SAP BusinessObjects Business Intelligence Platform DoS (December 2025)

The version of SAP BusinessObjects Business Intelligence Platform installed on the remote host is affected by a denial of service vulnerability as disclosed in the SAP Security Patch Day December 2025: - SAP Business Objects allows an unauthenticated attacker to flood the service due to improper...

SANnav ROCKY LINUX Upgrade for RLSA-2024:5530, RLSA-2024:5101, RLSA-2024:4583, RLSA-2024:3501, RLSA-2024:3513, RLSA-2024:3619, RLSA-2024:4349, RLSA-2024:4078, RLSA-2024:2758, RLSA-2024:2758

Brocade SANnav OVA versions 2.3.1b and 2.4.0 along with Brocade sannavova8xos122024 SANnav OVA patch from December 2024 utilize an upgraded Rocky Linux Kernel. The upgrade has provided Security updates for numerous security vulnerabilities. Rocky Linux Security Update for python-setuptools...

Multiple security updates for Trend Micro Apex One and Apex One as a Service (December 2024)

Overview Trend Micro Apex One and Apex One as a Service contain multiple vulnerabilities. Trend Micro Incorporated has released multiple security updates for Trend Micro Apex One and Apex One as a Service. Trend Micro Incorporated reported these vulnerabilities to JPCERT/CC to notify users of the...

Patch Tuesday - December 2024

Microsoft is addressing 70 vulnerabilities this December 2024 Patch Tuesday. Microsoft has evidence of in-the-wild exploitation and public disclosure for one of the vulnerabilities published today, and this is reflected in a CISA KEV entry. For the third month in a row, Microsoft has published...

Microsoft Patch Tuesday for December 2024 contains four critical vulnerabilities

The Patch Tuesday for December of 2024 includes 72 vulnerabilities, including four that Microsoft marked as "critical." The remaining vulnerabilities listed are classified as "important." Microsoft assessed that exploitation of the four "critical" vulnerabilities is "less likely." CVE-2024-49112 ...

Wear OS Security Bulletin—December 2024Stay organized with collectionsSave and categorize content based on your preferences.

The Wear OS Security Bulletin contains details of security vulnerabilities affecting the Wear OS platform. The full Wear OS update comprises the security patch level of 2024-12-05 or later from the December 2024 Android Security Bulletin in addition to all issues in this bulletin. We encourage al...

Microsoft’s December 2023 Patch Tuesday Addresses One Zero-day Vulnerability

Summary: In the December Patch Tuesday release, Microsoft addressed a total of 42 CVEs, including one zero-day vulnerability. Within this range of vulnerabilities, the security update covered the typical spectrum of issues, including RCE flaws, concerns related to privilege escalation, spoofing,...

PT-2023-7751 · Microsoft · Azure Devops Server

Name of the Vulnerable Software and Affected Versions: Azure DevOps Server affected versions not specified Description: The issue is related to errors in the representation of information by the user interface. Exploitation of this issue may allow a remote attacker to bypass security restrictions...

PT-2023-7530 · Google · Android

Name of the Vulnerable Software and Affected Versions: Android versions prior to 2023-12-05 security patch Description: The issue is related to the APEX module framework of AOSP, where improperly used crypto could lead to a malicious update of platform components. This could result in local...

A week in security (Dec 13 – 19)

Last week on Malwarebytes Labs: Spear phish, whale phish, regular phish: What’s the difference? Kronos crippled by ransomware, service may be out for weeks 5 security lessons from 18 months of working from home What SMBs can do to protect against Log4Shell attacks After Log4j, December’s Patch...

Adobe's Year-End Update Patches 87 Flaws in Acrobat Software

Adobe is closing out this year with its December Patch Tuesday update to address a massive number of security vulnerabilities for just its two PDF apps—more than double the number of what Microsoft patched this month for its several products. Adobe today released patches for 87 vulnerabilities...

Microsoft Fixing 11 Vulnerabilities for December Patch Tuesday

Microsoft announced today that it plans on shipping seven bulletins, five critical, two important, for the December edition of its monthly patch Tuesday security bulletin release cycle. The year’s last scheduled batch of patches will address 11 vulnerabilities in all currently supported operating...