Category Archives: Vulnerabilities

Critical Vulnerability in XZ Utils

Summary A backdoor has been identified in versions 5.6.0 and 5.6.1 of XZ Utils (assigned CVE-2024-3094), which under some conditions may allow RCE via SSH authentication in specific versions of certain Linux distributions. Affected products There are many distributions that are potentially impacted by CVE-2024-3094. The following vendors have publicly addressed the vulnerability: Distro Notes […]

Apache Vulnerability Log4j RCE (CVE-2021-44228)

A critical vulnerability (CVE-2021-44228) has recently been discovered that affects Log4j versions from 2.0-beta9 to 2.14.1, and is critical as it can be remotely exploited by a non-authenticated attacker allowing remote code execution (RCE). The vulnerability is rated 10 out of 10 in the Common Vulnerability Rating System (CVSS), which describes how serious the vulnerability […]

SAP Patches Critical Vulnerabilities in Environmental Compliance

By Ionut Arghire On Tuesday, its October 2021 Security Patch Day, SAP announced the release of 13 new security notes and an update for a previously released note. Three of the notes are rated Hot News. The most important of SAP’s security notes ( deals with two critical vulnerabilities in SAP Environmental Compliance. Tracked as CVE-2020-10683 and CVE-2021-23926 (CVSS […]

Adobe Patches Critical Code Execution Vulnerabilities in Several Products

By Eduard Kovacs Adobe on Tuesday announced that it has patched a total of 10 vulnerabilities across its Acrobat and Reader, Connect, Commerce, and Campaign Standard products. Adobe has patched ( four vulnerabilities in Acrobat and Reader for Windows and macOS. Two of the flaws, described as use-after-free and out-of-bounds issues, have been classified as critical and […]

Microsoft October 2021 Patch Tuesday fixes 4 zero-days, 71 flaws

Today is Microsoft’s October 2021 Patch Tuesday, and with it comes fixes for four zero-day vulnerabilities and a total of 74 flaws. Microsoft has fixed 74 vulnerabilities (81 including Microsoft Edge) with today’s update, with three classified as Critical, and 70 as Important, and one as Low. These 81 vulnerabilities (including Microsoft Edge) are classified as: 21 […]