Category Archives: Vulnerabilities

SAP Patches Critical Vulnerabilities in Environmental Compliance

By Ionut Arghire On Tuesday, its October 2021 Security Patch Day, SAP announced the release of 13 new security notes and an update for a previously released note. Three of the notes are rated Hot News. The most important of SAP’s security notes (https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=587169983) deals with two critical vulnerabilities in SAP Environmental Compliance. Tracked as CVE-2020-10683 and CVE-2021-23926 (CVSS […]

Adobe Patches Critical Code Execution Vulnerabilities in Several Products

By Eduard Kovacs Adobe on Tuesday announced that it has patched a total of 10 vulnerabilities across its Acrobat and Reader, Connect, Commerce, and Campaign Standard products. Adobe has patched (https://helpx.adobe.com/security.html/security/security-bulletin.ug.html) four vulnerabilities in Acrobat and Reader for Windows and macOS. Two of the flaws, described as use-after-free and out-of-bounds issues, have been classified as critical and […]

Microsoft October 2021 Patch Tuesday fixes 4 zero-days, 71 flaws

Today is Microsoft’s October 2021 Patch Tuesday, and with it comes fixes for four zero-day vulnerabilities and a total of 74 flaws. Microsoft has fixed 74 vulnerabilities (81 including Microsoft Edge) with today’s update, with three classified as Critical, and 70 as Important, and one as Low. These 81 vulnerabilities (including Microsoft Edge) are classified as: 21 […]

Apache Warns of Zero-Day Exploit in the Wild — Patch Your Web Servers Now!

Apache has issued patches to address two security vulnerabilities, including a path traversal and file disclosure flaw in its HTTP server that it said is being actively exploited in the wild. “A flaw was found in a change made to path normalization in Apache HTTP Server 2.4.49. An attacker could use a path traversal attack […]

Critical Cisco Bugs Allow Code Execution on Wireless, SD-WAN

By Tara Seals Unauthenticated cyberattackers can also wreak havoc on networking device configurations. Cisco is warning three critical security vulnerabilities affect its flagship IOS XE software, the operating system for most of its enterprise networking portfolio. The flaws impact Cisco’s wireless controllers, SD-WAN offering and configuration mechanisms in use for scads of products. The networking […]