Category Archives: Vulnerabilities

Apache has issued patches to address two security vulnerabilities, including a path traversal and file disclosure flaw in its HTTP server that it said is being actively exploited in the wild. “A flaw was found in a change made to path normalization in Apache HTTP Server 2.4.49. An attacker could use a path traversal attack […]

By Tara Seals Unauthenticated cyberattackers can also wreak havoc on networking device configurations. Cisco is warning three critical security vulnerabilities affect its flagship IOS XE software, the operating system for most of its enterprise networking portfolio. The flaws impact Cisco’s wireless controllers, SD-WAN offering and configuration mechanisms in use for scads of products. The networking […]

By Lisa Vaas Hundreds of thousands of email credentials, many of which double as Active Directory domain credentials, came through to credential-trapping domains in clear text. Guardicore security researcher Amit Serper has discovered a severe design bug in Microsoft Exchange’s autodiscover (https://docs.microsoft.com/en-us/exchange/architecture/client-access/autodiscover?view=exchserver-2019) – a protocol that lets users easily configure applications such as Microsoft Outlook with just […]

By Charlie Fripp Google’s Chrome is one of the most popular browsers globally, used by billions of people. So, when issues in the code are discovered, Google needs to act quickly. Not only to protect users but also the company’s security reputation. A case in point? Several vulnerabilities have been recorded in the latest version […]

Adobe releases security updates for 59 bugs affecting its core products, including Adobe Acrobat Reader, XMP Toolkit SDK and Photoshop. Adobe is urging its throngs of Acrobat Reader users to update their software to fix critical vulnerabilities that could allow adversaries to execute arbitrary code on unpatched versions. The warnings are part of the firm’s September […]