Alerts

Atlassian has resealed a security fix to mitigate a critical security vulnerability that uses hard-coded credentials affecting Confluence Server and Confluence Data Center. The Confluence user account with the username “disabledsystemuser” is created when the Questions for Confluence app is enabled on Confluence Server or Data Center. This account is intended to aid administrators in […]

Oracle has released its critical patch updates for July 2022, containing (349) new security patches for multiple affected products. The remote attacker could exploit some of these vulnerabilities to take control of the affected system. This critical patch update provides security updates to fix several vulnerabilities that may be remotely exploitable without authentication in a

Apple has released security updates to address multiple vulnerabilities in the updated versions 2022-005 Catalina, macOS Big Sur 11.6.8, and Monterey 12.5.The severity of the addressed vulnerabilities could allow the attackers to perform several attacks, like elevating privileges, OS crashes, and executing arbitrary code on the affected system. The addressed vulnerabilities include 37 flaws spanning

Cisco has released a security update to fix vulnerabilities across multiple products. The remote attacker could exploit these vulnerabilities to gain access, obtain information, and cause a denial of service. The vulnerabilities’ severities could allow the remote attacker to execute arbitrary code, read or upload container image files, and perform a cross-site request forgery attack. The

Google has released updated Chrome versions (103.0.5060.134) to fix several vulnerabilities. The remote attacker could exploit these vulnerabilities to take control of the affected system. The severity of the addressed vulnerabilities could allow the remote attacker to execute arbitrary code in the context of the affected applications by persuading the victim to visit a specially crafted webpage. Samples of

Apache has released security patches to address vulnerabilities in Apache CloudStack, Apache Spark, Apache Hive, and Apache SkyWalking. The remote attacker could exploit some of these vulnerabilities to take control of the affected system, execute commands or cause a denial of service. Sample of the addressed vulnerabilities: Apache CloudStack XML external entity (CVE-2022-35741): Apache CloudStack is vulnerable

Cisco has released security updates to address several vulnerabilities in multiple Cisco products such as Cisco Smart Software Manager, Cisco Unified Communications Products, Cisco Expressway Series and Cisco TelePresence Video Communication Server (VCS). Analysis The addressed vulnerabilities could allow the remote attacker to conduct several attacks on the affected systems, such as cross-site scripting, directory

OpenSSL has released security updates to fix several vulnerabilities. The remote attacker could exploit these vulnerabilities to take control of the affected system. OpenSSL is an open-source command-line tool commonly used to generate private keys, create CSRs, install your SSL/TLS certificate, and identify certificate information. OpenSSL is available for most Unix-like operating systems (including Linux, macOS,