Collaborate Disseminate
NVIDIA said a high-severity information-disclosure bug impacting its DGX A100 server line wouldn’t be patched until early 2021. Continue reading NVIDIA Patches Critical Bug in High-Performance Servers
The CVE-2020-5135 stack-based buffer overflow security vulnerability is trivial to exploit, without logging in. Continue reading Critical SonicWall VPN Portal Bug Allows DoS, Worming RCE
A Samba patch and a micropatch for end-of-life servers have debuted in the face of the critical vulnerability. Continue reading Zerologon Patches Roll Out Beyond Microsoft
Less than 500 machines have been patched since U.S. Cyber Command issued an alert to patch a critical bug that’s under active exploit. Continue reading Thousands of Vulnerable F5 BIG-IP Users Still Open to Takeover
Thousands of vulnerable websites need to apply the patch to avoid RCE. Continue reading Advertising Plugin for WordPress Threatens Full Site Takeovers
The release of a PoC for the Windows flaw known as “SMBGhost” could set off cyberattack waves, CISA warned. Continue reading SMBGhost RCE Exploit Threatens Corporate Networks
Emails purporting to be a Cisco “critical security advisory” are actually part of a phishing campaign trying to steal victims’ Webex credentials. Continue reading Cisco ‘Critical Update’ Phishing Attack Steals Webex Credentials
A second vulnerability could be used to prevent access to almost all of a site’s existing content, by simply redirecting visitors. Continue reading Critical WordPress Plugin Bug Can Lock Admins Out of Websites
Adobe’s monthly patch load is low for November, with only three critical bugs and eight important ones fixed. Continue reading Adobe Patches Critical Bugs in Illustrator, Media Encoder
Multiple critical memory safety bugs in Firefox 69 and Firefox ESR 68.1 in particular affect medium and large government entities and enterprises. Continue reading Firefox, Chrome Bugs Allow Arbitrary Code-Execution