Critical VMware vCenter Server vulnerability (CVE-2021-22005) being exploited in the wild
FortiGuard Labs is aware that VMware disclosed a critical vulnerability (CVE-2021-22005) on September 21st, 2021 that affects vCenter Server versions 6.7 and 7.0. A malicious...
Multiple Agency Announcement on APT Actors Exploiting Zoho ManageEngine ADSelfService Plus (AA21-259A)
On September 16th, the Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and United States Coast Guard Cyber Command (CGCYBER) released...
A Vulnerability in Polkit’s pkexec Component Could Allow For Local Privilege Escalation
A vulnerability in Polkit's pkexec component could allow for local privilege escalation. Polkit (formerly PolicyKit) is a component for controlling system-wide privileges in Unix-like operating...
DSA-5063 uriparser – security update
Two vulnerabilities were discovered in uriparser, a library that parses Uniform Resource Identifiers (URIs), which may result in denial of service or potentially in the...
A Vulnerability in F5Networks BIG-IP Could Allow for Denial of Service
A vulnerability has been discovered in F5Networks BIG-IP, which could result in a denial-of-service (DoS). BIG-IP is a family of products covering software and hardware...
DSA-5062 nss – security update
Tavis Ormandy discovered that incorrect parsing of pkcs7 sequences in nss, the Mozilla Network Security Service library, may result in denial of service. Read More
DSA-5061 wpewebkit – security update
The following vulnerabilities have been discovered in the wpewebkit web engine: Read More
DSA-5060 webkit2gtk – security update
The following vulnerabilities have been discovered in the webkit2gtk web engine: Read More
DSA-5059 policykit-1 – security update
The Qualys Research Labs discovered a local privilege escalation in PolicyKit's pkexec. Read More