remote code execution – Page 9

Two Chrome Browser Updates Plugs Holes Actively Targeted by Exploits

Posted on November 3, 2020 by Elizabeth Montalbano

Patches for both the Chrome desktop and Android browser address high-severity flaws with known exploits available in the wild. Continue reading Two Chrome Browser Updates Plugs Holes Actively Targeted by Exploits→

Oracle Rushes Emergency Fix for Critical WebLogic Server Flaw

Posted on November 3, 2020 by Lindsey O'Donnell

The remote code-execution flaw (CVE-2020-14750) is low-complexity and requires no user interaction to exploit. Continue reading Oracle Rushes Emergency Fix for Critical WebLogic Server Flaw→

WordPress Patches 3-Year-Old High-Severity RCE Bug

Posted on October 30, 2020 by Tom Spring

In all, WordPress patched 10 security bugs as part of the release of version 5.5.2 of its web publishing software. Continue reading WordPress Patches 3-Year-Old High-Severity RCE Bug→

WordPress Patches 3-Year-Old High-Severity RCE Bug

Posted on October 30, 2020 by Tom Spring

In all, WordPress patched 10 security bugs as part of the release of version 5.5.2 of its web publishing software. Continue reading WordPress Patches 3-Year-Old High-Severity RCE Bug→

Oracle WebLogic Server RCE Flaw Under Active Attack

Posted on October 29, 2020 by Lindsey O'Donnell

The flaw in the console component of the WebLogic Server, CVE-2020-14882, is under active attack, researchers warn. Continue reading Oracle WebLogic Server RCE Flaw Under Active Attack→

LinkedIn, Instagram Vulnerable to Preview-Link RCE Security Woes

Posted on October 27, 2020 by Tara Seals

Popular chat apps, including LINE, Slack, Twitter DMs and others, can also leak location data and share private info with third-party servers. Continue reading LinkedIn, Instagram Vulnerable to Preview-Link RCE Security Woes→

Oracle Kills 402 Bugs in Massive October Patch Update

Posted on October 21, 2020 by Lindsey O'Donnell

Over half of Oracle’s flaws in its quarterly patch update can be remotely exploitable without authentication; 65 are critical, and two have CVSS scores of 10 out of 10. Continue reading Oracle Kills 402 Bugs in Massive October Patch Update→

Microsoft Fixes RCE Flaws in Out-of-Band Windows Update

Posted on October 16, 2020 by Lindsey O'Donnell

The two important-severity flaws in Microsoft Windows Codecs Library and Visual Studio Code could enable remote code execution. Continue reading Microsoft Fixes RCE Flaws in Out-of-Band Windows Update→

Community detection: CVE-2020-16898

Posted on October 15, 2020 by Ben Reardon

By Ben Reardon, Corelight Security Researcher This month’s Microsoft Patch Tuesday included a severe Remote Code Execution vulnerability in the way that Windows TCP/IP handles IPv6 “Router Advertisement” ICMP messages. Due to the severity and wide scop… Continue reading Community detection: CVE-2020-16898→

Critical SonicWall VPN Portal Bug Allows DoS, Worming RCE

Posted on October 14, 2020 by Tara Seals

The CVE-2020-5135 stack-based buffer overflow security vulnerability is trivial to exploit, without logging in. Continue reading Critical SonicWall VPN Portal Bug Allows DoS, Worming RCE→