plugin expose 25K sites to hack

Vulnerebility

Securityaffairs

11.11.20

Microsoft Patches Windows Vulnerability Chained in Attacks With Chrome Bug

Vulnerebility

Securityweek

11.11.20

Adobe Patches Vulnerabilities in Connect, Reader Mobile

Vulnerebility

Securityweek

11.11.20

Finding 365 bugs in Microsoft Office 365

Vulnerebility

Net-security

11.11.20

November 2020 Patch Tuesday: Microsoft fixes actively exploited Windows Kernel flaw

Vulnerebility

Net-security

8.11.20

Critical bug actively used to deploy Cobalt Strike on Oracle servers

Vulnerebility

Bleepingcomputer

8.11.20

SaltStack reveals new critical vulnerabilities, patch now

Vulnerebility

Bleepingcomputer

8.11.20

Adobe fixes critical security vulnerabilities in Acrobat, Reader

Vulnerebility

Bleepingcomputer

7.11.20

Oracle issues emergency patch for critical WebLogic Server flaw

Vulnerebility

Bleepingcomputer

7.11.20

GitHub threatens to ban users who bypass YouTube-dl takedown

Vulnerebility

Bleepingcomputer

6.11.20

Cisco Zero-Day in AnyConnect Secure Mobility Client Remains Unpatched

Vulnerebility

Threatpost

6.11.20

Git LFS vulnerability allows attackers to compromise targets’ Windows systems (CVE-2020-27955)

Vulnerebility

Net-security

5.11.20

VMware finally fixed the critical CVE-2020-3992 flaw in ESXi

Vulnerebility

Securityaffairs

5.11.20

Mandiant Details Recently Patched Oracle Solaris Zero-Day

Vulnerebility

Securityweek

5.11.20

Cisco Working on Patch for Code Execution Vulnerability in VPN Product

Vulnerebility

Securityweek

5.11.20

VMware Issues Updated Fix For Critical ESXi Flaw

Vulnerebility

Threatpost

5.11.20

Zero-day in Cisco AnyConnect Secure Mobility Client yet to be fixed

Vulnerebility

Securityaffairs

5.11.20

Google Discloses Details of GitHub Actions Vulnerability

Vulnerebility

Securityweek

5.11.20

Trend Micro Patches Vulnerabilities in InterScan Messaging Security Product

Vulnerebility

Securityweek

5.11.20

Patch for Critical VMware ESXi Vulnerability Incomplete

Vulnerebility

Securityweek

5.11.20

Games in Microsoft Store Can Be Abused for Privilege Escalation on Windows

Vulnerebility

Securityweek

5.11.20

Google fixes two actively exploited Chrome zero-days (CVE-2020-16009, CVE-2020-16010)

Vulnerebility

Net-security

4.11.20

Adobe Warns Windows, MacOS Users of Critical Acrobat and Reader Flaws

Vulnerebility

Threatpost

4.11.20

Oracle Rushes Emergency Fix for Critical WebLogic Server Flaw

Vulnerebility

Threatpost

4.11.20

Adobe addressed 4 critical vulnerabilities in Acrobat products

Vulnerebility

Securityaffairs

4.11.20

Adobe Patches 14 Vulnerabilities in Acrobat Products

Vulnerebility

Securityweek

4.11.20

Google Patches Actively Exploited Chrome Vulnerabilities

Vulnerebility

Securityweek

3.11.20

WordPress Pushes Out Multiple Flawed Security Updates

Vulnerebility

Threatpost

3.11.20

Oracle issues emergency patch for CVE-2020-14750 WebLogic Server flaw

Vulnerebility

Securityaffairs

2.11.20

Guide: 10 critical issues to cover in your vendor security questionnaires

Vulnerebility

Net-security

1.11.20

QNAP warns of new QTS bugs that allow take over of devices

Vulnerebility

Bleepingcomputer

1.11.20

Companies paid $4.2M bug bounties for XSS flaws in 2020

Vulnerebility

Securityaffairs

31.10.20

Microsoft releases update to remove Adobe Flash from Windows

Vulnerebility

Bleepingcomputer

31.10.20

Mozilla rolls out new Firefox version to fix Windows reboot bug

Vulnerebility

Bleepingcomputer

31.10.20

WordPress Patches 3-Year-Old High-Severity RCE Bug

Vulnerebility

Threatpost

31.10.20

Google Discloses Actively Targeted Windows Vulnerability

Vulnerebility

Securityweek

30.10.20

Microsoft Says Hackers Continue to Target Zerologon Vulnerability

Vulnerebility

Securityweek

30.10.20

Critical OpenEMR Vulnerabilities Give Hackers Remote Access to Health Records

Vulnerebility

Securityweek

30.10.20

Bug Bounty Hunters Earned Over $4M for XSS Flaws Reported via HackerOne in 2020

Vulnerebility

Securityweek

30.10.20

NVIDIA Patches Critical Bug in High-Performance Servers

Vulnerebility

Threatpost

30.10.20

Critical Oracle WebLogic flaw CVE-2020-14882 actively exploited in the wild

Vulnerebility

Securityaffairs

30.10.20

NVIDIA Patches AMI BMC Vulnerabilities Impacting Several Major Vendors

Vulnerebility

Securityweek

30.10.20

Microsoft Introduces Device Vulnerability Report in Defender for Endpoint

Vulnerebility

Securityweek

30.10.20

Oracle WebLogic Vulnerability Targeted One Week After Patching

Vulnerebility

Securityweek

30.10.20

Easily exploitable RCE in Oracle WebLogic Server under attack (CVE-2020-14882)

Vulnerebility

Net-security

29.10.20

Most companies have high-risk vulnerabilities on their network perimeter

Vulnerebility

Net-security

28.10.20

76% of applications have at least one security flaw

Vulnerebility

Net-security

27.10.20

Containerd Bug Exposes Cloud Account Credentials

Vulnerebility

Threatpost

27.10.20

NVIDIA Patches Code Execution Flaws in GeForce Experience

Vulnerebility

Securityweek

27.10.20

HPE Patches Two Critical, Remotely Exploitable Vulnerabilities

Vulnerebility

Securityweek

25.10.20

HPE fixes maximum severity remote auth bypass bug in SSMC console

Vulnerebility

Bleepingcomputer

25.10.20

Mozilla slows Firefox 82 update due to printing issues, crashes

Vulnerebility

Bleepingcomputer

25.10.20

NVIDIA patches high severity GeForce Experience vulnerabilities

Vulnerebility

Bleepingcomputer

25.10.20

QNAP warns of Windows Zerologon flaw affecting some NAS devices

Vulnerebility

Bleepingcomputer

24.10.20

Cisco warns of attacks targeting high severity router vulnerability

Vulnerebility

Bleepingcomputer

24.10.20

Adobe fixes 18 critical bugs affecting its Windows, macOS apps

Vulnerebility

Bleepingcomputer

24.10.20

Nvidia Warns Gamers of Severe GeForce Experience Flaws

Vulnerebility

Threatpost

23.10.20

Cisco addresses 17 high-severity flaws in security appliances

Vulnerebility

Securityaffairs

23.10.20

FDA Approves Use of New Tool for Medical Device Vulnerability Scoring

Vulnerebility

Securityweek

22.10.20

Microsoft issues out-of-band Windows security updates for RCE bugs

Vulnerebility

Bleepingcomputer

22.10.20

UK urges orgs to patch severe CVE-2020-16952 SharePoint RCE bug

Vulnerebility

Bleepingcomputer

22.10.20

Critical SonicWall vulnerability affects 800K firewalls, patch now

Vulnerebility

Bleepingcomputer

22.10.20

Taiwanese vendor QNAP issues advisory on Zerologon flaw

Vulnerebility

Securityaffairs

22.10.20

VMware fixes several flaws in its ESXi, Workstation, Fusion and NSX-T

Vulnerebility

Securityaffairs

22.10.20

Taiwanese vendor QNAP issues advisory on Zerologon flaw

Vulnerebility

Securityaffairs

22.10.20

Cisco Patches 17 High-Severity Vulnerabilities in Security Appliances

Vulnerebility

Securityweek

22.10.20

QNAP Issues Advisory on Zerologon Vulnerability

Vulnerebility

Securityweek

22.10.20

Oracle Kills 402 Bugs in Massive October Patch Update

Vulnerebility

Threatpost

22.10.20

Google Patches Actively-Exploited Zero-Day Bug in Chrome Browser

Vulnerebility

Threatpost

22.10.20

Cisco Warns of Severe DoS Flaws in Network Security Software

Vulnerebility

Threatpost

22.10.20

Adobe releases a new set of out-of-band patches for its products

Vulnerebility

Securityaffairs

22.10.20

VMware Patches Critical Code Execution Vulnerability in ESXi

Vulnerebility

Securityweek

22.10.20

Safari, other mobile browsers affected by address bar spoofing flaws

Vulnerebility

Net-security

21.10.20

Adobe Fixes 16 Critical Code-Execution Bugs Across Portfolio

Vulnerebility

Threatpost

21.10.20

Chrome 86.0.4240.111 fixes actively exploited CVE-2020-15999 zero-day

Vulnerebility

Securityaffairs

21.10.20

Hackers are targeting CVE-2020-3118 flaw in Cisco devices

Vulnerebility

Securityaffairs

20.10.20

Adobe Patches 9 Vulnerabilities in Magento

Vulnerebility

Securityweek

20.10.20

CISA Warns of Remote Code Execution Bugs in Visual Studio, Windows Codecs Library

Vulnerebility

Securityweek

20.10.20

Magento, Visual Studio Code users: You need to patch!

Vulnerebility

Net-security

19.10.20

Microsoft released out-of-band Windows fixes for 2 RCE issues

Vulnerebility

Securityaffairs

19.10.20

Critical flaw in SonicWall’s firewalls patched, update quickly! (CVE-2020-5135)

Vulnerebility

Net-security

18.10.20

Norway says Russian hackers were behind August Parliament attack

Vulnerebility

Bleepingcomputer

18.10.20

Adobe fixes critical security vulnerability in Flash Player

Vulnerebility

Bleepingcomputer

18.10.20

Mozilla releases Firefox 81.0.2 to fix Twitter errors

Vulnerebility

Bleepingcomputer

18.10.20

CVE-2020-5135 - Buffer Overflow in SonicWall VPNs - Patch Now

Vulnerebility

SANS

17.10.20

Critical Magento Holes Open Online Shops to Code Execution

Vulnerebility

Threatpost

17.10.20

Microsoft Fixes RCE Flaws in Out-of-Band Windows Update

Vulnerebility

Threatpost

17.10.20

UK NCSC recommends organizations to fix CVE-2020-16952 SharePoint RCE flaw asap

Vulnerebility

Securityaffairs

17.10.20

Juniper fixes tens of flaws affecting the Junos OS

Vulnerebility

Securityaffairs

17.10.20

TikTok Launches Public Bug Bounty Program

Vulnerebility

Securityweek

17.10.20

Juniper Networks Patches Tens of Vulnerabilities

Vulnerebility

Securityweek

17.10.20

Critical flaw in SonicWall’s firewalls patched, update quickly! (CVE-2020-5135)

Vulnerebility

SANS

16.10.20

Adobe fixes Magento flaws that can lead to code execution

Vulnerebility

Securityaffairs

16.10.20

Almost 800,000 SonicWall VPN appliances online are vulnerable to CVE-2020-5135

Vulnerebility

Securityaffairs

16.10.20

Google Warns of Zero-Click Bluetooth Flaws in Linux-based Devices

Vulnerebility

Thehackernews

16.10.20

Critical Magento Holes Open Online Shops to Code Execution

Vulnerebility

Threatpost

16.10.20

Critical Vulnerability Allows Hackers to Disrupt SonicWall Firewalls

Vulnerebility

Securityweek

15.10.20

Critical SonicWall VPN Portal Bug Allows DoS, Worming RCE

Vulnerebility

Threatpost

15.10.20

Google researcher found BleedingTooth flaws in Linux Bluetooth

Vulnerebility

Securityaffairs

14.10.20

Critical Flash Player Flaw Opens Adobe Users to RCE

Vulnerebility

Threatpost

14.10.20

October Patch Tuesday: Microsoft Patches Critical, Wormable RCE Bug

Vulnerebility

Threatpost

14.10.20

Microsoft October 2020 Patch Tuesday fixes 87 flaws, including 21 RCEs

Vulnerebility

Securityaffairs

14.10.20

Adobe addresses a critical security flaw in Adobe Flash Player

Vulnerebility

Securityaffairs

14.10.20

Remotely Exploitable DoS Vulnerabilities Found in Allen-Bradley Adapter

Vulnerebility

Securityweek

14.10.20

Foxit Patches Code Execution Vulnerabilities in PDF Software

Vulnerebility

Securityweek

14.10.20

Microsoft Patches Several Publicly Disclosed Windows Vulnerabilities

Vulnerebility

Securityweek

14.10.20

Adobe Patches Critical Code Execution Vulnerability in Flash Player

Vulnerebility

Securityweek

14.10.20

Acronis Patches Privilege Escalation Flaws in Backup, Security Solutions

Vulnerebility

Securityweek

14.10.20

Study Finds 400,000 Vulnerabilities Across 2,200 Virtual Appliances

Vulnerebility

Securityweek

14.10.20

Microsoft Releases Patches For Critical Windows TCP/IP and Other Bugs

Vulnerebility

Thehackernews

14.10.20

October 2020 Patch Tuesday: Microsoft fixes potentially wormable Windows TCP/IP RCE flaw

Vulnerebility

Net-security

13.10.20

GitHub envisions a world with fewer software vulnerabilities

Vulnerebility

Net-security

11.10.20

QNAP fixes critical flaws that could lead to device takeover

Vulnerebility

Bleepingcomputer

10.10.20

Cisco addresses three high-severity issues in Webex, IP Cameras and ISE

Vulnerebility

Securityaffairs

10.10.20

Google releases fix for ChromeOS bug causing 100% CPU utilization

Vulnerebility

Bleepingcomputer

10.10.20

Grindr fixed a bug allowing full takeover of any user account

Vulnerebility

Bleepingcomputer

9.10.20

Microsoft Azure Flaws Open Admin Servers to Takeover

Vulnerebility

Threatpost

9.10.20

Cisco Fixes High-Severity Webex, Security Camera Flaws

Vulnerebility

Threatpost

9.10.20

October 2020 Patch Tuesday forecast: Trick or treat?

Vulnerebility

Net-security

8.10.20

QNAP addresses 2 critical flaws that can allow hackers to take over NASs

Vulnerebility

Securityaffairs

8.10.20

Researchers Find Vulnerabilities in Microsoft Azure Cloud Service

Vulnerebility

Thehackernews

8.10.20

'Smart' Male Chastity Device Vulnerable to Locking by Hackers: Researchers

Vulnerebility

Securityweek

8.10.20

Researcher Finds Vulnerabilities in Products of 10 Cybersecurity Vendors

Vulnerebility

Securityweek

8.10.20

HP Device Manager vulnerabilities may allow full system takeover

Vulnerebility

Net-security

7.10.20

Microsoft Paid Out Over $374,000 for Azure Sphere Vulnerabilities

Vulnerebility

Securityweek

6.10.20

Tenda Router Zero-Days Emerge in Spyware Botnet Campaign

BotNet  Vulnerebility

Threatpost

6.10.20

Post Grid WordPress Plugin Flaws Allow Site Takeovers

Vulnerebility

Threatpost

6.10.20

Experts warn of flaws in popular Antivirus solutions

Vulnerebility

Securityaffairs

6.10.20

New Flaws in Top Antivirus Software Could Make Computers More Vulnerable

Vulnerebility

Thehackernews

5.10.20

HP Device Manager flaws expose Windows systems to hack

Vulnerebility

Securityaffairs

4.10.20

NVIDIA fixes high severity flaws in Windows display driver

Vulnerebility

Bleepingcomputer

2.10.20

HP expands its Bug Bounty Program to focus on office-class print cartridge security vulnerabilities

Vulnerebility

Net-security

1.10.20

HP Offering Big Rewards for Cartridge Vulnerabilities

Vulnerebility

Securityweek

30.9.20

Cisco fixes actively exploited issues in IOS XR Network OS

Vulnerebility

Securityaffairs

26.9.20

Cisco fixes 34 High-Severity flaws in IOS and IOS XE software

Vulnerebility

Securityaffairs

25.9.20

Cisco Patch-Palooza Tackles 29 High-Severity Bugs

Vulnerebility

Threatpost

25.9.20

Cisco Patches 34 High-Severity Vulnerabilities in IOS Software

Vulnerebility

Securityweek

24.9.20

Microsoft Says Hackers Actively Targeting Zerologon Vulnerability

Vulnerebility

Securityweek

24.9.20

Samba addresses the CVE-2020-1472 Zerologon Vulnerability

Vulnerebility

Securityaffairs

24.9.20

Google Patches Privilege Escalation Vulnerability in Cloud Service

Vulnerebility

Securityweek

24.9.20

Detecting and Preventing Critical ZeroLogon Windows Server Vulnerability

Vulnerebility

Thehackernews

23.9.20

Samba Issues Patches for Zerologon Vulnerability

Vulnerebility

Securityweek

20.9.20

Adobe releases out-of-band security update for Adobe Media Encoder

Vulnerebility

Bleepingcomputer

19.9.20

Palo Alto Networks fixes critical flaw in PAN-OS firewall software

Vulnerebility

Bleepingcomputer

19.9.20

Hackers are fighting a war over 300K vulnerable WordPress sites

Vulnerebility

Bleepingcomputer

19.9.20

BLURtooth vulnerability lets attackers defeat Bluetooth encryption

Vulnerebility

Bleepingcomputer

19.9.20

Stubborn WooCommerce Plugin Bugs Get Third Patch

Vulnerebility

Threatpost

18.9.20

Drupal addressed XSS and information disclosure flaws

Vulnerebility

Securityaffairs

16.9.20

Flaws in Philips Patient Monitoring Products Can Lead to Patient Data Exposure

Vulnerebility

Securityweek

16.9.20

IBM Spectrum Protect Plus Security Open to RCE

Vulnerebility

Threatpost

16.9.20

Out-of-band security update fixes Adobe Media Encoder issu

Vulnerebility

Securityaffairs

13.9.20

Microsoft Office September security updates fix critical RCE bugs

OS  Vulnerebility

Bleepingcomputer

13.9.20

Intel fixes critical flaw in corporate remote management platform

Vulnerebility

Bleepingcomputer

13.9.20

Adobe fixes critical vulnerabilities in InDesign and Framemaker

Vulnerebility

Bleepingcomputer

12.9.20

It’s No ‘Giggle’: Managing Expectations for Vulnerability Disclosure

Vulnerebility

Threatpost

11.9.20

Chrome Sandbox Escape Vulnerability Earns Researchers $20,000

Vulnerebility

Securityweek

11.9.20

Palo Alto Networks fixes severe Code Execution and DoS flaws in PAN-OS

Vulnerebility

Securityaffairs

11.9.20

Palo Alto Networks Patches Serious DoS, Code Execution Flaws in PAN-OS

Vulnerebility

Securityweek

10.9.20

Microsoft Announces Public Preview of Automatic VM Guest Patching in Azure

Vulnerebility

Securityweek

10.9.20

Critical Flaws in 3rd-Party Code Allow Takeover of Industrial Control Systems

Vulnerebility

Threatpost

10.9.20

Intel Releases Firmware Updates to Patch Critical Vulnerability in AMT, ISM

Vulnerebility

Securityweek

9.9.20

Microsoft’s Patch Tuesday Packed with Critical RCE Bugs

Vulnerebility

Threatpost

9.9.20

Critical Intel Active Management Technology Flaw Allows Privilege Escalation

Vulnerebility

Threatpost

9.9.20

Critical Adobe Flaws Allow Attackers to Run JavaScript in Browsers

Vulnerebility

Threatpost

9.9.20

Critical Access Control Vulnerability Patched in SAP Marketing

Vulnerebility

Securityweek

9.9.20

Secureworks to Acquire Vulnerability Management Startup Delve Laboratories

Vulnerebility

Securityweek

9.9.20

Researcher Details Google Maps Vulnerability That Earned Him $10,000

Vulnerebility

Securityweek

9.9.20

Microsoft September 2020 Patch Tuesday addresses 129 flaws

Vulnerebility

Securityaffairs

9.9.20

Adobe fixes critical flaws in Adobe InDesign, Framemaker, and Experience Manager

Vulnerebility

Securityaffairs

9.9.20

Microsoft Patches 129 Vulnerabilities With September 2020 Security Updates

Vulnerebility

Securityweek

9.9.20

Adobe Patches Critical Code Execution Flaws in AEM, FrameMaker, InDesign

Vulnerebility

Securityweek

9.9.20

Microsoft Releases September 2020 Security Patches For 129 Flaws

Vulnerebility

Thehackernews

9.9.20

Microsoft September 2020 Patch Tuesday

Vulnerebility

SANS

8.9.20

Expert found multiple critical issues in MoFi routers

Vulnerebility

Securityaffairs

8.9.20

Critical Vulnerabilities Expose MoFi Routers to Remote Attacks

Vulnerebility

Securityweek

8.9.20

Cisco Patches Critical Vulnerability in Jabber for Windows

Vulnerebility

Securityweek

8.9.20

New PIN Verification Bypass Flaw Affects Visa Contactless Payments

Vulnerebility

Thehackernews

6.9.20

Cisco fixes critical code execution bug in Jabber for Windows

Vulnerebility

Bleepingcomputer

5.9.20

New Intel microcode updates for Windows 10 fix CPU hardware bugs

Vulnerebility

Bleepingcomputer

5.9.20

Magento plugin Magmi vulnerable to hijacking admin sessions

Vulnerebility

Bleepingcomputer

5.9.20

Valorant update causes VCRUNTIME140.dll is missing error, how to fix

Vulnerebility

Bleepingcomputer

5.9.20

Google now pays for bugs used to bypass its anti-fraud systems

Vulnerebility

Bleepingcomputer

5.9.20

Firefox 80.0.1 rolls out to fix crashes and download issues

Vulnerebility

Bleepingcomputer

5.9.20

Vulnerability Disclosure: Ethical Hackers Seek Best Practices

Vulnerebility

Threatpost

5.9.20

Facebook Debuts Third-Party Vulnerability Disclosure Policy

Social  Vulnerebility

Threatpost

4.9.20

September 2020 Patch Tuesday forecast: Back to school?

Vulnerebility

Net-security

4.9.20

Hackers are backdooring QNAP NAS devices with 3-year old RCE bug

Vulnerebility

Bleepingcomputer

4.9.20

Slack pays stingy $1,750 reward for a desktop hijack vulnerability

Vulnerebility

Bleepingcomputer

4.9.20

Google Ups Product-Abuse Bug Bounties

Vulnerebility

Threatpost

4.9.20

Attackers Can Exploit Critical Cisco Jabber Flaw With One Message

Vulnerebility

Threatpost

3.9.20

Operation PowerFall: CVE-2020-0986 and variants

Vulnerebility

Securelist

3.9.20

Cisco addresses critical code execution flaw in Cisco Jabber for Windows

Vulnerebility

Securityaffairs

3.9.20

Hackers are actively exploiting critical RCE in WordPress sites using File Manager plugin

Vulnerebility

Securityaffairs

3.9.20

MAGMI Magento plugin flaw allows remote code execution on a vulnerable site

Vulnerebility

Securityaffairs

3.9.20

Hackers Are Targeting a Three-Year Old Vulnerability in QNAP NAS Devices

Vulnerebility

Securityweek

2.9.20

Magento Sites Vulnerable to RCE Stemming From Magmi Plugin Flaws

Vulnerebility

Threatpost

2.9.20

Cisco Says Hackers Targeting Zero-Days in Carrier-Grade Routers

Vulnerebility

Securityweek

1.9.20

Slack Pays Bounty for Critical Vulnerability in Desktop App

Vulnerebility

Securityweek

31.8.20

Chrome 85 released with security fixes, app shortcuts, AVIF support

Vulnerebility

Bleepingcomputer

31.8.20

Google Chrome 85 fixes WebGL code execution vulnerability

Vulnerebility

Bleepingcomputer

31.8.20

Five critical cloud security challenges and how to overcome them

Vulnerebility

Net-security

28.8.20

Cisco Patches High-Severity Vulnerabilities in NX-OS Software

Vulnerebility

Securityweek

28.8.20

Vulnerability reporting is returning to normal

Vulnerebility

Net-security

27.8.20

Microsoft fixes code execution, privilege escalation in Microsoft Azure Sphere

Vulnerebility

Securityaffairs

27.8.20

Vulnerabilities Expose Popular DVB-T2 Set-Top Boxes to Botnets: Researchers

BotNet  Vulnerebility

Securityweek

27.8.20

Cisco Patches ‘High-Severity’ Bugs Impacting Switches, Fibre Storage

Vulnerebility

Threatpost

26.8.20

Google Project Zero expert found 3 flaws in Apache Web Server

Vulnerebility

Securityaffairs

25.8.20

WordPress WooCommerce stores under attack, patch now

Attack  Vulnerebility

Bleepingcomputer

25.8.20

Google fixes Gmail bug allowing attackers to send spoofed emails

Vulnerebility

Bleepingcomputer

25.8.20

MITRE shares this year's top 25 most dangerous software bugs

Vulnerebility

Bleepingcomputer

25.8.20

Google Fixes High-Severity Chrome Browser Code Execution Bug

Vulnerebility

Threatpost

25.8.20

WordPress Sites Targeted via Vulnerabilities in WooCommerce Discounts Plugin

Vulnerebility

Securityweek

25.8.20

Google Researcher Reported 3 Flaws in Apache Web Server Software

Vulnerebility

Thehackernews

24.8.20

ATM vendors Diebold and NCR fixed deposit forgery bugs

Vulnerebility

Securityaffairs

23.8.20

Windows Control Flow Guard support added to Rust, Clang compilers

Vulnerebility

Bleepingcomputer

22.8.20

SAP updates security note for critical RECON vulnerability

Vulnerebility

Bleepingcomputer

21.8.20

ATM makers fix flaws allowing illegal cash withdrawals

Vulnerebility

Net-security

21.8.20

Cisco Critical Flaw Patched in WAN Software Solution

Vulnerebility

Threatpost

21.8.20

Microsoft Out-of-Band Security Update Fixes Windows Remote Access Flaw

Vulnerebility

Threatpost

21.8.20

Google fixed email spoofing flaw 7 hours after public disclosure

Vulnerebility

Securityaffairs

21.8.20

Shared memory flaw in IBM Db2 can lead to Information Disclosure

Vulnerebility

Securityaffairs

21.8.20

CVE-2020-3446 default credentials bug exposes Cisco ENCS, CSP Appliances to hack

Vulnerebility

Securityaffairs

21.8.20

Google Patches Email Spoofing Vulnerability After Public Disclosure

Vulnerebility

Securityweek

21.8.20

Vulnerability in IBM Db2 Leads to Information Disclosure, Denial of Service

Vulnerebility

Securityweek

20.8.20

Out-of-Band Update Patches Privilege Escalation Flaws in Windows 8.1, Server 2012

Vulnerebility

Securityweek

20.8.20

Experts Reported Security Bug in IBM's Db2 Data Management Software

Vulnerebility

Thehackernews

19.8.20

Large Orgs Plagued with Bugs, Face Giant Patch Backlogs

Vulnerebility

Threatpost

19.8.20

A flaw in Concrete5 CMS could have allowed website takeover

Vulnerebility

Securityaffairs

19.8.20

Critical flaw in Jenkins Server can cause information disclosure

Vulnerebility

Securityaffairs

18.8.20

Critical Jenkins Server Vulnerability Could Leak Sensitive Information

Vulnerebility

Thehackernews

18.8.20

Adobe fixes critical code execution bugs in Acrobat and Reader

Vulnerebility

Bleepingcomputer

18.8.20

Citrix fixes critical bugs allowing takeover of XenMobile Servers

Vulnerebility

Bleepingcomputer

18.8.20

vBulletin fixes ridiculously easy to exploit zero-day RCE bug

Vulnerebility

Bleepingcomputer

18.8.20

Actively Exploited Windows Spoofing Flaw Patched Two Years After Disclosure

Exploit  Vulnerebility

Securityweek

18.8.20

Potential Apache Struts 2 RCE flaw fixed, PoCs released

Vulnerebility

Net-security

17.8.20

CCleaner fixes bug that wipes Firefox extension settings

Vulnerebility

Bleepingcomputer

17.8.20

TeamViewer fixes bug that lets attackers access your PC

Vulnerebility

Bleepingcomputer

17.8.20

Nearly 50% of all smartphones affected by Qualcomm Snapdragon bugs

Vulnerebility

Bleepingcomputer

15.8.20

Critical Flaws in WordPress Quiz Plugin Allow Site Takeover

Vulnerebility

Threatpost

15.8.20

Amazon Alexa Vulnerabilities Could Have Exposed User Data

Vulnerebility

Securityweek

14.8.20

High-Severity TinyMCE Cross-Site Scripting Flaw Fixed

Vulnerebility

Threatpost

14.8.20

Microsoft failed to fix LSASS elevation of privilege flaw

Vulnerebility

Securityaffairs

13.8.20

Potentially Serious Vulnerability Found in Popular WYSIWYG Editor TinyMCE

Vulnerebility

Securityweek

13.8.20

Microsoft's Patch for LSASS Flaw Incomplete, Google Researcher Says

Vulnerebility

Securityweek

13.8.20

Amazon Alexa Bugs Allowed Hackers to Install Malicious Skills Remotely

Vulnerebility

Thehackernews

13.8.20

Citrix Warns of Critical Flaws in XenMobile Server

Vulnerebility

Threatpost

13.8.20

Intel, SAP, and Citrix release critical security updates

Vulnerebility

Net-security

12.8.20

Google Awards $10,000 for Remote Code Execution Vulnerability in Chrome

Vulnerebility

Securityweek

12.8.20

SAP Releases August 2020 Security Updates

Vulnerebility

Securityweek

12.8.20

Intel Patches Many Privilege Escalation Vulnerabilities in Server Boards

Vulnerebility

Securityweek

12.8.20

Critical Adobe Acrobat and Reader Bugs Allow RCE

Vulnerebility

Threatpost

12.8.20

Critical Intel Flaw Afflicts Several Motherboards, Server Systems, Compute Modules

Vulnerebility

Threatpost

12.8.20

Samsung Quietly Fixes Critical Galaxy Flaws Allowing Spying, Data Wiping

Vulnerebility

Threatpost

12.8.20

Citrix fixed flaws in XenMobile that will be likely exploited soon

Vulnerebility

Securityaffairs

12.8.20

Microsoft August 2020 Patch Tuesday fixed actively exploited zero-days

Vulnerebility

Securityaffairs

12.8.20

Adobe Acrobat and Reader affected by critical flaws

Vulnerebility

Securityaffairs

12.8.20

Flaws in ‘Find My Mobile’ exposed Samsung phones to hack

Vulnerebility

Securityaffairs

12.8.20

Microsoft Patches Actively Exploited Windows, IE Vulnerabilities

Vulnerebility

Securityweek

12.8.20

Citrix Expects Hackers to Exploit Newly Patched XenMobile Vulnerabilities

Vulnerebility

Securityweek

12.8.20

Adobe Patches 11 Critical Vulnerabilities in Acrobat and Reader

Vulnerebility

Securityweek

12.8.20

Critical Flaws Affect Citrix Endpoint Management (XenMobile Servers)

Vulnerebility

Thehackernews

11.8.20

Researcher discloses exploit code for a vBulletin zero-day

Vulnerebility

Securityaffairs

11.8.20

TeamViewer Flaw in Windows App Allows Password-Cracking

Vulnerebility

Threatpost

11.8.20

Google Fixes Mysterious Audio Recording Blip in Smart Speakers

Vulnerebility

Threatpost

11.8.20

TeamViewer flaw can allow hackers to steal System password

Vulnerebility

Securityaffairs

11.8.20

Vulnerabilities in Qualcomm Chips Expose Billions of Devices to Attacks

Vulnerebility

Securityweek

10.8.20

Critical ManageEngine ADSelfService Plus RCE flaw patched

Vulnerebility

Net-security

10.8.20

Over 30 Vulnerabilities Discovered Across 20 CMS Products

Vulnerebility

Securityweek

10.8.20

TeamViewer Flaw Could Let Hackers Steal System Password Remotely

Vulnerebility

Thehackernews

10.8.20

KDE archive tool flaw let hackers take over Linux accounts

Vulnerebility

Bleepingcomputer

8.8.20

Critical Wordpress plugin bug lets hackers take over hosting account

Vulnerebility

Bleepingcomputer

8.8.20

Magento gets security updates for severe code execution bugs

Vulnerebility

Bleepingcomputer

8.8.20

Industrial VPN vulnerabilities put critical infrastructure at risk

Vulnerebility

Bleepingcomputer

7.8.20

Qualcomm Bugs Open 40 Percent of Android Handsets to Attack

Attack  Vulnerebility

Threatpost

7.8.20

Researchers flag two zero-days in Windows Print Spooler

Vulnerebility

Net-security

7.8.20

High-Severity Cisco DoS Flaw Plagues Small-Business Switches

Vulnerebility

Threatpost

7.8.20

August 2020 Patch Tuesday forecast: Planning for the end?

Vulnerebility

Net-security

6.8.20

Microsoft Teams Patch Bypass Allows RCE

Vulnerebility

Threatpost

5.8.20

Exclusive: TIM’s Red Team Research finds 4 zero-days in WOWZA Streaming Engine product

Vulnerebility

Securityaffairs

5.8.20

Security analysis of legacy programming environments reveals critical flaws

Vulnerebility

Net-security

4.8.20

Reminder: Patch Cisco ASA / FTD Devices (CVE-2020-3452). Exploitation Continues

Exploit  Vulnerebility

SANS

4.8.20

Meetup Critical Flaws Allow ‘Group’ Takeover, Payment Theft

Vulnerebility

Threatpost

4.8.20

Netgear Won’t Patch 45 Router Models Vulnerable to Serious Flaw

Vulnerebility

Threatpost

4.8.20

A critical flaw in wpDiscuz WordPress plugin lets hackers take over hosting account

Vulnerebility

Securityaffairs

4.8.20

Hackers Could Target Organizations via Flaws in Mitsubishi Factory Automation Products

Vulnerebility

Securityweek

4.8.20

Google Analysis of Zero-Days Exploited in 2019 Finds 'Detection Bias'

Vulnerebility

Securityweek

4.8.20

Meetup vulnerabilities enabled group takeovers, payment redirections

Vulnerebility

Net-security

1.8.20

4 Unpatched Bugs Plague Grandstream ATAs for VoIP Users

Vulnerebility

Threatpost

1.8.20

Updates provided by Red Hat for BootHole cause systems to hang

Vulnerebility

Securityaffairs

31.7.20

Cisco fixes critical and high-severity flaws in Data Center Network Manager

Vulnerebility

Securityaffairs

31.7.20

BootHole Patches Causing Many Systems to Become Unbootable

Vulnerebility

Securityweek

31.7.20

Red Hat's BootHole Patches Cause Systems to Hang

Vulnerebility

Securityweek

31.7.20

Cisco fixes critical flaws in data center and SD-WAN solutions

Vulnerebility

Net-security

31.7.20

Critical, High-Severity Cisco Flaws Fixed in Data Center Network Manager

Vulnerebility

Threatpost

31.7.20

Critical Security Flaw in WordPress Plugin Allows RCE

Vulnerebility

Threatpost

31.7.20

Billions of Devices Impacted by Secure Boot Bypass

Vulnerebility

Threatpost

31.7.20

Zoom Flaw Could Have Allowed Hackers To Crack Meeting Passcodes

Vulnerebility

Threatpost

31.7.20

Critical Magento Flaws Allow Code Execution

Vulnerebility

Threatpost

31.7.20

Critical Bugs in Utilities VPNs Could Cause Physical Damage

Vulnerebility

Threatpost

31.7.20

OkCupid Security Flaw Threatens Intimate Dater Details

Vulnerebility

Threatpost

31.7.20

Expert discloses details of 3 Tor zero-day flaws … new ones to come

Vulnerebility

Securityaffairs

31.7.20

Cisco Patches Serious Vulnerabilities in Data Center Network Manager

Vulnerebility

Securityweek

30.7.20

Vulnerability Allowed Brute-Forcing Passwords of Private Zoom Meetings

Vulnerebility

Securityweek

30.7.20

Companies Respond to 'BootHole' Vulnerability

Vulnerebility

Securityweek

30.7.20

Zoom Bug Allowed Snoopers Crack Private Meeting Passwords in Minutes

Vulnerebility

Thehackernews

30.7.20

Critical GRUB2 Bootloader Bug Affects Billions of Linux and Windows Systems

Vulnerebility

Thehackernews

30.7.20

Bug in widely used bootloader opens Windows, Linux devices to persistent compromise

Vulnerebility

Net-security

29.7.20

Industrial VPN Flaws Could Let Attackers Target Critical Infrastructures

Vulnerebility

Thehackernews

29.7.20

Researchers Warn of High-Severity Dell PowerEdge Server Flaw

Vulnerebility

Threatpost

29.7.20

Researchers find critical RCE vulnerabilities in industrial VPN solutions

Vulnerebility

Net-security

28.7.20

Attackers Exploiting High-Severity Network Security Flaw, Cisco Warns

Exploit  Vulnerebility

Threatpost

26.7.20

Cisco patches ASA/FTD firewall flaw actively exploited by hackers

Vulnerebility

Bleepingcomputer

26.7.20

5 severe D-Link router vulnerabilities disclosed, patch now

Vulnerebility

Bleepingcomputer

26.7.20

D-Link addressed 5 flaws on some router models, some of them reached EoL

Vulnerebility

Securityaffairs

25.7.20

DJI Drone App Riddled With Privacy Issues, Researchers Allege

Vulnerebility

Threatpost

24.7.20

Vulnerability in Cisco Firewalls Exploited Shortly After Disclosure

Vulnerebility

Securityweek

24.7.20

Researchers Reveal New Security Flaw Affecting China's DJI Drones

Vulnerebility

Thehackernews

24.7.20

Cisco Network Security Flaw Leaks Sensitive Data

Vulnerebility

Threatpost

24.7.20

PoC Released for Critical CVE-2020-1147 flaw, SharePoint servers exposed to hack

Vulnerebility

Securityaffairs

23.7.20

Critical SharePoint flaw dissected, RCE details now available

Vulnerebility

Bleepingcomputer

23.7.20

Adobe Photoshop gets fixes for critical security vulnerabilities

Vulnerebility

Bleepingcomputer

23.7.20

PoC Released for Critical Vulnerability Exposing SharePoint Servers to Attacks

Vulnerebility

Securityweek

22.7.20

Citrix Workspace flaw can allow remote hack of devices running vulnerable app

Vulnerebility

Securityaffairs

22.7.20

Vulnerability Allows Remote Hacking of Devices Running Citrix Workspace App

Vulnerebility

Securityweek

22.7.20

Critical Adobe Photoshop Flaws Patched in Emergency Update

Vulnerebility

Threatpost

22.7.20

Adobe fixed critical code execution flaws in Bridge, Photoshop and Prelude products

Vulnerebility

Securityaffairs

22.7.20

Adobe Patches Critical Code Execution Flaws in Bridge, Photoshop, Prelude

Vulnerebility

Securityweek

22.7.20

A few IoCs related to CVE-2020-5092

Vulnerebility

SANS

21.7.20

Details and PoC for critical SharePoint RCE flaw released

Vulnerebility

Net-security

20.7.20

Critical SIGred Windows DNS bug gets micropatch after PoCs released

Vulnerebility

Bleepingcomputer

20.7.20

A flaw in Zoom’s Vanity URL feature could have been exploited in phishing attacks

Vulnerebility

Securityaffairs

19.7.20

Experts warn of massive internet scans for SAP systems affected by RECON Vulnerability

Vulnerebility

Securityaffairs

18.7.20

Federal agencies told to patch wormable Windows DNS bug in 24 hours

Vulnerebility

Bleepingcomputer

18.7.20

CISA Emergency Directive Orders Immediate Fix of Windows DNS Server Bug

Vulnerebility

Threatpost

18.7.20

Thousands of Vulnerable F5 BIG-IP Users Still Open to Takeover

Vulnerebility

Threatpost

17.7.20

ExpressVPN Announces Bug Bounty Program on Bugcrowd

Vulnerebility

Securityweek

17.7.20

Internet Scanned for SAP Systems Affected by RECON Vulnerability

Vulnerebility

Securityweek

17.7.20

Zoom Addresses Vanity URL Zero-Day

Vulnerebility

Threatpost

17.7.20

Cisco patches critical flaws in VPN routers and firewalls

Vulnerebility

Net-security

16.7.20

Cisco fixes 5 critical flaws that could allow router firewall takeover

Vulnerebility

Securityaffairs

16.7.20

Critical Vulnerabilities Can Be Exploited to Hack Cisco Small Business Routers

Vulnerebility

Securityweek

16.7.20

A New Flaw In Zoom Could Have Let Fraudsters Mimic Organisations

Vulnerebility

Thehackernews

16.7.20

Citrix: No breach, hacker stole business info from third party

Vulnerebility

Bleepingcomputer

16.7.20

Cisco fixes critical pre-auth flaws allowing router takeover

Vulnerebility

Bleepingcomputer

16.7.20

Adobe fixes critical bugs in Creative Cloud, Media Encoder

Vulnerebility

Bleepingcomputer

16.7.20

Critical SAP Recon flaw exposes thousands of customers to attacks

Vulnerebility

Bleepingcomputer

16.7.20

Several High-Profile Accounts Hacked in the Biggest Twitter Hack of All Time

Vulnerebility

Thehackernews

15.7.20

Chrome 84 Brings 38 Security Patches, Resumes CSRF Protection Rollout

Vulnerebility

Securityweek

15.7.20

Vulnerabilities Impact Multiple Rittal Products Due to Use of Same Firmware

Vulnerebility

Securityweek

15.7.20

Cisco Investigating Report of Vulnerability Found in Counterfeit Switches

Vulnerebility

Securityweek

15.7.20

Oracle's July 2020 CPU Includes 443 New Patches

Vulnerebility

Securityweek

15.7.20

Critical, Wormable Bug in Windows DNS Servers Could Allow Full Infrastructure Compromise

Vulnerebility

Securityweek

15.7.20

Investigation highlights the dangers of using counterfeit Cisco switches

Vulnerebility

Net-security

15.7.20

PATCH NOW - SIGRed - CVE-2020-1350 - Microsoft DNS Server Vulnerability

Vulnerebility

SANS

15.7.20

Critical SAP Bug Allows Full Enterprise System Takeover

Vulnerebility

Threatpost

15.7.20

Microsoft Tackles 123 Fixes for July Patch Tuesday

Vulnerebility

Threatpost

15.7.20

Adobe Discloses Critical Code-Execution Bugs in July Update

Vulnerebility

Threatpost

15.7.20

Critical DNS Bug Opens Windows Servers to Infrastructure Hijacking

Vulnerebility

Threatpost

15.7.20

Microsoft July 2020 Security Updates address 123 vulnerabilities

Vulnerebility

Securityaffairs

15.7.20

Microsoft fixes critical wormable RCE SigRed in Windows DNS servers

Vulnerebility

Securityaffairs

15.7.20

Adobe fixes over a dozen flaws in Media Encoder, Download Manager

Vulnerebility

Securityaffairs

15.7.20

Critical, Wormable Bug in Windows DNS Servers Could Allow Full Infrastructure Compromise

Vulnerebility

Securityaffairs

15.7.20

SAP Releases 10 Security Notes on July 2020 Patch Day

Vulnerebility

Securityweek

15.7.20

Microsoft Patches 123 Vulnerabilities With July 2020 Security Updates

Vulnerebility

Securityweek

15.7.20

Adobe Patches Critical Vulnerabilities in Media Encoder, Download Manager

Vulnerebility

Securityweek

15.7.20

17-Year-Old Critical 'Wormable' RCE Vulnerability Impacts Windows DNS Servers

Vulnerebility

Thehackernews

15.7.20

Adobe Issues July 2020 Critical Security Patches for Multiple Software

Vulnerebility

Thehackernews

15.7.20

July 2020 Patch Tuesday: Microsoft plugs wormable Windows DNS Server RCE flaw

Vulnerebility

Net-security

15.7.20

Critical flaw gives attackers control of vulnerable SAP business applications

Vulnerebility

Net-security

14.7.20

Critical SAP Recon vulnerability exposes thousands of system to full take over

Vulnerebility

Securityaffairs

14.7.20

'RECON' Vulnerability Exposes Thousands of SAP Systems to Attacks

Vulnerebility

Securityweek

14.7.20

Critical SAP Bug Allows Full Enterprise System Takeover

Vulnerebility

Threatpost

14.7.20

New Highly-Critical SAP Bug Could Let Attackers Take Over Corporate Servers

Vulnerebility

Thehackernews

12.7.20

Zoom fixes zero-day RCE bug affecting Windows 7, more updates soon

Vulnerebility

Bleepingcomputer

12.7.20

Palo Alto Networks fixes another severe flaw in PAN-OS devices

Vulnerebility

Bleepingcomputer

12.7.20

Mitigating critical F5 BIG-IP RCE flaw not enough, bypass found

Vulnerebility

Bleepingcomputer

12.7.20

Citrix fixes 11 flaws in ADC, Gateway, and SD-WAN WANOP appliances

Vulnerebility

Bleepingcomputer

12.7.20

US Cyber Command urges F5 customers to patch critical BIG-IP flaw

Vulnerebility

Bleepingcomputer

12.7.20

Mozilla rolls out emergency Firefox update to fix search issues

Vulnerebility

Bleepingcomputer

11.7.20

Zoom Working on Patch for Code Execution Vulnerability in Windows Client

Vulnerebility

Securityweek

11.7.20

Hackers are scanning the web for vulnerable Citrix systems

Vulnerebility

Securityaffairs

11.7.20

Juniper Networks addressed many issues in its products

Vulnerebility

Securityaffairs

11.7.20

Report: Most Popular Home Routers Have ‘Critical’ Flaws

Vulnerebility

Threatpost

11.7.20

Popular TP-Link Family of Kasa Security Cams Vulnerable to Attack

Vulnerebility

Threatpost

10.7.20

KingComposer fixes a reflected XSS impacting 100,000 WordPress sites

Vulnerebility

Securityaffairs

10.7.20

Juniper Networks Patches Critical Vulnerabilities in Firewalls

Vulnerebility

Securityweek

10.7.20

Hackers Scanning for Citrix Systems Affected by Recent Vulnerabilities

Vulnerebility

Securityweek

10.7.20

Unpatched Critical Flaw Disclosed in Zoom Software for Windows 7

Vulnerebility

Thehackernews

10.7.20

Attackers are probing Citrix controllers and gateways through recently patched flaws

Vulnerebility

Net-security

10.7.20

Zoom Zero-Day Allows RCE, Patch on the Way

Vulnerebility

Threatpost

10.7.20

Zoom is working on a patch for a zero-day in Windows client

Vulnerebility

Securityaffairs

10.7.20

Palo Alto Networks addresses another high severity issue in PAN-OS devices

Vulnerebility

Securityaffairs

10.7.20

Google Tsunami vulnerability scanner is now open-source

Vulnerebility

Securityaffairs

10.7.20

Vulnerabilities in Popular Open Source Management Tool Expose Hospitals to Attacks

Vulnerebility

Securityweek

10.7.20

July 2020 Patch Tuesday forecast: Will the CVE trend continue?

Vulnerebility

Net-security

10.7.20

Zoom zero-day flaw allows code execution on victim’s Windows machine

Vulnerebility

Net-security

8.7.20

Threat actors found a way to bypass mitigation F5 BIG-IP CVE-2020-5902 flaw

Vulnerebility

Securityaffairs

8.7.20

Hackers Find Way to Bypass Mitigation for Exploited BIG-IP Vulnerability

Vulnerebility

Securityweek

8.7.20

Citrix Bugs Allow Unauthenticated Code Injection, Data Theft

Vulnerebility

Threatpost

8.7.20

Citrix Patches 11 Vulnerabilities in Networking Products

Vulnerebility

Securityweek

8.7.20

Citrix Issues Critical Patches for 11 New Flaws Affecting Multiple Products

Vulnerebility

Thehackernews

7.7.20

BIG-IP Vulnerability Exploited to Deliver DDoS Malware

Exploit  Virus  Vulnerebility

Securityweek

7.7.20

Summary of CVE-2020-5902 F5 BIG-IP RCE Vulnerability Exploits

Exploit  Vulnerebility

SANS

6.7.20

Hackers Start Exploiting Recently Patched BIG-IP Vulnerability

Exploit  Vulnerebility

Securityweek

6.7.20

CVE-2020-5902 F5 BIG-IP Exploitation Attempt

Vulnerebility

SANS

5.7.20

Critical RCE Flaw (CVSS 10) Affects F5 BIG-IP Application Security Servers

Vulnerebility

Thehackernews

4.7.20

Critical Apache Guacamole Flaws Put Remote Desktops at Risk of Hacking

Vulnerebility

Thehackernews

4.7.20

Microsoft Releases Urgent Windows Update to Patch Two Critical Flaws

Vulnerebility

Thehackernews

4.7.20

Apache Guacamole Vulnerabilities Facilitate Attacks on Enterprises

Vulnerebility

Securityweek

4.7.20

Cisco Discloses Details of Chrome, Firefox Vulnerabilities

Vulnerebility

Securityweek

4.7.20

Cisco addresses flaws in Small Business Routers and Switches

Vulnerebility

Securityaffairs

4.7.20

Critical Apache Guacamole flaws expose organizations at risk of hack

Vulnerebility

Securityaffairs

4.7.20

Netgear is releasing fixes for ten issues affecting 79 products

Vulnerebility

Securityaffairs

4.7.20

Microsoft releases emergency security updates to fix Windows codecs

Vulnerebility

Securityaffairs

4.7.20

Serious Vulnerabilities in F5's BIG-IP Allow Full System Compromise

Vulnerebility

Securityweek

4.7.20

Cisco Patches Vulnerabilities in Small Business Routers, Switches

Vulnerebility

Securityweek

6.20

Microsoft Releases June 2020 Security Patches For 129 Vulnerabilities

Vulnerebility

Thehackernews

6.20

Critical Bugs and Backdoor Found in GeoVision's Fingerprint and Card Scanners

Vulnerebility

Thehackernews

6.20

New Ripple20 Flaws Put Billions of Internet-Connected Devices at Risk of Hacking

Vulnerebility

Thehackernews

6.20

Oracle E-Business Suite Flaws Let Hackers Hijack Business Operations

Vulnerebility

Thehackernews

6.20

Two Critical Flaws in Zoom Could've Let Attackers Hack Systems via Chat

Vulnerebility

Thehackernews

6.20

Newly Patched SAP ASE Flaws Could Let Attackers Hack Database Servers

Vulnerebility

Thehackernews

6.20

Critical VMware Cloud Director Flaw Lets Hackers Take Over Corporate Servers

Vulnerebility

Thehackernews

29.5.20

Cisco Servers Hacked via Salt Vulnerabilities

Vulnerebility

Securityweek

29.5.20

Hackers breached six Cisco servers through SaltStack Salt vulnerabilities

Vulnerebility

Net-security

29.5.20

Hackers Compromise Cisco Servers Via SaltStack Flaws

Vulnerebility

Threatpost

29.5.20

Google Adds GKE Open-Source Dependencies to Vulnerability Rewards Program

Vulnerebility

Securityweek

29.5.20

Despite lower number of vulnerability disclosures, security teams have their work cut out for them

Vulnerebility

Net-security

28.5.20

Flashback on CVE-2019-1978

Vulnerebility

SANS

28.5.20

New fuzzing tool for USB drivers uncovers bugs in Linux, macOS, Windows

Vulnerebility

Net-security

28.5.20

Computer science student discovers privacy flaws in security and doorbell cameras

Vulnerebility

Net-security

26.5.20

Bugs in open-source libraries impact 70% of modern software

Vulnerebility

Securityaffairs

26.5.20

Cisco fixed a critical issue in the Unified Contact Center Express

Vulnerebility

Securityaffairs

24.5.20

Docker fixes Windows client bug letting programs run as SYSTEM

Vulnerebility

Bleepingcomputer

23.5.20

Adobe releases critical out-of-band security update

Vulnerebility

Bleepingcomputer

23.5.20

Experts found a Privilege escalation issue in Docker Desktop for Windows

Vulnerebility

Securityaffairs

22.5.20

Cisco fixes critical RCE flaw in call center solution

Vulnerebility

Net-security

22.5.20

Critical Cisco Bug in Unified CCX Allows Remote Code Execution

Vulnerebility

Threatpost

22.5.20

Cisco Patches Critical Vulnerability in Contact Center Software

Vulnerebility

Securityweek

21.5.20

XSS, Open Redirect Vulnerabilities Patched in Drupal

Vulnerebility

Securityweek

21.5.20

VMware fixes CVE-2020-3956 Remote Code Execution issue in Cloud Director

Vulnerebility

Securityaffairs

21.5.20

Adobe fixed several memory corruption issues in some of its products

Vulnerebility

Securityaffairs

21.5.20

Vulnerabilities Exposed Hundreds of Thousands of QNAP NAS Devices to Attacks

Vulnerebility

Securityweek

21.5.20

Remote Code Execution Vulnerability Patched in VMware Cloud Director

Vulnerebility

Securityweek

20.5.20

Researchers disclose five Microsoft Windows zero-days

Vulnerebility

Securityaffairs

20.5.20

Three flaws in Nitro Pro PDF reader expose businesses to hack

Vulnerebility

Securityaffairs

20.5.20

Researcher Finds Memory Corruption Vulnerabilities in Several Adobe Products

Vulnerebility

Securityweek

20.5.20

Adobe Patches Critical RCE Flaw in Character Animator App

Vulnerebility

Threatpost

20.5.20

Nitro Pro Vulnerabilities Expose Many Enterprises to Attacks

Vulnerebility

Securityweek

20.5.20

Researchers Divulge Details on Five Windows Zero Days

Vulnerebility

Securityweek

20.5.20

Bluetooth Vulnerability Allows Attackers to Impersonate Previously Paired Devices

Vulnerebility

Securityweek

19.5.20

New Bluetooth Vulnerability Exposes Billions of Devices to Hackers

Vulnerebility

Securityweek

18.5.20

Stored XSS in WP Product Review Lite plugin allows for automated takeovers

Vulnerebility

Securityaffairs

18.5.20

Hackers Can Inject Code Into WordPress Sites via Flaw in Product Review Plugin

Vulnerebility

Securityweek

17.5.20

Scanning for Outlook Web Access (OWA) & Microsoft Exchange Control Panel (ECP)

Vulnerebility

Net-security

17.5.20

Critical WordPress plugin bug allows for automated takeovers

Vulnerebility

Bleepingcomputer

17.5.20

SAP May 2020 Security Patch Day delivers critical updates

Vulnerebility

Bleepingcomputer

16.5.20

Adobe fixes critical vulnerabilities in Acrobat, Reader, and DNG SDK

Vulnerebility

Bleepingcomputer

15.5.20

New Thunderbolt security flaws affect systems shipped before 2019

Vulnerebility

Bleepingcomputer

15.5.20

Vulnerabilities in SoftPAC Virtual Controller Expose OT Networks to Attacks

Vulnerebility

Securityweek

15.5.20

Patch Tuesday Revisited - CVE-2020-1048 isn't as "Medium" as MS Would Have You Believe

Vulnerebility

SANS

14.5.20

Flaw in WordPress Plugin Grants Access to Google Search Console

Vulnerebility

Securityweek

14.5.20

Improper Microsoft Patch for Reverse RDP Attacks Leaves 3rd-Party RDP Clients Vulnerable

Vulnerebility

Thehackernews

14.5.20

Fear the PrintDemon? Upgrade Windows to patch easily exploited flaw

Vulnerebility

Net-security

13.5.20

Microsoft May 2020 Patch Tuesday fixes 111 flaws, 13 Critical

Vulnerebility

Securityaffairs

13.5.20

Adobe addresses critical issues in Acrobat, Reader, and DNG SDK

Vulnerebility

Securityaffairs

13.5.20

SAP's May 2020 Security Updates Include Six Critical Patches

Vulnerebility

Securityweek

13.5.20

Microsoft's May 2020 Security Updates Patch 111 Vulnerabilities

Vulnerebility

Securityweek

13.5.20

Adobe Patches 36 Vulnerabilities in Acrobat, DNG SDK

Vulnerebility

Securityweek

13.5.20

Vulnerabilities in 'Page Builder' Plugin Expose 1 Million WordPress Websites

Vulnerebility

Securityweek

13.5.20

Have you patched these top 10 routinely exploited vulnerabilities?

Vulnerebility

Net-security

12.5.20

Popular Page Builder WordPress plugin fixes critical issues. Update it now!

Vulnerebility

Securityaffairs

12.5.20

Patch now your vBulletin install before hacker will target your forum

Vulnerebility

Securityaffairs

12.5.20

Unpatched Bugs in Oracle iPlanet Open Door to Info-Disclosure, Injection

Vulnerebility

Threatpost

12.5.20

An Undisclosed Critical Vulnerability Affect vBulletin Forums — Patch Now

Vulnerebility

Thehackernews

11.5.20

VMware is going to fix recent Salt issues in vROps

Vulnerebility

Securityaffairs

11.5.20

Experts disclose security flaws in Oracle’s iPlanet Web Server

Vulnerebility

Securityaffairs

11.5.20

VMware to Patch Recent Salt Vulnerabilities in vROps

Vulnerebility

Securityweek

11.5.20

Thunderspy: More Thunderbolt Flaws Expose Millions of Computers to Attacks

Vulnerebility

Securityweek

11.5.20

7 New Flaws Affect All Thunderbolt-equipped Computers Sold in the Last 9 Years

Vulnerebility

Thehackernews

11.5.20

vBulletin fixes critical vulnerability, patch immediately!

Vulnerebility

Net-security

11.5.20

FIRST releases updated coordination principles for Multi-Party Vulnerability Coordination and Disclosure

Vulnerebility

Net-security

10.5.20

Critical Citrix ShareFile bugs could give access to private files

Vulnerebility

Bleepingcomputer

8.5.20

GitHub Code Scanning aims to prevent vulnerabilities in open source software

Vulnerebility

Net-security

8.5.20

Cisco fixes High Severity issues in ASA and FTD products

Vulnerebility

Securityaffairs

8.5.20

Elementor Plugin Vulnerabilities Exploited to Hack WordPress Sites

Vulnerebility

Securityweek

8.5.20

Cisco Fixes High-Severity Flaws In Firepower Security Software, ASA

Vulnerebility

Threatpost

8.5.20

Samsung Patches Critical 0-Click Vulnerability in Smartphones

Vulnerebility

Securityweek

8.5.20

Cisco Patches High Severity Vulnerabilities in Security Products

Vulnerebility

Securityweek

8.5.20

Critical Flaw in CODESYS Industrial Controller Software Allows Code Execution

Vulnerebility

Securityweek

7.5.20

Nearly 1 Million WordPress Sites Targeted via Old Vulnerabilities

Vulnerebility

Securityweek

7.5.20

New GitHub Features Help Find Vulnerabilities and Secrets in Code

Vulnerebility

Securityweek

7.5.20

Firefox 76 Brings Security Patches, Breached Password Alerts

Vulnerebility

Securityweek

7.5.20

Software vulnerabilities sometimes first announced on social media

Vulnerebility

Net-security

6.5.20

9% of SAP’s 440,000 customers impacted by security bugs in some cloud products

Vulnerebility

Securityaffairs

6.5.20

Citrix ShareFile Vulnerabilities Expose User Files

Vulnerebility

Securityweek

6.5.20

SAP Alerts Customers of Vulnerabilities in Cloud Products

Vulnerebility

Securityweek

6.5.20

Microsoft Offering Up to $100,000 for Vulnerabilities in Azure Sphere

Vulnerebility

Securityweek

5.5.20

Expert released PoC exploit for CVE-2020-1967 DoS flaw in OpenSSL

Exploit  Vulnerebility

Securityaffairs

5.5.20

PoC Exploit Released for DoS Vulnerability in OpenSSL

Exploit  Vulnerebility

Securityweek

4.5.20

Hackers are scanning the internet for vulnerable Salt installs, Ghost blogging platform hacked

Vulnerebility

Securityaffairs

4.5.20

LineageOS servers hacked, attackers exploited unpatched Salt issues

Vulnerebility

Securityaffairs

4.5.20

TP-Link Patches Multiple Vulnerabilities in NC Cloud Cameras

Vulnerebility

Securityweek

4.5.20

Flaws in Ninja Forms, LearnPress Plugins Exposed WordPress Sites to Attacks

Vulnerebility

Securityweek

4.5.20

Recent Salt Vulnerabilities Exploited to Hack LineageOS, Ghost, DigiCert Servers

Vulnerebility

Securityweek

4.5.20

Hackers Breach LineageOS, Ghost, DigiCert Servers Using SaltStack Vulnerability

Vulnerebility

Thehackernews

3.5.20

Ninja Forms WordPress plugin patch prevents takeover of 1M sites

Vulnerebility

Bleepingcomputer

3.5.20

Bugs in WordPress plugins for online courses let students cheat

Vulnerebility

Bleepingcomputer

2.5.20

Adobe fixes critical vulnerabilities in Magento and Illustrator

Vulnerebility

Bleepingcomputer

2.5.20

WordPress plugin bug lets hackers create rogue admin accounts

Vulnerebility

Bleepingcomputer

2.5.20

Microsoft Teams patched against image-based account takeover

Vulnerebility

Bleepingcomputer

2.5.20

Hackers exploit zero-day in Sophos XG Firewall, fix released

Exploit  Vulnerebility

Bleepingcomputer

2.5.20

Hackers are targeting recently patched WebLogic security vulnerability

Vulnerebility

Securityaffairs

2.5.20

Oracle Says Hackers Targeting Recently Patched Vulnerabilities

Vulnerebility

Securityweek

1.5.20

Over 800K WordPress sites are at risk due to a flaw in Ninja Forms plugin

Vulnerebility

Securityaffairs

1.5.20

Several Vulnerabilities Patched With Release of WordPress 5.4.1

Vulnerebility

Securityweek

1.5.20

Critical SaltStack RCE Bug (CVSS Score 10) Affects Thousands of Data Centers

Vulnerebility

Thehackernews

1.5.20

Critical WordPress e-Learning Plugin Bugs Open Door to Cheating

Vulnerebility

Threatpost

1.5.20

Experts found critical flaws in 3 popular e-Learning WordPress Plugins

Vulnerebility

Securityaffairs

30.4.20

Critical Vulnerability in Salt Requires Immediate Patching

Vulnerebility

Securityweek

30.4.20

Critical Bugs Found in 3 Popular e-Learning Plugins for WordPress Sites

Vulnerebility

Thehackernews

30.4.20

High-Severity Cisco IOS XE Flaw Threatens SD-WAN Routers

Vulnerebility

Threatpost

30.4.20

Researcher Earns $20,000 From GitLab for Critical Vulnerability

Vulnerebility

Securityweek

29.4.20

Adobe addresses several critical flaws in Illustrator, Bridge, and Magento

Vulnerebility

Securityaffairs

29.4.20

Microsoft, Google Announce Wider Availability of Secure VMs

Vulnerebility

Securityweek

29.4.20

Six Critical Vulnerabilities Patched in Magento

Vulnerebility

Securityweek

29.4.20

Adobe fixes critical flaws in Magento, Adobe Illustrator and Bridge

Vulnerebility

Net-security

29.4.20

WordPress Plugin Bug Opens 100K Websites to Compromise

Vulnerebility

Threatpost

29.4.20

Critical Adobe Illustrator, Bridge and Magento Flaws Patched

Vulnerebility

Threatpost

29.4.20

Adobe Patches 22 Vulnerabilities in Bridge, Illustrator

Vulnerebility

Securityweek

29.4.20

Critical Security Patches Released for Magento, Adobe Illustrator and Bridge

Vulnerebility

Thehackernews

28.4.20

Code Injection Vulnerability Found in 'Real-Time Find and Replace' WordPress Plugin

Vulnerebility

Securityweek

28.4.20

Hackers Mount Zero-Day Attacks on Sophos Firewalls

Vulnerebility

Threatpost

28.4.20

Critical Ignition Gateway Vulnerability Can Lead to Disruption in Plants

Vulnerebility

Securityweek

27.4.20

Microsoft Teams Vulnerability Exposed Organizations to Attacks

Attack  Vulnerebility

Securityweek

27.4.20

Attackers exploiting a zero-day in Sophos firewalls, have yours been hit?

Vulnerebility

Net-security

27.4.20

Malware Delivered to Sophos Firewalls via Zero-Day Vulnerability

Virus  Vulnerebility

Securityweek

25.4.20

Researcher discloses four IBM zero-days after refusal to fix

Vulnerebility

Bleepingcomputer

25.4.20

Flaws in ABB DCS Allow Hackers to Cause Disruption in Industrial Environments

Vulnerebility

Securityweek

24.4.20

Mozilla offers bigger rewards for Firefox flaws under its bug bounty program

Vulnerebility

Securityaffairs

24.4.20

Mozilla Offers Bigger Rewards for Firefox Vulnerabilities

Vulnerebility

Securityweek

23.4.20

Microsoft Issues Out-Of-Band Security Update For Office, Paint 3D

Vulnerebility

Threatpost

23.4.20

Fast-Moving DDoS Botnet Exploits Unpatched ZyXel RCE Bug

BotNet  Exploit  Vulnerebility

Threatpost

23.4.20

Microsoft Out-of-Band Advisory Addresses Autodesk FBX Vulnerabilities

Vulnerebility

Securityweek

22.4.20

Flaw Could Have Allowed Hackers to Identify All Zoom Users in a Company

Vulnerebility

Securityweek

22.4.20

Update MS Office, Paint 3D to plug RCE vulnerabilities

Vulnerebility

Net-security

22.4.20

Multiple vulnerabilities discovered in smart home devices

Vulnerebility

Net-security

22.4.20

OpenSSL Project fixed high-severity CVE-2020-1967 DoS issue in OpenSSL

Vulnerebility

Securityaffairs

22.4.20

IBM Tells Researcher It Will Not Patch Serious Data Risk Manager Flaws

Vulnerebility

Securityweek

21.4.20

Expert discloses 4 zero-days in IBM Data Risk Manager

Vulnerebility

Securityaffairs

21.4.20

High-Severity Vulnerability in OpenSSL Allows DoS Attacks

Vulnerebility

Securityweek

21.4.20

Microsoft Will Not Patch Security Bypass Flaw Abusing MSTSC

Vulnerebility

Securityweek

21.4.20

Researcher Discloses 4 Zero-Day Bugs in IBM's Enterprise Security Software

Vulnerebility

Thehackernews

21.4.20

Unpatchable 'Starbleed' Bug in FPGA Chips Exposes Critical Devices to Hackers

Vulnerebility

Thehackernews

29.4.20

Six Critical Vulnerabilities Patched in Magento

Vulnerebility

Securityweek

29.4.20

Adobe fixes critical flaws in Magento, Adobe Illustrator and Bridge

Vulnerebility

Net-security

29.4.20

WordPress Plugin Bug Opens 100K Websites to Compromise

Vulnerebility

Threatpost

29.4.20

Critical Adobe Illustrator, Bridge and Magento Flaws Patched

Vulnerebility

Threatpost

29.4.20

Adobe Patches 22 Vulnerabilities in Bridge, Illustrator

Vulnerebility

Securityweek

29.4.20

Critical Security Patches Released for Magento, Adobe Illustrator and Bridge

Vulnerebility

Thehackernews

28.4.20

Code Injection Vulnerability Found in 'Real-Time Find and Replace' WordPress Plugin

Vulnerebility

Securityweek

28.4.20

Hackers Mount Zero-Day Attacks on Sophos Firewalls

Vulnerebility

Threatpost

28.4.20

Critical Ignition Gateway Vulnerability Can Lead to Disruption in Plants

Vulnerebility

Securityweek

27.4.20

Microsoft Teams Vulnerability Exposed Organizations to Attacks

Attack  Vulnerebility

Securityweek

27.4.20

Attackers exploiting a zero-day in Sophos firewalls, have yours been hit?

Vulnerebility

Net-security

27.4.20

Malware Delivered to Sophos Firewalls via Zero-Day Vulnerability

Virus  Vulnerebility

Securityweek

25.4.20

Researcher discloses four IBM zero-days after refusal to fix

Vulnerebility

Bleepingcomputer

25.4.20

Flaws in ABB DCS Allow Hackers to Cause Disruption in Industrial Environments

Vulnerebility

Securityweek

24.4.20

Mozilla offers bigger rewards for Firefox flaws under its bug bounty program

Vulnerebility

Securityaffairs

24.4.20

Mozilla Offers Bigger Rewards for Firefox Vulnerabilities

Vulnerebility

Securityweek

23.4.20

Microsoft Issues Out-Of-Band Security Update For Office, Paint 3D

Vulnerebility

Threatpost

23.4.20

Fast-Moving DDoS Botnet Exploits Unpatched ZyXel RCE Bug

BotNet  Exploit  Vulnerebility

Threatpost

23.4.20

Microsoft Out-of-Band Advisory Addresses Autodesk FBX Vulnerabilities

Vulnerebility

Securityweek

22.4.20

Flaw Could Have Allowed Hackers to Identify All Zoom Users in a Company

Vulnerebility

Securityweek

22.4.20

Update MS Office, Paint 3D to plug RCE vulnerabilities

Vulnerebility

Net-security

22.4.20

Multiple vulnerabilities discovered in smart home devices

Vulnerebility

Net-security

22.4.20

OpenSSL Project fixed high-severity CVE-2020-1967 DoS issue in OpenSSL

Vulnerebility

Securityaffairs

22.4.20

IBM Tells Researcher It Will Not Patch Serious Data Risk Manager Flaws

Vulnerebility

Securityweek

21.4.20

Expert discloses 4 zero-days in IBM Data Risk Manager

Vulnerebility

Securityaffairs

21.4.20

High-Severity Vulnerability in OpenSSL Allows DoS Attacks

Vulnerebility

Securityweek

21.4.20

Microsoft Will Not Patch Security Bypass Flaw Abusing MSTSC

Vulnerebility

Securityweek

21.4.20

Researcher Discloses 4 Zero-Day Bugs in IBM's Enterprise Security Software

Vulnerebility

Thehackernews

21.4.20

Unpatchable 'Starbleed' Bug in FPGA Chips Exposes Critical Devices to Hackers

Vulnerebility

Thehackernews

21.4.20

Foxit PDF Reader, PhantomPDF Open to Remote Code Execution

Vulnerebility

Threatpost

20.4.20

Patching Pulse Secure VPN Not Enough to Keep Attackers Out, CISA Warns

Vulnerebility

Securityweek

20.4.20

Starbleed vulnerability: Attackers can gain control over FPGAs

Vulnerebility

Net-security

18.4.20

Intel April Platform Update fixes high severity security issues

Vulnerebility

Bleepingcomputer

18.4.20

Experts shed the light on the mysterious critical VMware vCenter Server issue

Vulnerebility

Securityaffairs

18.4.20

Cisco addresses critical issues in IP Phones and UCS Director

Vulnerebility

Securityaffairs

18.4.20

Several Botnets Using Zero-Day Vulnerability to Target Fiber Routers

BotNet  Vulnerebility

Securityweek

17.4.20

GitHub Shares Details on Six Chrome Vulnerabilities

Vulnerebility

Securityweek

17.4.20

CISA Warns Patched Pulse Secure VPNs Could Still Expose Organizations to Hackers

Vulnerebility

Thehackernews

17.4.20

Cisco Patches Critical Flaws in IP Phones, UCS Director

Vulnerebility

Securityweek

17.4.20

Details Released for Flaw Allowing Full Control Over VMware Deployments

Vulnerebility

Securityweek

17.4.20

Using Cisco IP phones? Fix these critical vulnerabilities

Vulnerebility

Net-security

16.4.20

Intel Fixes High-Severity Flaws in NUC, Discontinues Buggy Compute Module

Vulnerebility

Threatpost

16.4.20

SAP's April 2020 Security Updates Patch Five Critical Vulnerabilities

Vulnerebility

Securityweek

15.4.20

Oracle's April 2020 Critical Patch Update Brings 397 Security Fixes

Vulnerebility

Securityweek

15.4.20

Microsoft addresses three Windows issues actively exploited

Exploit  Vulnerebility

Securityaffairs

15.4.20

Adobe addresses five issues in ColdFusion, After Effects, Digital Editions

Vulnerebility

Securityaffairs

15.4.20

Windows Vulnerabilities Exploited for Code Execution, Privilege Escalation

Vulnerebility

Securityweek

15.4.20

Adobe Patches Flaws in ColdFusion, After Effects, Digital Editions

Vulnerebility

Securityweek

15.4.20

April 2020 Patch Tuesday: Microsoft fixes four actively exploited vulnerabilities

Vulnerebility

Net-security

14.4.20

Fingerprint-Exposing Flaw in OnePlus 7 Phone Highlights TEE Issues

Vulnerebility

Securityweek

14.4.20

Oracle Tackles a Massive 405 Bugs for Its April Quarterly Patch Update

Vulnerebility

Threatpost

12.4.20

VMWare releases fix for critical vCenter Server vulnerability

Vulnerebility

Bleepingcomputer

11.4.20

80% of all exposed Exchange servers still unpatched for critical flaw

Vulnerebility

Bleepingcomputer

11.4.20

Critical Vuln in vCenter vmdir (CVE-2020-3952)

Vulnerebility

SANS

11.4.20

Critical VMware Bug Opens Up Corporate Treasure to Hackers

Vulnerebility

Threatpost

10.4.20

CVE2020-3952 flaw could allow attackers to hack VMware vCenter Server

Vulnerebility

Securityaffairs

10.4.20

Hackers Can Compromise VMware vCenter Server Via Newly Patched Flaw

Vulnerebility

Securityweek

10.4.20

Botnet Targets Critical Vulnerability in Grandstream Appliance

BotNet  Vulnerebility

Securityweek

10.4.20

April 2020 Patch Tuesday forecast: Uncertainty reigns, but patching endures through pandemic

Vulnerebility

Net-security

10.4.20

Google and Mozilla address serious flaws in Firefox and Chrome browsers

Vulnerebility

Securityaffairs

9.4.20

Serious Vulnerabilities Patched in Chrome, Firefox

Vulnerebility

Net-security

9.4.20

‘Fake Fingerprints’ Bypass Scanners with 3D Printing

Vulnerebility

Threatpost

8.4.20

Cisco Research Shows High Success Rate in Bypassing Fingerprint Authentication

Vulnerebility

Securityweek

8.4.20

Serious Exchange Flaw Still Plagues 350K Servers

Vulnerebility

Threatpost

8.4.20

Increase in Exploited Zero-Days Shows Broader Access to Vulnerabilities

Vulnerebility

Securityweek

7.4.20

Google Patches Critical RCE Vulnerabilities in Android's System Component

Vulnerebility

Securityweek

7.4.20

Full-time bug hunting: Pros and cons of an emerging career

Vulnerebility

Net-security

7.4.20

A Brisk Private Trade in Zero-Days Widens Their Use

Vulnerebility

Threatpost

7.4.20

Pre-Installed Utility Renders HP Computers Vulnerable to Attacks

Attack  Vulnerebility

Securityweek

7.4.20

Qualys VMDR: Discover, prioritize, and patch critical vulnerabilities in real time

Vulnerebility

Net-security

6.4.20

Two critical Firefox vulnerabilities exploited by attackers, patch now!

Exploit  Vulnerebility

Net-security

5.4.20

Windows PCs Exposed to Attacks by Critical HP Support Assistant Bugs

Vulnerebility

Bleepingcomputer

4.4.20

Critical WordPress Plugin Bug Lets Hackers Turn Users Into Admins

Vulnerebility

Bleepingcomputer

3.4.20

Unpatched Flaw in Discontinued Plugin Exposes WordPress Sites to Attacks

Vulnerebility

Securityweek

3.4.20

M Digital Wallet Items Exposed in Key Ring Cloud Misconfig

Vulnerebility

Threatpost

3.4.20

Google Squashes High-Severity Flaws in Chrome Browser

Vulnerebility

Threatpost

3.4.20

Researcher Finds New Class of Windows Vulnerabilities

Vulnerebility

Securityweek

2.4.20

Zoom Vulnerabilities Expose Users to Spying, Other Attacks

Vulnerebility

Securityweek

2.4.20

Two Zoom Zero-Day Flaws Uncovered

Vulnerebility

Threatpost

2.4.20

Critical WordPress Plugin Bug Can Lock Admins Out of Websites

Vulnerebility

Threatpost

2.4.20

Patch Released for Linux Kernel Vulnerability Disclosed at Hacking Contest

Vulnerebility

Securityweek

2.4.20

Unpatched Zoom App Bug Lets Hackers Steal Your Windows Password

Vulnerebility

Thehackernews

2.4.20

Large number of mobile apps may be vulnerable to hacking

Hacking  Mobil  Vulnerebility

Net-security

1.4.20

Experts published PoC exploits for CVE-2020-0796 privilege escalation flaw on Windows

Exploit  Vulnerebility

Securityaffairs

1.4.20

Critical Flaw in SEO Plugin Exposed Many WordPress Sites to Attacks

Vulnerebility

Securityweek

1.4.20

SMBGhost Vulnerability Allows Privilege Escalation on Windows Systems

Vulnerebility

Securityweek

1.4.20

A critical flaw in Rank Math WordPress plugin allows hackers to give users Admins privileges

Vulnerebility

Securityaffairs

31.3.20

Vulnerabilities Expose Lexus, Toyota Cars to Hacker Attacks

Vulnerebility

Securityweek

30.3.20

Vulnerabilities in DrayTek Enterprise Routers Exploited in Attacks

Vulnerebility

Securityweek

30.3.20

Debunking vulnerability management myths for a safer enterprise

Vulnerebility

Net-security

29.3.20

Hackers target zero-day flaws in enterprise Draytek network devices

Vulnerebility

Securityaffairs

29.3.20

HPE Warns of New Bug That Kills SSD Drives After 40,000 Hours

Vulnerebility

Bleepingcomputer

29.3.20

Tor Browser 9.0.7 Patches Bug That Could Deanonymize Users

Vulnerebility

Bleepingcomputer

28.3.20

Adobe Fixes Critical Vulnerability in Creative Cloud Application

Vulnerebility

Bleepingcomputer

27.3.20

Critical CODESYS Bug Allows Remote Code Execution

Vulnerebility

Threatpost

26.3.20

Remote Code Execution Vulnerability Patched in OpenWrt

Vulnerebility

Securityweek

26.3.20

Organizations struggle with patching endpoints against critical vulnerabilities

Vulnerebility

Net-security

25.3.20

Password vulnerability at Fortune 1000 companies

Vulnerebility

Net-security

25.3.20

Tor Browser 9.0.7 addresses a flaw that could allow unmasking Tor users

Vulnerebility

Securityaffairs

25.3.20

Critical RCE Bug Affects Millions of OpenWrt-based Network Devices

Vulnerebility

Securityaffairs

25.3.20

Critical Adobe Flaw Fixed in Out-of-Band Security Update

Vulnerebility

Threatpost

25.3.20

Videolabs Patches Code Execution, DoS Vulnerabilities in libmicrodns Library

Vulnerebility

Securityweek

25.3.20

VMware Again Fails to Patch Privilege Escalation Vulnerability in Fusion

Vulnerebility

Securityweek

25.3.20

Critical RCE Bug Affects Millions of OpenWrt-based Network Devices

Vulnerebility

Thehackernews

24.3.20

Adobe addressed a critical vulnerability in Adobe Creative Cloud App that allows deleting files

Vulnerebility

Securityaffairs

24.3.20

Critical Flaw in Adobe Creative Cloud App Allows Hackers to Delete Files

Vulnerebility

Securityweek

24.3.20

Microsoft Warns of Critical Windows Zero-Day Flaws

Vulnerebility

Threatpost

24.3.20

Microsoft warns of targeted attacks exploiting Windows zero-day flaws

Vulnerebility

Securityaffairs

24.3.20

Hackers Target Two Unpatched Flaws in Windows Adobe Type Manager Library

Vulnerebility

Securityweek

24.3.20

Warning — Two Unpatched Critical 0-Day RCE Flaws Affect All Windows Versions

OS  Vulnerebility

Thehackernews

24.3.20

Windows users under attack via two new RCE zero-days

Vulnerebility

Net-security

23.3.20

Vulnerability Exposed Tesla Central Touchscreen to DoS Attacks

Attack  Vulnerebility

Securityweek

23.3.20

Flaw in Password Managers Allowed Apps to Steal Credentials

Vulnerebility

Securityweek

23.3.20

Botnet operators target multiple zero-day flaws in LILIN DVRs

BotNet  Exploit  Vulnerebility

Securityaffairs

23.3.20

Zero-Day Vulnerabilities in LILIN DVRs Exploited by Several Botnets

BotNet  Exploit  Vulnerebility

Securityweek

23.3.20

Google addresses high severity bugs in Chrome

Vulnerebility

Securityaffairs

22.3.20

Adobe Fixes Nine Critical Vulnerabilities in Reader, Acrobat

Vulnerebility

Bleepingcomputer

22.3.20

VMware Fixes High Severity Privilege Escalation Bug in Fusion

Vulnerebility

Bleepingcomputer

21.3.20

New Mirai Variant ‘Mukashi’ Targets Zyxel NAS Devices

BotNet  Vulnerebility

Threatpost

21.3.20

New Mirai Variant Delivered to Zyxel NAS Devices Via Recently Patched Flaw

BotNet  Vulnerebility

Securityweek

20.3.20

Drupal addresses two XSS flaws by updating the CKEditor

Vulnerebility

Securityaffairs

20.3.20

Cisco fixes root privilege, command injection vulnerabilities in Cisco SD-WAN solution

Vulnerebility

Net-security

20.3.20

Cisco Warns of High-Severity SD-WAN Flaws

Vulnerebility

Threatpost

20.3.20

Drupal Updates CKEditor to Patch XSS Vulnerabilities

Vulnerebility

Securityweek

20.3.20

Google Patches High-Risk Chrome Flaws, Halts Upcoming Releases

Vulnerebility

Securityweek

20.3.20

Patch for Recently Disclosed VMware Fusion Vulnerability Incomplete

Vulnerebility

Securityweek

19.3.20

Adobe Discloses Dozens of Critical Photoshop, Acrobat Reader Flaw

Vulnerebility

Threatpost

19.3.20

Azure Red Flag: Microsoft Accidentally Fixes Cloud Config ‘Bug’

Vulnerebility

Threatpost

19.3.20

Trend Micro Fixes Critical Flaws Under Attack

Attack  Vulnerebility

Threatpost

19.3.20

Cisco Patches Several Vulnerabilities in SD-WAN Solution

Vulnerebility

Securityweek

19.3.20

A week after Patch Tuesday, Adobe drops security fixes for six offerings

Vulnerebility

Net-security

18.3.20

VMware fixes high severity privilege escalation and DoS in its products

Vulnerebility

Securityaffairs

18.3.20

Adobe releases out-of-band patches for critical issues in Acrobat Reader, Photoshop, Bridge, ColdFusion

Vulnerebility

Securityaffairs

18.3.20

Adobe Patches Critical Flaws in Reader, ColdFusion, Other Products

Vulnerebility

Securityweek

18.3.20

VMware Fixes Privilege Escalation Vulnerability in Fusion for Mac

Vulnerebility

Securityweek

18.3.20

Adobe Releases Critical Patches for Acrobat Reader, Photoshop, Bridge, ColdFusion

Vulnerebility

Thehackernews

18.3.20

Trend Micro Patches Two Vulnerabilities Exploited in the Wild

Exploit  Vulnerebility

Securityweek

17.3.20

Users Complain About Windows Update That Patches SMBGhost Vulnerability

Vulnerebility

Securityweek

17.3.20

Most organizations have yet to fix CVE-2020-0688 Microsoft Exchange flaw

Vulnerebility

Securityaffairs

17.3.20

Organizations Slow to Patch Targeted Microsoft Exchange Vulnerability

Vulnerebility

Securityweek

17.3.20

Slack Vulnerability Allowed Hackers to Hijack Accounts

Vulnerebility

Securityweek

17.3.20

WordPress and Apache Struts weaponized vulnerabilities on the rise

Vulnerebility

Net-security

16.3.20

ProtonMail, ProtonVPN Will Use Alternative Routing to Bypass Censorship

Vulnerebility

Securityweek

15.3.20

Slack Bug Allowed Automating Account Takeover Attacks

Vulnerebility

Bleepingcomputer

15.3.20

VMWare Releases Fix for Critical Guest-to-Host Vulnerability

Vulnerebility

Bleepingcomputer

15.3.20

48K Windows Hosts Vulnerable to SMBGhost CVE-2020-0796 RCE Attacks

Vulnerebility

Bleepingcomputer

15.3.20

Slack bugs allowed take over victims’ accounts

Vulnerebility

Securityaffairs

15.3.20

A bug in Tor Browser allows execution of JavaScript even in Safest security level

Vulnerebility

Securityaffairs

14.3.20

Firefox 74 Released: Security Fixes, Improvements, and Fixes

Vulnerebility

Bleepingcomputer

14.3.20

New LVI Intel CPU Data Theft Vulnerability Requires Hardware Fix

Vulnerebility

Bleepingcomputer

14.3.20

WordPress Plugin Bug in Popup Builder Threatens 100K Websites

Vulnerebility

Threatpost

14.3.20

VMware fixes a critical bug in Workstation, Fusion that allows code execution on host From guest

Vulnerebility

Securityaffairs

14.3.20

Flaws in Popup Builder Plugin Impacted Over 100,000 WordPress Sites

Vulnerebility

Securityweek

14.3.20

Critical Flaw in VMware Workstation, Fusion Allows Code Execution on Host From Guest

Vulnerebility

Securityweek

13.3.20

Flaws in the Popup Builder WordPress plugin expose 100K+ websites to hack

Vulnerebility

Securityaffairs

13.3.20

VMware Patches for Bugs in DHCP Service (Workstation, Fusion, Horizon, VMRC)

Vulnerebility

SANS

13.3.20

Number of open source vulnerabilities surged in 2019

Vulnerebility

Net-security

13.3.20

Microsoft fixes CVE-2020-0796, the SMBv3 wormable bug recently leaked

Vulnerebility

Securityaffairs

13.3.20

Out-of-Band Windows Updates Patch Wormable SMB Vulnerability

Vulnerebility

Securityweek

13.3.20

Several Vulnerabilities Expose Phoenix Contact Industrial 4G Routers to Attacks

Attack  Mobil  Vulnerebility

Securityweek

13.3.20

Critical Patch Released for 'Wormable' SMBv3 Vulnerability — Install It ASAP!

Vulnerebility

Thehackernews

13.3.20

The human element in security is still needed to combat application vulnerabilities

Vulnerebility

Net-security

13.3.20

Most computers easy to hack due to vulnerability in memory chips

Vulnerebility

Net-security

12.3.20

Experts disclose tens of flaws in Zyxel Cloud CNM SecuManager, includes dangerous backdoors

Vulnerebility

Securityaffairs

12.3.20

Vulnerability Prompts Avast to Disable Emulator Used by Antivirus

Vulnerebility

Securityweek

12.3.20

Google Offering Higher Bonuses for Cloud Platform Vulnerabilities

Vulnerebility

Securityweek

12.3.20

Wormable, Unpatched Microsoft Bug Threatens Corporate LANs

Virus  Vulnerebility

Threatpost

12.3.20

Flaws Riddle Zyxel’s Network Management Software

Vulnerebility

Threatpost

12.3.20

Avast disables the JavaScript engine component due to a severe issue

Vulnerebility

Securityaffairs

12.3.20

Scientists expose another security flaw in Intel processors

Vulnerebility

Net-security

11.3.20

Bugs in Avast AntiTrack expose users to cyber attacks

Vulnerebility

Securityaffairs

11.3.20

Microsoft’s Patch Tuesday updates for March 2020 fix 115 issues

Vulnerebility

Securityaffairs

11.3.20

Microsoft accidentally reveals Wormable Win SMBv3 CVE-2020-0796 Flaw

Vulnerebility

Securityaffairs

11.3.20

Microsoft disrupted US-Based Infrastructure of the Necurs botnet

Vulnerebility

Securityaffairs

11.3.20

Critical Vulnerabilities in SAP Solution Manager Expose Companies to Attacks

Vulnerebility

Securityweek

11.3.20

Tens of Vulnerabilities Expose WAGO Controllers, HMI Panels to Attacks

Vulnerebility

Securityweek

11.3.20

Firefox 74 Patches Vulnerabilities, Disables TLS 1.0 and 1.1

Vulnerebility

Securityweek

11.3.20

Avast AntiTrack Flaw Allows MitM Attacks on HTTPS Traffic

Vulnerebility

Securityweek

11.3.20

Microsoft Working on Patches for Wormable SMB Vulnerability

Vulnerebility

Securityweek

11.3.20

Microsoft Patches 115 Vulnerabilities in Windows, Other Products

Vulnerebility

Securityweek

11.3.20

Warning — Unpatched Critical 'Wormable' Windows SMBv3 Flaw Disclosed

Vulnerebility

Thehackernews

11.3.20

Microsoft Issues March 2020 Updates to Patch 115 Security Flaws

Vulnerebility

Thehackernews

11.3.20

Microsoft Hijacks Necurs Botnet that Infected 9 Million PCs Worldwide

Vulnerebility

Thehackernews

11.3.20

LVI Attacks: New Intel CPU Vulnerability Puts Data Centers At Risk

Vulnerebility

Thehackernews

11.3.20

Critical SMBv3 Vulnerability: Remote Code Executio

Vulnerebility

SANS

11.3.20

Wormable Windows SMBv3 RCE flaw leaked, but not patched

Vulnerebility

Net-security

10.3.20

Microsoft Exchange Server Flaw Exploited in APT Attacks

Attack  Vulnerebility

Threatpost

10.3.20

PPP Daemon flaw opens Linux distros, networking devices to takeover attacks

Vulnerebility

Net-security

9.3.20

Nation-state actors are exploiting CVE-2020-0688 Microsoft Exchange server flaw

Vulnerebility

Securityaffairs

9.3.20

Netgear fixes a critical RCE that could allow to takeover Flagship Nighthawk routers

Vulnerebility

Securityaffairs

8.3.20

Zoho Fixes No-Auth RCE Zero-Day in ManageEngine Desktop Central

Vulnerebility

Bleepingcomputer

8.3.20

YouTube Web Site Subscriptions are Broken, Videos Not Displayed [Fixed]

Vulnerebility

Bleepingcomputer

8.3.20

Zero-Day Bug Allowed Attackers to Register Malicious Domains

Vulnerebility  Virus

Bleepingcomputer

8.3.20

Let's Encrypt to Revoke 3 Million TLS Certificates Due to Bug

Vulnerebility

Bleepingcomputer

8.3.20

Microsoft Releases March 2020 Office Updates With Fixes, Improvements

Vulnerebility

Bleepingcomputer

7.3.20

Active Scans for Apache Tomcat Ghostcat Vulnerability Detected, Patch Now

Vulnerebility

Bleepingcomputer

7.3.20

CVE-2019-0090 flaw affects Intel Chips released in the last 5 years

Vulnerebility

Securityaffairs

7.3.20

Critical Zoho Zero-Day Flaw Disclosed

Vulnerebility

Threatpost

7.3.20

This Unpatchable Flaw Affects All Intel CPUs Released in Last 5 Years

Vulnerebility

Thehackernews

6.3.20

Most of Linux distros affected by a critical RCE in PPP Daemon flaw

Vulnerebility

Securityaffairs

6.3.20

Let's Encrypt Will Not Replace 1 Million Bug-Affected Certificates

Vulnerebility

Securityweek

6.3.20

Zoho Working on Patch for Zero-Day Vulnerability in ManageEngine Product

Vulnerebility

Securityweek

6.3.20

High-Severity Cisco Webex Flaws Fixed

Vulnerebility

Threatpost

6.3.20

Chris Eng: Patch Management Challenges Drive ‘Security Debt’

Vulnerebility

Threatpost

6.3.20

Critical PPP Daemon Flaw Opens Most Linux Systems to Remote Hackers

Vulnerebility

Thehackernews

5.3.20

Cisco addresses high severity RCE flaws in Webex Player

Vulnerebility

Securityaffairs

5.3.20

Critical Netgear Bug Impacts Flagship Nighthawk Router

Vulnerebility

Threatpost

5.3.20

Vulnerability allows attackers to register malicious lookalikes of legitimate web domains

Vulnerebility  Virus

Net-security

4.3.20

A Zero-Day Homograph Domain Name Attack

Attack  Vulnerebility

Securityweek

4.3.20

Bug Forces Let's Encrypt to Revoke 3 Million Certificates

Vulnerebility

Securityweek

4.3.20

Let’s Encrypt CA is revoking over 3 Million TLS certificates due to a bug

Vulnerebility

Securityaffairs

4.3.20

Let's Encrypt Revoking 3 Million TLS Certificates Issued Incorrectly Due to a Bug

Vulnerebility

Thehackernews

3.3.20

Cisco offers free 90-day Webex Licenses due to coronavirus outbreak

Vulnerebility

Securityaffairs

3.3.20

A bug in the Walgreens mobile app leaked customers’ messages

Vulnerebility

Securityaffairs

3.3.20

Experts warn of mass scans for Apache Tomcat Ghostcat flaw

Vulnerebility

Securityaffairs

3.3.20

Patches Released for WordPress Plugin Vulnerabilities Exploited in Attacks

Vulnerebility

Securityweek

3.3.20

Gamer Alert: Serious Nvidia Flaw Plagues Graphics Driver

Vulnerebility

Threatpost

2.3.20

NVIDIA Patches DoS Flaws in GPU Driver and vGPU Software

Vulnerebility

Securityweek

2.3.20

You are focusing too much on vulnerabilities that pose little danger

Vulnerebility

Net-security

1.3.20

NVIDIA Fixes High Severity Flaw in Windows GPU Display Driver

Vulnerebility

Bleepingcomputer

1.3.20

Critical Bugs in WordPress Plugins Let Hackers Take Over Sites

Vulnerebility

Bleepingcomputer

1.3.20

Cisco Working on Patches for New Kr00k WiFi Vulnerability

Vulnerebility

Bleepingcomputer

1.3.20

Cisco Working on Patches for New Kr00k WiFi Vulnerability

Vulnerebility

Bleepingcomputer

1.3.20

Hackers Scanning for Vulnerable Microsoft Exchange Servers, Patch Now!

Vulnerebility

Bleepingcomputer

1.3.20

DoppelPaymer Hacked Bretagne Télécom Using the Citrix ADC Flaw

Vulnerebility

Bleepingcomputer

1.3.20

Kr00k Bug in Broadcom, Cypress WiFi Chips Leaks Sensitive Info

Vulnerebility

Bleepingcomputer

1.3.20

Multiple WordPress Plugin Vulnerabilities Actively Being Attacked

Vulnerebility

Bleepingcomputer

29.2.20

New Critical RCE Bug in OpenBSD SMTP Server Threatens Linux Distros

Vulnerebility

Bleepingcomputer

29.2.20

All versions of Apache Tomcat are affected by the Ghostcat flaw

Vulnerebility

Securityaffairs

29.2.20

Apache Tomcat Affected by Serious 'Ghostcat' Vulnerability

Vulnerebility

Securityweek

29.2.20

GhostCat: New High-Risk Vulnerability Affects Servers Running Apache Tomcat

Vulnerebility

Thehackernews

28.2.20

Cisco addresses vulnerabilities in FXOS, UCS Manager and NX-OS Software

Vulnerebility

Securityaffairs

28.2.20

Intel Patched Over 230 Vulnerabilities in Its Products in 2019

Vulnerebility

Securityweek

28.2.20

Cisco to Release Updates for Wireless Products Affected by Kr00k Vulnerability

Vulnerebility

Securityweek

27.2.20

Threat actors scan Internet for Vulnerable Microsoft Exchange Servers

Vulnerebility

Securityaffairs

27.2.20

Cisco Patches Flaws in FXOS, UCS Manager and NX-OS Software

Vulnerebility

Securityweek

27.2.20

Hackers Looking for Exchange Servers Affected by Recently Patched Flaw

Vulnerebility

Securityweek

27.2.20

Less Than Half of Vulnerabilities in Popular Docker Images Pose Risk: Study

Vulnerebility

Securityweek

27.2.20

CWE list now includes hardware security weaknesses

Vulnerebility

Net-security

27.2.20

Unpatched Security Flaws Open Connected Vacuum to Takeover

Vulnerebility

Threatpost

27.2.20

Kr00k Wi-Fi Encryption flaw affects more than a billion devices

Vulnerebility

Securityaffairs

27.2.20

Over 20 Zyxel Firewalls Impacted by Recent Zero-Day Vulnerability

Vulnerebility

Securityweek

27.2.20

New Wi-Fi Encryption Vulnerability Affects Over A Billion Devices

Vulnerebility

Thehackernews

27.2.20

Flaw affecting 1B+ Wi-Fi-enabled devices allows attackers to decrypt wireless network packets

Vulnerebility

Net-security

27.2.20

Attackers probing for vulnerable Microsoft Exchange Servers, is yours one of them?

Vulnerebility

Net-security

26.2.20

Kr00k Vulnerability Exposed Data From Over a Billion Wi-Fi Devices

Vulnerebility

Securityweek

26.2.20

New LTE Network Flaw Could Let Attackers Impersonate 4G Mobile Users

Mobil  Vulnerebility

Thehackernews

26.2.20

OpenSMTPD Vulnerability Leads to Command Injection

Vulnerebility

Securityweek

26.2.20

Zyxel addresses Zero-Day vulnerability in NAS devices

Vulnerebility

Securityaffairs

26.2.20

Over 100 Vulnerabilities Patched in MyBB in Past 5 Years

Vulnerebility

Securityweek

25.2.20

State-Sponsored Cyberspies Use Sophisticated Server Firewall Bypass Technique

Vulnerebility

Securityweek

25.2.20

Zyxel Patches Zero-Day Vulnerability in Network Storage Products

Vulnerebility

Securityweek

25.2.20

Google Patches Chrome Vulnerability Exploited in the Wild

Vulnerebility

Securityweek

25.2.20

New OpenSMTPD RCE Flaw Affects Linux and OpenBSD Email Servers

Vulnerebility

Thehackernews

25.2.20

A new RCE in OpenSMTPD’s default install, patch available

Vulnerebility

Net-security

25.2.20

Vulnerabilities in Moxa Networking Device Expose Industrial Environments to Attacks

Vulnerebility

Securityweek

25.2.20

Vulnerabilities Allow Hackers to Access Honeywell Fire Alarm Systems

Vulnerebility

Securityweek

23.2.20

Zero-Day in WordPress Plugin Exploited to Create Admin Accounts

Exploit  Vulnerebility

Bleepingcomputer

22.2.20

Firefox 73.0.1 Released With Fixes for Linux, Windows Crashes

Vulnerebility

Bleepingcomputer

22.2.20

Unsafe WordPress Plugin Installed on Nearly 200,000 Sites

Vulnerebility

Bleepingcomputer

22.2.20

VMware addresses serious flaws in vRealize Operations for Horizon Adapter

Vulnerebility

Securityaffairs

21.2.20

VMware Patches Serious Flaws in vRealize Operations for Horizon Adapter

Vulnerebility

Securityweek

21.2.20

Critical Cisco Bug Opens Software Licencing Manager to Remote Attack

Attack  Vulnerebility

Threatpost

21.2.20

Critical Adobe Flaws Fixed in Out-of-Band Update

Vulnerebility

Threatpost

21.2.20

Adobe released out-of-band updates for After Effects and Media Encoder apps

Vulnerebility

Securityaffairs

21.2.20

Cisco fixes a static default credential issue in Smart Software Manager tool

Vulnerebility

Securityaffairs

21.2.20

High-risk vulnerabilities and public cloud-based attacks on the rise

Vulnerebility

Net-security

20.2.20

BlueKeep Flaw Plagues Outdated Connected Medical Devices

Vulnerebility

Threatpost

20.2.20

Hackers are actively exploiting a Zero-Day in WordPress ThemeREX Plugin to create Admin AccountsVulnerebilitySecurityaffairs

20.2.20

Vulnerable Out of Band Consoles Put Industrial Assets at RiskVulnerebilitySecurityweek
19.2.20WordPress Websites Hacked via Vulnerabilities in Two Themes PluginsVulnerebilitySecurityweek
19.2.20Lenovo, HP, Dell Peripherals Face Unpatched Firmware BugsVulnerebility

Threatpost

19.2.20Over 22,000 Vulnerabilities Disclosed in 2019: ReportVulnerebilitySecurityweek
19.2.20

A third of all vulnerabilities in 2019 had a CVSS v2 score of 7.0 and above

Vulnerebility

Net-security
18.2.20

Unsigned Firmware running on peripherals could expose Windows, Linux systems to hack

Hacking  Vulnerebility

Securityaffairs
18.2.20

F-Secure Patches Old AV Bypass Vulnerability

Vulnerebility

Securityweek
18.2.20

Serious Vulnerabilities Expose SonicWall SMA Appliances to Remote Attacks

Vulnerebility

Securityweek
18.2.20

Peripherals With Unsigned Firmware Expose Windows, Linux Computers to Attacks

Attack  Vulnerebility

Securityweek
18.2.20CVE-2019-0604 SharePoint Remote code execution (RCE) vulnerabilityVulnerebilitySecurityaffairs
18.2.20Flaw in WordPress ThemeGrill Demo Importer WordPress theme plugin expose 200K+ sites to hackVulnerebilitySecurityaffairs
18.2.20Critical Bug in WordPress Theme Plugin Opens 200,000 Sites to HackersVulnerebilityThehackernews
17.2.20Flaw in WordPress Themes Plugin Allowed Hackers to Become Site AdminVulnerebilitySecurityweek
17.2.20Microsoft Pulls UEFI-Related Windows Update After Users Report ProblemsVulnerebilitySecurityweek
17.2.20A Dozen Vulnerabilities Affect Millions of Bluetooth LE Powered DevicesVulnerebilityThehackernews
16.2.20SweynTooth Bug Collection Affects Hundreds of Bluetooth ProductsVulnerebility

Bleepingcomputer

16.2.20WordPress Cookie Consent Plugin Fixes Critical Flaw for 700K UsersVulnerebility

Bleepingcomputer

16.2.20

Microsoft Releases February 2020 Office Updates With Security FixesVulnerebility

Bleepingcomputer

16.2.20Microsoft Patches Actively Exploited Internet Explorer Zero-DayVulnerebility

Bleepingcomputer

16.2.20

Microsoft's February 2020 Patch Tuesday Fixes 99 Flaws, IE 0dayVulnerebility

Bleepingcomputer

16.2.20Windows 10 Cumulative Updates KB4532693 & KB4532691 ReleasedVulnerebility

Bleepingcomputer

16.2.20Adobe Releases the February 2020 Security UpdatesVulnerebility

Bleepingcomputer

16.2.20SweynTooth Bluetooth flaws affect devices from major system-on-a-chip (SoC) vendorsVulnerebilitySecurityaffairs
15.2.20Firefox 73 Released With Security Fixes, New DoH Provider, MoreVulnerebility

Bleepingcomputer

15.2.20SoundCloud Fixed API Flaws That Could Lead to Account TakeoverVulnerebility

Bleepingcomputer

15.2.20

Dell SupportAssist Bug Exposes Business, Home PCs to AttacksVulnerebility

Bleepingcomputer

15.2.20

SweynTooth: Bluetooth Vulnerabilities Expose Many Devices to Attacks

Attack  Vulnerebility

Securityweek

14.2.20

MIT Researchers Find Vulnerabilities in Voatz Voting AppVulnerebilitySecurityweek
14.2.20Critical WordPress Plugin Bug Afflicts 700K SitesVulnerebility

Threatpost

14.2.20Profinet Vulnerability Exposes Siemens, Moxa Devices to DoS AttacksAttack  VulnerebilitySecurityweek

13.2.20

600+ installs of WordPress Cookie Consent Plugin vulnerable to hack. Fix it now!VulnerebilitySecurityaffairs

13.2.20

Mozilla Firefox 73 Browser Update Fixes High-Severity RCE Bugs

Vulnerebility

Threatpost

13.2.20

Intel Patches High-Severity Flaw in Security Engine

Vulnerebility

Threatpost

13.2.20

Adobe Addresses Critical Flash, Framemaker Flaws

Vulnerebility

Threatpost

13.2.20

Dell Patches SupportAssist Flaw That Allows Arbitrary Code Execution

Vulnerebility

Threatpost

13.2.20

SAP Releases 13 Security Notes on February 2020 Patch DayVulnerebilitySecurityweek

13.2.20

March Patch Tuesday is Coming - the LDAP Changes will Change Your Life!

Vulnerebility

SANS

12.2.20

Microsoft Patch Tuesday updates for February 2020 fix IE 0day flawVulnerebilitySecurityaffairs
12.2.20Adobe addresses 42 flaws in its five productsVulnerebilitySecurityaffairs

12.2.20

Microsoft Patches IE Zero-Day, 98 Other VulnerabilitiesVulnerebilitySecurityweek

12.2.20

Adobe Patches 42 Vulnerabilities Across Five ProductsVulnerebilitySecurityweek

12.2.20

Update Microsoft Windows Systems to Patch 99 New Security FlawsVulnerebilityThehackernews

12.2.20

Adobe Releases Patches for Dozens of Critical Flaws in 5 SoftwareVulnerebilityThehackernews

12.2.20

February 2020 Patch Tuesday: Microsoft fixes 99 vulnerabilities, Adobe 42

Vulnerebility

Net-security
11.2.20Dell SupportAssist flaw exposes computers to hack, patch it asap!VulnerebilitySecurityaffairs
11.2.20Flaws in Accusoft ImageGear Expose Users to Remote AttacksVulnerebilitySecurityweek
11.2.20Another Flaw in Dell SupportAssist Allows Code Execution With Elevated PrivilegesVulnerebilitySecurityweek
9.2.20Bug in Philips Smart Light Allows Hopping to Devices on the NetworkVulnerebility

Bleepingcomputer

9.2.20Cisco Patches Critical CDP Flaws Affecting Millions of DevicesVulnerebility

Bleepingcomputer

9.2.20Realtek Fixes DLL Hijacking Flaw in HD Audio Driver for WindowsHacking  Vulnerebility

Bleepingcomputer

9.2.20Chrome 80 Released With 56 Security Fixes, Cookie Changes, MoreVulnerebility

Bleepingcomputer

9.2.20WhatsApp Bug Allowed Attackers to Access the Local File SystemSocial  Vulnerebility

Bleepingcomputer

9.2.20Google Bug Sent Private Google Photos Videos to Other UsersVulnerebility

Bleepingcomputer

8.2.20Critical Citrix RCE Flaw Still Threatens 1,000s of Corporate LANsVulnerebility

Threatpost

8.2.20Organizations Quick to Patch Critical Citrix ADC VulnerabilityVulnerebilitySecurityweek
7.2.20Critical Bluetooth Vulnerability Exposes Android Devices to AttacksAttack  VulnerebilitySecurityweek
7.2.20

February 2020 Patch Tuesday forecast: A lot of love coming our way

Vulnerebility

Net-security

6.2.20

cdpwn – Millions of devices at risk due to flaws in implementations of Cisco Discovery Protocol (CDP)VulnerebilitySecurityaffairs

6.2.20

DLL Hijacking Vulnerability Found in Realtek HD Audio DriverHacking  VulnerebilitySecurityweek

6.2.20

Critical Cisco ‘CDPwn’ Flaws Break Network Segmentation

Vulnerebility

Threatpost

6.2.20

Critical Cisco ‘CDPwn’ Protocol Flaws Explained: Podcast

Vulnerebility

Threatpost

6.2.20

Chrome 80 Released With 56 Security Fixes

Security  Vulnerebility

Securityweek

6.2.20

5 High Impact Flaws Affect Cisco Routers, Switches, IP Phones and Cameras

Vulnerebility

Thehackernews

6.2.20

CDPwn vulnerabilities open millions of Cisco enterprise devices to attack

Vulnerebility

Net-security

5.2.20Cisco Discovery Protocol Flaws Expose Tens of Millions of Devices to AttacksVulnerebilitySecurityweek
5.2.20Vulnerability in WhatsApp Desktop Exposed User FilesSocial  VulnerebilitySecurityweek
5.2.20Sudo Vulnerability Allows Privilege Escalation to RootVulnerebilitySecurityweek
5.2.20Flaw in Philips Smart Light Bulbs Exposes Your WiFi Network to HackersVulnerebilityThehackernews
5.2.20

Touch panels deployed in critical infrastructure vulnerable to remote attacks

Attack  Vulnerebility

Net-security
5.2.20Medtronic Patches Implanted Device, CareLink Programmer BugsVulnerebilityThreatpost
4.2.20Vulnerabilities in Mini-SNMPD Lead to DoS, Information DisclosureAttack  VulnerebilitySecurityweek
4.2.20

Sudo CVE-2019-18634 flaw allows Non-Privileged Linux and macOS Users run commands as Root

Vulnerebility

Securityaffairs
4.2.20

Vulnerability in Linear eMerge Access Controllers Exploited in the Wild

Vulnerebility

Securityweek
4.2.20

Medtronic Releases Patches for Cardiac Device Flaws Disclosed in 2018, 2019

Vulnerebility

Securityweek
3.2.20Microsoft announces the launch of a bug bounty program for XboxVulnerebilitySecurityaffairs
3.2.20Trend Micro Patches More Vulnerabilities in Anti-Threat ToolkitVulnerebilitySecurityweek
3.2.20Sudo Bug Lets Non-Privileged Linux and macOS Users Run Commands as RootVulnerebilityThehackernews
2.2.20200K WordPress Sites Exposed to Takeover Attacks by Plugin BugVulnerebility

Bleepingcomputer

2.2.20Critical Remote Code Execution Bug Fixed in OpenBSD SMTP ServerVulnerebility

Bleepingcomputer

2.2.20Magento 2.3.4 Fixes Critical Code Execution VulnerabilitiesVulnerebility

Bleepingcomputer

1.2.20

Windows 7 To Get Post End of Life Update to Fix Wallpaper BugVulnerebility

Bleepingcomputer

1.2.20

Microsoft's IE Zero-day Fix is Breaking Windows PrintingVulnerebilityBleepingcomputer

31.1.20

Researcher Finds Over 60 Vulnerabilities in Physical Security SystemsVulnerebilitySecurityweek

31.1.20

200K WordPress Sites Vulnerable to Plugin Flaw

Vulnerebility

Threatpost

31.1.20

Cisco Patches Two High-Severity Bugs in its Small Business Switch Lineup

Vulnerebility

Threatpost

31.1.20

U.N. Hack Stemmed From Microsoft SharePoint Flaw

BigBrothers  Vulnerebility

Threatpost

31.1.20

Check Point detailed two flaws in Microsoft Azure that could have allowed taking over cloud serversVulnerebilitySecurityaffairs

31.1.20

Hackers Can Earn $20,000 for Xbox VulnerabilitiesVulnerebilitySecurityweek

30.1.20

Cisco Small Business Switches affected by DoS and information disclosure flawsVulnerebility

Securityaffairs

30.1.20

Over 200K WordPress sites potentially exposed to hack due to Code Snippets flawVulnerebility

Securityaffairs

30.1.20

Flaw in 'Code Snippets' Plugin Exposed Many WordPress Sites to AttacksVulnerebilitySecurityweek

30.1.20

Cisco Patches DoS, Information Disclosure Flaws in Small Business SwitchesVulnerebilitySecurityweek

30.1.20

Dell, HP Memory-Access Bugs Open Attacker Path to Kernel Privileges

Vulnerebility

Threatpost

30.1.20

Critical Flaws in Magento e-Commerce Platform Allow Code-Execution

Vulnerebility

Threatpost

30.1.20

Serious Vulnerability Discovered in OpenSMTPD

Vulnerebility

Securityweek

30.1.20

Magento 2.3.4 Patches Critical Code Execution Vulnerabilities

Vulnerebility

Securityweek

30.1.20

CVE-2020-7247 RCE flaw in OpenSMTPD library affects many BSD and Linux distrosVulnerebility

Securityaffairs

30.1.20

Microsoft Azure Flaws Could Have Let Hackers Take Over Cloud ServersHacking  VulnerebilityThehackernews

30.1.20

Critical OpenSMTPD Bug Opens Linux and OpenBSD Mail Servers to HackersVulnerebilityThehackernews

30.1.20

UN hacked: Attackers got in via SharePoint vulnerability

BigBrothers  Vulnerebility

Net-security

30.1.20

Magento patches critical code execution vulnerabilities, upgrade ASAP!

Vulnerebility

Net-security

29.1.20

Critical RCE flaw in OpenSMTPD, patch available

Vulnerebility

Net-security

29.1.20

Zoom Fixes Flaw Opening Meetings to HackersVulnerebilityThreatpost

29.1.20

Magento 2.3.4 addresses three critical Code execution flawsVulnerebility

Securityaffairs

29.1.20A vulnerability in Zoom platform allowed miscreants to join Zoom meetingsVulnerebility

Securityaffairs

29.1.20Vulnerability Allowed Attackers to Join Zoom MeetingsVulnerebilitySecurityweek
28.1.20CacheOut/L1DES: New Speculative Execution Attack Affecting Intel CPUsAttack  VulnerebilitySecurityweek
28.1.20Zoom Bug Could Have Let Uninvited People Join Private MeetingsVulnerebilityThehackernews
28.1.20PoC Exploits Created for Recently Patched 'BlueGate' Windows Server FlawsExploit  VulnerebilitySecurityweek

26.1.20

Patching the Citrix ADC Bug Doesn't Mean You Weren't HackedVulnerebility

Bleepingcomputer

26.1.20Critical MDhex Vulnerabilities Shake the Healthcare SectorVulnerebilityBleepingcomputer

26.1.20

Cisco Webex flaw allows unauthenticated remote attackers to join private meetings

Vulnerebility

Securityaffairs

26.1.20Chinese hackers exploited a Trend Micro antivirus zero-day used in Mitsubishi Electric hackExploit  Hacking  VulnerebilitySecurityaffairs
26.1.20Cisco Webex Vulnerability Exploited to Join Meetings Without a PasswordVulnerebilitySecurityweek
25.1.20Citrix Patches CVE-2019-19781 Flaw in Citrix ADC 11.1 and 12.0Vulnerebility

Bleepingcomputer

25.1.20Expert released DOS Exploit PoC for Critical Windows RDP Gateway flawsExploit  VulnerebilitySecurityaffairs
25.1.20Citrix Releases More Patches for Exploited Flaw, Tool to Detect CompromiseVulnerebilitySecurityweek
25.1.20

Cisco Webex Flaw Lets Unauthenticated Users Join Private Online Meetings

Vulnerebility

Threatpost

24.1.20

MDhex vulnerabilities open GE Healthcare patient monitoring devices to attackers

Vulnerebility

Net-security

24.1.20Cisco fixes critical issue in Cisco Firepower Management CenterVulnerebilitySecurityaffairs
24.1.20

Cisco Warns of Critical Network Security Tool Flaw

Vulnerebility

Threatpost

24.1.20

Critical, Unpatched ‘MDhex’ Bugs Threaten Hospital Devices

Vulnerebility

Threatpost

24.1.20Cisco Patches Critical Vulnerability in Network Security ToolVulnerebilitySecurityweek
24.1.20Vulnerabilities Found in GE Healthcare Patient Monitoring ProductsVulnerebilitySecurityweek
23.1.20

IoC Scanner shows if Citrix appliances have been compromised via CVE-2019-19781

Vulnerebility

Net-security

23.1.20

It’s time to patch your Cisco security solutions again

Vulnerebility

Net-security

23.1.20Serious Vulnerabilities Expose Honeywell Surveillance Systems to AttacksVulnerebilitySecurityweek
23.1.20Multiple Vulnerabilities Found in AMD ATI Radeon Graphics CardsVulnerebilitySecurityweek
22.1.20Unofficial Patch Released for Recently Disclosed Internet Explorer Zero-DayVulnerebilitySecurityweek
22.1.20

Honeywell Maxpro VMS/NVR systems vulnerable to hijacking

Vulnerebility

Net-security
22.1.20Citrix Accelerates Patch Rollout For Critical RCE FlawVulnerebility

Threatpost

21.1.20

Micropatch simulates workaround for recent zero-day IE flaw, removes negative side effects

Vulnerebility

Net-security

21.1.20

First patches for the Citrix ADC, Gateway RCE flaw released

Vulnerebility

Net-security

20.1.20Citrix Releases First Patches for Critical ADC VulnerabilityVulnerebilitySecurityweek
20.1.20Citrix Releases Patches for Critical ADC Vulnerability Under Active AttackVulnerebilityThehackernews
20.1.20Citrix releases permanent fixes for CVE-2019-19781 flaw in ADC 11.1 and 12.0VulnerebilitySecurityaffairs
20.1.20WP Database Reset WordPress plugin flaws allow website takeoverVulnerebilitySecurityaffairs
19.1.20How Malware Gains Trust by Abusing the Windows CryptoAPI FlawVulnerebility  Virus

Bleepingcomputer

19.1.20

Hackers Are Securing Citrix Servers, Backdoor Them for AccessHacking  Vulnerebility

Bleepingcomputer

19.1.20Dutch Govt Suggests Turning Off Citrix ADC Devices, Mitigations May FailBigBrothers  Vulnerebility

Bleepingcomputer

19.1.20Intel Patches High Severity Flaw in VTune Performance ProfilerVulnerebility

Bleepingcomputer

19.1.20

Windows 7 Gets Final Monthly Rollup Update Before End Of LifeVulnerebility

Bleepingcomputer

19.1.20Microsoft's January 2020 Patch Tuesday Fixes 49 VulnerabilitiesVulnerebility

Bleepingcomputer

19.1.20Windows 10 Cumulative Updates KB4528760 & KB4534273 ReleasedVulnerebility

Bleepingcomputer

19.1.20Microsoft Fixes Windows CryptoAPI Spoofing Flaw Reported by NSAVulnerebility

Bleepingcomputer

19.1.20Critical WordPress Plugin Bug Allows Admin Logins Without PasswordVulnerebility

Bleepingcomputer

19.1.20Adobe Releases Their January 2020 Security UpdatesVulnerebility

Bleepingcomputer

19.1.20CISA Releases Test Tool for Citrix ADC CVE-2019-19781 VulnerabilityVulnerebility

Bleepingcomputer

18.1.20

Microsoft Warns of Unpatched IE Browser Zero-Day That's Under Active AttacksVulnerebilityThehackernews

18.1.20

Attacker Installs Backdoor, Blocks Others From Exploiting Citrix ADC VulnerabilityExploit  VulnerebilitySecurityweek
17.1.20Critical Cisco Flaws Now Have PoC ExploitExploit  Vulnerebility

Threatpost

17.1.20Expert released PoC exploits for recently disclosed Cisco DCNM flawsExploit  VulnerebilitySecurityaffairs
17.1.20PoC Exploits Released for Cisco DCNM VulnerabilitiesExploit  VulnerebilitySecurityweek
17.1.20

Summing up CVE-2020-0601, or the Let?s Decrypt vulnerability

Vulnerebility

SANS

16.1.20Critical WordPress Bug Leaves 320,000 Sites Open to AttackVulnerebility

Threatpost

16.1.20

Critical auth bypass issues affect InfiniteWP Client and WP Time Capsule WordPress pluginsVulnerebilitySecurityaffairs
16.1.20VMware addresses flaws in VMware Tools and Workspace ONE SDKVulnerebilitySecurityaffairs
15.1.20Microsoft addresses CVE-2020-0601 flaw, the first issue ever reported by NSAVulnerebilitySecurityaffairs

15.1.20

Vulnerabilities Found in VMware Tools, Workspace ONE SDKVulnerebilitySecurityweek

15.1.20

Oracle's January 2020 CPU Delivers 334 New PatchesVulnerebilitySecurityweek
15.1.20Adobe Patches Five Critical Illustrator CC FlawsVulnerebility

Threatpost

15.1.20

Microsoft Patches Major Crypto Spoofing BugVulnerebility

Threatpost

15.1.20

Oracle Ties Previous All-Time Patch High with January UpdatesVulnerebility

Threatpost

15.1.20

Intel Fixes High-Severity Flaw in Performance Analysis ToolVulnerebility

Threatpost

15.1.20January 2020 Adobe Patch Tuesday updates fix issues in Illustrator, Experience ManagerVulnerebilitySecurityaffairs

15.1.20

SAP Releases 6 Security Notes on January 2020 Patch DayVulnerebilitySecurityweek

15.1.20

NSA Discloses Serious Windows Vulnerability to MicrosoftBigBrothers  VulnerebilitySecurityweek

15.1.20

Microsoft Patch Tuesday for January 2020

Vulnerebility

SANS

15.1.20

January 2020 Patch Tuesday: Microsoft nukes Windows crypto flaw flagged by the NSA

Vulnerebility

Net-security

14.1.20

Google Researchers Detail Critical iMessage VulnerabilityVulnerebilitySecurityweek
14.1.20Adobe Patches Vulnerabilities in Illustrator, Experience ManagerVulnerebilitySecurityweek

14.1.20

Hundreds of Millions of PCs Remain Vulnerable as Windows 7 Reaches End of LifeVulnerebilitySecurityweek

14.1.20

Update Windows 10 Immediately to Patch a Flaw Discovered by the NSAVulnerebilityThehackernews

14.1.20

Adobe Releases First 2020 Patch Tuesday Software UpdatesVulnerebilityThehackernews

14.1.20

Cisco addressed a high-severity bug in Webex that could allow Remote Code ExecutionVulnerebilitySecurityaffairs

14.1.20

Unpatched Citrix Flaw Now Has PoC ExploitsVulnerebility

Threatpost

14.1.20‘Cable Haunt’ Bug Plagues Millions of Home ModemsVulnerebility

Threatpost

12.1.20Mozilla Firefox 72.0.1 Patches Actively Exploited Zero-DayExploit  Vulnerebility

Bleepingcomputer

12.1.20Attackers Are Scanning for Vulnerable Citrix Servers, Secure NowVulnerebility

Bleepingcomputer

12.1.20TikTok Flaws Allowed Hackers to Delete Videos, Steal User InfoVulnerebility

Bleepingcomputer

12.1.20Microsoft Releases January 2020 Office Updates With Crash FixesOS  Vulnerebility

Bleepingcomputer

11.1.20PoC Exploits Released for Citrix ADC and Gateway RCE VulnerabilityExploit  VulnerebilityThehackernews

11.1.20

Pulse Secure VPN Vulnerability Still Widely Exploited, CISA WarnsVulnerebilitySecurityweek

11.1.20

Remote Code Execution Flaw Impacts E2fsprogs Filesystem UtilityVulnerebilitySecurityweek

11.1.20

Cable Haunt: Millions of Cable Modems With Broadcom Chips Vulnerable to AttacksAttack  VulnerebilitySecurityweek

11.1.20

CISA warns that Pulse Secure VPN issue CVE-2019-11510 is still exploitedExploit  VulnerebilitySecurityaffairs

11.1.20

Cisco Webex Bug Allows Remote Code Execution

Vulnerebility

Threatpost

10.1.20

Experts warn of ongoing scans for Citrix servers affected by CVE-2019-19781VulnerebilitySecurityaffairs
10.1.20Hackers Scan for Vulnerable Citrix ADC SystemsVulnerebilitySecurityweek
10.1.20PayPal Patches Vulnerability That Exposed User PasswordsVulnerebilitySecurityweek

10.1.20

January 2020 Patch Tuesday forecast: Let’s start the new decade right

Vulnerebility

Net-security

9.1.20Critical Firefox 0-Day Under Active Attacks – Update Your Browser Now!VulnerebilityThehackernews

9.1.20

Attackers exploiting critical Citrix ADC, Gateway flaw, company yet to release fixes

Vulnerebility

Net-security

9.1.20

Mozilla patches actively exploited Firefox zero-day

Exploit  Vulnerebility

Net-security

9.1.20

Google Ditches Patch-Time Bug Disclosure in Favor of 90-Day Policy

Vulnerebility

Threatpost

9.1.20

TikTok Riddled With Security Flaws

Vulnerebility

Threatpost

9.1.20

Mozilla Releases Firefox 72: High-Severity Bugs Patched, Fingerpinting Nixed

Vulnerebility

Threatpost

9.1.20Mozilla addresses CVE-2019-17026 Firefox Zero-Day exploited in targeted attacksExploit  VulnerebilitySecurityaffairs

9.1.20

Mozilla Patches Firefox Zero-Day Exploited in Targeted AttacksExploit  VulnerebilitySecurityweek

9.1.20

Google Project Zero Updates Vulnerability Disclosure PolicyVulnerebilitySecurityweek

8.1.20

Security flaws allowed hijacking any TikTok account

Vulnerebility

Securityaffairs

7.1.20

A Quick Update on Scanning for CVE-2019-19781 (Citrix ADC / Gateway Vulnerability)

Vulnerebility

SANS
7.1.20Antivirus Vendors Patch Bug First Discovered 10 Years AgoVulnerebilitySecurityweek
7.1.20Pulse Secure VPN Vulnerability Exploited to Deliver RansomwareExploit  Ransomware  VulnerebilitySecurityweek
4.1.20Cisco Talos discovered 2 critical flaws in the popular OpenCV libraryVulnerebilitySecurityaffairs
4.1.20Serious Vulnerabilities Patched in OpenCV Computer Vision LibraryVulnerebilitySecurityweek
4.1.20

3 Critical Bugs Allow Remote Attacks on Cisco NX-OS and Switches

Vulnerebility

Threatpost

3.1.20Cisco addresses several flaws in its DCNM productVulnerebilitySecurityaffairs
3.1.20Remote Command Execution and Information disclosure flaws affect dozens of D-Link routersVulnerebilitySecurityaffairs
3.1.20Cisco DCNM Users Warned of Serious VulnerabilitiesVulnerebilitySecurityweek
3.1.20Critical Vulnerabilities Impact Ruckus Wi-Fi RoutersVulnerebilitySecurityweek
3.1.20Remote Command Execution Vulnerability Affects Many D-Link RoutersVulnerebilitySecurityweek

2.1.20

High Risk Vulnerabilities Addressed in Big Monitoring FabricVulnerebilitySecurityweek

2.1.20

Citrix Vulnerability Leaves 80,000 Companies at RiskVulnerebilitySecurityweek