Security Advisories & Alerts

Critical Patches Issued for Microsoft Products, July 13, 2021

DESCRIPTION:Multiple vulnerabilities have been discovered in Microsoft products, themost severe of which could allow for arbitrary code execution in thecontext of the logged on user. Depending on the privileges associatedwith the user, an attacker could then install programs; view, change, ordelete data; or create new accounts with full user rights. Users whoseaccounts are configured to have fewer user rights on the system could beless impacted...

Read More


Multiple Vulnerabilities in Adobe Products Could Allow for Arbitrary Code Execution

DESCRIPTION:Multiple vulnerabilities have been discovered in Adobe Products, themost severe of which could allow for arbitrary code execution. * Dimension is a 3D rendering and design software.* Illustrator is a vector graphics editor and design program.* Adobe Framemaker is a document processing software used to write andedit large or complex documents.* Acrobat and Reader is a family of application software and Webservices mainly used to...

Read More


Multiple Vulnerabilities in Mozilla Firefox Could Allow for Arbitrary Code Execution

DESCRIPTION:Multiple vulnerabilities have been discovered in Mozilla Firefox andFirefox Extended Support Release (ESR), the most severe of which couldallow for arbitrary code execution. Mozilla Firefox is a web browserused to access the Internet. Mozilla Firefox ESR is a version of the webbrowser intended to be deployed in large organizations. Successfulexploitation of these vulnerabilities could allow for arbitrary codeexecution. Depending on the privileges associated with the...

Read More


PetitPotam: Microsoft Windows Server NTLM Relay Attacks on Active Directory Certificate Services (AD CS)

Description:A new NTLM relay attack called PetitPotam has been discovered that allows threat actors to take over a domain controller, and thus an entire Windows domain.Many organizations utilize Microsoft Active Directory Certificate Services, which is a public key infrastructure (PKI) server that can be used to authenticate users, services, and machines on a Windows domain.PetitPotam’ that performs an NTLM relay attack that does not rely...

Read More


Sequoia: CVE-2021-33909- Local Privilege Escalation Vulnerability in Linux’s Filesystem Layer

Description:fs/seq_file.c in the Linux kernel 3.16 through 5.13.x before 5.13.4 does not properly restrict seq buffer allocations, leading to an integer overflow, an Out-of-bounds Write, and escalation to root by an unprivileged user, aka CID-8cae8cd89f05. Impact: Successful exploitation of this vulnerability allows any unprivileged user to gain root privileges on the vulnerable host. Mitigation: Updates are available. Please see the references or vendor advisory for...

Read More


Page 22 of 132« First...10...2021222324...304050...Last »