Security
Headlines
HeadlinesLatestCVEs

Tag

#rce

Update now!  Microsoft patches Follina, and many other security updates

Patch Tuesday for June 2022 brought a fix for Follina and many other security vulnerabilities. Time to figure out what needs to be prioritized. The post Update now!  Microsoft patches Follina, and many other security updates appeared first on Malwarebytes Labs.

Malwarebytes
Open in Source
#vulnerability#android#windows#google#microsoft#git#rce#ldap#auth#chrome#sap
CVE-2022-20137: Android Security Bulletin—June 2022  |  Android Open Source Project

In onCreateContextMenu of NetworkProviderSettings.java, there is a possible way for non-owner users to change WiFi settings due to a missing permission check. This could lead to local escalation of privilege with User execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-12 Android-12LAndroid ID: A-206986392

In Cybersecurity, What You Can’t See Can Hurt You

The dangers to SMBs and businesses of all sizes from cyberattacks are well known. But what’s driving these attacks, and what do cybersecurity stakeholders need to do that they’re not already doing?

Microsoft Patch Tuesday, June 2022 Edition

Microsoft on Tuesday released software updates to fix 60 security vulnerabilities in its Windows operating systems and other software, including a zero-day flaw in all supported Microsoft Office versions on all flavors of Windows that's seen active exploitation for at least two months now. On a lighter note, Microsoft is officially retiring its Internet Explorer (IE) web browser, which turns 27 years old this year.

Patch Tuesday: Microsoft Issues Fix for Actively Exploited 'Follina' Vulnerability

Microsoft officially released fixes to address an actively exploited Windows zero-day vulnerability known as Follina as part of its Patch Tuesday updates. Also addressed by the tech giant are 55 other flaws, three of which are rated Critical, 51 are rated Important, and one is rated Moderate in severity. Separately, five other shortcomings were resolved in the Microsoft Edge browser. <!-

Microsoft Patch Tuesday for June 2022 — Snort rules and prominent vulnerabilities

By Chetan Raghuprasad. Microsoft released its monthly security update Tuesday, disclosing 55 vulnerabilities in the company’s firmware and software. One of these vulnerabilities is considered critical, 40 are listed as high severity, and the remainder is considered "moderate."  The most... [[ This is only the beginning! Please visit the blog for the complete entry ]]

CVE-2021-42675: Internetagentur für Konzept, Design, CMS & eCommerce. – Internetagentur für Konzept, Design, CMS & eCommerce.

Kreado Kreasfero 1.5 does not properly sanitize uploaded files to the media directory. One can upload a malicious PHP file and obtain remote code execution.