QNAP OpenSSL

Community-attached storage (NAS) equipment maker QNAP mentioned it is currently investigating two just lately patched safety flaws in OpenSSL to find out their potential affect, including it’ll launch safety updates ought to its merchandise change into susceptible. Tracked as CVE-2021-3711 (CVSS rating: 7.5) and CVE-2021-3712 (CVSS rating: 4.4), the weaknesses concern a high-severity buffer overflow […]

Kaseya

U.S. expertise agency Kaseya has released safety patches to deal with two zero-day vulnerabilities affecting its Unitrends enterprise backup and continuity resolution that might lead to privilege escalation and authenticated distant code execution. The 2 weaknesses are a part of a trio of vulnerabilities found and reported by researchers on the Dutch Institute for Vulnerability […]

Enterprise safety and community equipment vendor F5 has launched patches for greater than two dozen security vulnerabilities affecting a number of variations of BIG-IP and BIG-IQ gadgets that would probably permit an attacker to carry out a variety of malicious actions, together with accessing arbitrary recordsdata, escalating privileges, and executing JavaScript code. Of the 29 […]

VMware

VMware on Wednesday shipped security updates to handle vulnerabilities in a number of merchandise that could possibly be probably exploited by an attacker to take management of an affected system. The six safety weaknesses (from CVE-2021-22022 by way of CVE-2021-22027, CVSS scores: 4.4 – 8.6) have an effect on VMware vRealize Operations (previous to model […]

VMware

VMware has launched safety updates for a number of merchandise to handle a important vulnerability that could possibly be exploited to realize entry to confidential data. Tracked as CVE-2021-22002 (CVSS rating: 8.6) and CVE-2021-22003 (CVSS rating: 3.7), the failings have an effect on VMware Workspace One Entry (Entry), VMware Id Supervisor (vIDM), VMware vRealize Automation […]

The maintainers of Python Bundle Index (PyPI) final week issued fixes for 3 vulnerabilities, one amongst which may very well be abused to realize arbitrary code execution and take full management of the official third-party software program repository. The safety weaknesses had been discovered and reported by Japanese safety researcher RyotaK, who up to now […]

The latest replace fixes a complete of eight vulnerabilities affecting the desktop variations of the favored browser. Google has rolled out an replace for its Chrome internet browser that fixes a variety of vulnerabilities, together with a zero-day flaw that has been identified to be actively exploited within the wild. The safety loopholes have an […]

Apple on Monday rolled out safety updates for iOS, macOS, tvOS, watchOS, and Safari net browser to repair a number of vulnerabilities, together with an actively exploited zero-day flaw in macOS Large Sur and increase patches for 2 beforehand disclosed zero-day flaws. Tracked as CVE-2021-30713, the zero-day considerations a permissions challenge in Apple’s Transparency, Consent, […]

Google on Wednesday up to date its Might 2021 Android Safety Bulletin to reveal that 4 of the safety vulnerabilities that had been patched earlier this month by Arm and Qualcomm might have been exploited within the wild as zero-days. “There are indications that CVE-2021-1905, CVE-2021-1906, CVE-2021-28663 and CVE-2021-28664 could also be below restricted, focused […]