Oracle Quarterly Critical Patches Issued January 18, 2021

DESCRIPTION: Multiple vulnerabilities have been discovered in Oracle products, which could allow for remote code execution. SYSTEM AFFECTED: * Agile Product Lifecycle Management Integration Pack for Oracle E-Business Suite, version 3.6 * Application Performance Management, versions 13.4.1.0, 13.5.1.0 * Big Data Spatial and Graph, versions prior to 23.1 * Enterprise Manager Base Platform, versions 13.4.0.0, 13.5.0.0 * Enterprise Manager Ops Center, version 12.4.0.0 * Fujitsu...

Read More

Multiple Vulnerabilities in Mozilla Firefox and Thunderbird Could Allow for Arbitrary Code Execution

DESCRIPTION: Multiple vulnerabilities have been discovered in Mozilla Firefox, Firefox Extended Support Release (ESR), and Thunderbird, the most severe of which could allow for arbitrary code execution. * Mozilla Firefox is a web browser used to access the Internet. * Mozilla Firefox ESR is a version of the web browser intended to be deployed in large organizations. * Mozilla Thunderbird is an email client. Successful...

Read More

Multiple Vulnerabilities in Google Android OS Could Allow for Escalation of Privilege

DESCRIPTION: Multiple vulnerabilities have been discovered in the Google Android operating system (OS), the most severe of which could allow for escalation of privilege. Android is an operating system developed by Google for mobile devices, including, but not limited to, smartphones, tablets, and watches. Successful exploitation of the most severe of these vulnerabilities could allow for escalation of privilege. Depending on the privileges associated with...

Read More

Multiple Vulnerabilities in Cisco Products Could Allow for Arbitrary Code Execution

DESCRIPTION: Multiple vulnerabilities have been discovered in Cisco Products, the most severe of which could allow for arbitrary code execution. Successful exploitation of the most severe of these vulnerabilities could allow an unauthenticated, remote attacker to execute code on the affected systems. Depending on the privileges associated with the targeted user, an attacker could then install programs; view, change, or delete data; or create new...

Read More

A Vulnerability in Zoho Desktop Central and Desktop Central MSP Could Allow for Authentication Bypass

Multiple Vulnerabilities in Mozilla Firefox and Could Allow for Arbitrary Code Execution

Multiple Vulnerabilities in Adobe Products Could Allow for Arbitrary Code Execution

DESCRIPTION:Multiple vulnerabilities have been discovered in Adobe products, themost severe of which could allow for Arbitrary Code Execution. * Premiere Rush is a video editor.* Illustrator is a vector graphics editor and design program.* Photoshop is a graphics editor.* Adobe After Effects is a digital visual effects, motion graphics, andcompositing application.* Creative Cloud is a cloud service provided by Adobe where its softwarecan be accessed...

Read More

Critical Patches Issued for Microsoft Products, February 08, 2022

DESCRIPTION:Multiple vulnerabilities have been discovered in Microsoft products, themost severe of which could allow for remote code execution in thecontext of the logged on user. Depending on the privileges associatedwith the user, an attacker could then install programs; view, change, ordelete data; or create new accounts with full user rights. Users whoseaccounts are configured to have fewer user rights on the system could beless impacted...

Read More

A Vulnerability in Samba Could Allow for Arbitrary Code Execution

DESCRIPTION:A vulnerability has been discovered in Samba which could allow forarbitrary code execution. Samba is the standard Windows interoperabilitysuite of programs for Linux and Unix. Successful exploitation of thisvulnerability could result in arbitrary code execution as root onaffected Samba installations that use the VFS module vfs_fruit.Depending on the permission associated with the application running theexploit, an attacker could then install programs; view, change, ordelete data....

Read More