48 matches found
EulerOS 2.0 SP12 : elfutils (EulerOS-SA-2025-1411)
According to the versions of the elfutils package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A vulnerability was found in GNU elfutils 0.192. It has been declared as critical. Affected by this vulnerability is the function...
CGA-XQ9Q-6R9H-VJ3Q
Bulletin has no description...
Vulnerability fixed in Veeam Backup & Replication
Veeam has fixed a vulnerability in Veeam Backup & Replication. The vulnerability is located in the authorization mechanism of the Backup & Replication software and allows a domain user to execute arbitrary code on the system where Backup & Replication is implemented. Veeam has released critical...
SUSE-SU-2025:0732-1 Security update for xorg-x11-server
This update for xorg-x11-server fixes the following issues: - CVE-2025-26594: Use-after-free of the root cursor bsc1237427. - CVE-2025-26595: Buffer overflow in XkbVModMaskText bsc1237429. - CVE-2025-26596: Heap overflow in XkbWriteKeySyms bsc1237430. - CVE-2025-26597: Buffer overflow in...
PT-2025-4230 · Microsoft · Azure Ai Face Service
Name of the Vulnerable Software and Affected Versions: Azure AI Face Service affected versions not specified Description: An authentication bypass by spoofing in Azure AI Face Service allows an authorized attacker to elevate privileges over a network. This issue has been exploited in real-world...
OracleVM 3.4 : kernel-uek (OVMSA-2024-0016)
The remote OracleVM system is missing necessary patches to address security updates: 4.1.12-124.92.3- memcgwriteeventcontrol: fix a user-triggerable oops Al Viro Orabug: 37070674 CVE-2024-45021- ocfs2: fix races between hole punching and AIO+DIO Su Yue Orabug: 36835819...
A week in security (May 22-28)
Last week on Malwarebytes Labs: Update now: 9 vulnerabilities impact Cisco Small Business Series ChatGPT: Cybersecurity friend or foe? Webinar recap: EDR vs MDR for business success Identity crisis: How an anti-porn crusade could jam the Internet, featuring Alec Muffett: Lock and Code S04E11...
Debian dla-3328 : clamav - security update
The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3328 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3328-1 [email protected]...
Update now! Critical patches for Chrome and Edge
Google has released an update for its Chrome browser that includes 30 security fixes. The latest version of the stable channel is now Chrome 101.0.4951.41 for Windows, Mac and Linux. This version addresses vulnerabilities that an attacker could exploit to take control of an affected system...
Unbreakable Enterprise kernel-container security update
4.14.35-2047.511.5.2.el7 - cgroup-v1: Require capabilities to set releaseagent Eric W. Biederman Orabug: 33876756 CVE-2022-0492 - scsi: libiscsi: Hold backlock when calling iscsicompletetask Gulam Mohamed Orabug: 33876755 4.14.35-2047.511.5.1 - arm64, mm, efi: Account for GICv3 LPI tables in stat...
Adobe’s Surprise Security Bulletin Dominated by Critical Patches
Adobe has dropped a mammoth out-of-band security update this week, addressing 92 vulnerabilities across 14 products. The majority of the disclosed bugs are critical-severity problems, and most allow arbitrary code execution ACE. Privilege escalation, denial-of-service and memory leaks/information...
Get patching! Wormable Windows flaw headlines Patch Tuesday
It looks like patching a wormable Remote Code Execution RCE bug in the HTTP stack of Windows 10 and Windows Server is likely to be top of most sysadmins todo lists after reading Mays Patch Tuesday updates. The monthly bug bonanza also features three other critical items among its 55 patches...
OracleVM 3.4 : Unbreakable / etc (OVMSA-2020-0041)
The remote OracleVM system is missing necessary patches to address critical security updates : - can: peakusb: pcanusbfd: Fix info-leaks to USB devices Tomas Bortoli Orabug: 31351221 CVE-2019-19535 - media: hdpvr: Fix an error handling path in hdpvrprobe Arvind Yadav Orabug: 31352053 CVE-2017-166...
Adobe Releases Critical Patches for Acrobat Reader, Photoshop, Bridge, ColdFusion
Though it's not Patch Tuesday, Adobe today released a massive batch of out-of-band software updates for six of its products to patch a total of 41 new security vulnerabilities. Adobe last week made a pre-announcement to inform its users of an upcoming security update for Acrobat and Reader, but t...
Oracle Solaris Critical Patch Update : oct2019_SRU11_3_36_15_0
This Solaris system is missing necessary patches to address critical security updates : - Vulnerability in the Oracle Solaris product of Oracle Systems component: Filesystem. Supported versions that are affected are 10 and 11. Difficult to exploit vulnerability allows low privileged attacker with...
August 2019 Patch Tuesday – 93 Vulns, 29 Critical, 7 Remote Desktop Vulns, Hyper-V, DHCP, Adobe vulns
Update Aug 13, 2019: Detect and Patch Windows Remote Desktop Vulnerabilities This month’s Microsoft Patch Tuesday addresses 93 vulnerabilities with 29 of them labeled as Critical. Of the 29 Critical vulns, 10 are for scripting engines and browsers, 6 for Windows Graphics/Font Library, and 4 are f...
Adobe Issues Critical Patches for ColdFusion, Flash Player, Campaign
It's Patch Tuesday week! Adobe has just released the latest June 2019 software updates to address a total 11 security vulnerabilities in its three widely-used products Adobe ColdFusion, Flash Player, and Adobe Campaign. Out of these, three vulnerabilities affect Adobe ColdFusion, a commercial rap...
Adobe Releases Critical Patches for Flash, Acrobat Reader, and Media Encoder
Adobe today released its monthly software updates to patch a total of 87 security vulnerabilities in its Adobe Acrobat and Reader, Flash Player and Media Encoder, most of which could lead to arbitrary code execution attacks or worse. None of the flaws patched this month in Adobe products has been...
VirtualBox VMSVGA a plurality of virtual machine escape vulnerability analysis-vulnerability warning-the black bar safety net
VirtualBox simulates a VMware virtual SVGA devices, which interface the detailed information and programming model can be on the network from public access. In addition, in the VMware hosted I/O architecture of GPU virtualization on paper, for the VMware SVGA device architecture had a very good...
New Android API Lets Developers Push Updates Within their Apps
You might have read somewhere online today that Google is granting Android app developers powers to forcefully install app updates…but it is not true. Instead, the tech giant is providing a new feature that will help users to have up-to-date Android apps all the time and yes, it's optional. Along...